urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Submission: On November 06 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 71 IPs in 11 countries across 86 domains to perform 504 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 172.217.16.193 15169 (GOOGLE)
12 142.250.74.194 15169 (GOOGLE)
2 142.250.184.232 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
7 152.199.21.70 15133 (EDGECAST)
40 151.101.193.44 54113 (FASTLY)
1 2 162.210.196.208 30633 (LEASEWEB-...)
2 104.26.5.103 13335 (CLOUDFLAR...)
2 151.101.130.137 54113 (FASTLY)
1 178.250.1.11 44788 (ASN-CRITE...)
3 216.239.32.36 15169 (GOOGLE)
4 151.101.1.44 54113 (FASTLY)
16 185.106.33.48 200478 (TABOOLA-AS)
3 142.250.185.97 15169 (GOOGLE)
4 3.233.145.247 14618 (AMAZON-AES)
10 23.97.225.52 8075 (MICROSOFT...)
3 142.250.185.138 15169 (GOOGLE)
14 185.180.223.67 49981 (WORLDSTREAM)
5 142.250.185.194 15169 (GOOGLE)
1 104.16.86.20 13335 (CLOUDFLAR...)
7 11 185.89.210.90 29990 (ASN-APPNEX)
3 16 172.64.151.101 13335 (CLOUDFLAR...)
2 3.124.160.8 16509 (AMAZON-02)
3 147.75.84.158 54825 (PACKET)
1 54.77.250.56 16509 (AMAZON-02)
3 7 35.227.252.103 15169 (GOOGLE)
2 69.173.144.137 26667 (RUBICONPR...)
2 213.19.162.41 3356 (LEVEL3)
5 184.30.21.51 16625 (AKAMAI-AS)
4 25 51.89.9.253 16276 (OVH)
2 54.155.236.110 16509 (AMAZON-02)
2 34.120.63.153 396982 (GOOGLE-CL...)
9 172.67.10.198 13335 (CLOUDFLAR...)
2 3.73.254.34 16509 (AMAZON-02)
1 3 91.228.74.208 16509 (AMAZON-02)
8 141.226.228.48 200478 (TABOOLA-AS)
10 52.223.40.198 16509 (AMAZON-02)
1 5 54.228.148.187 16509 (AMAZON-02)
8 184.30.22.30 16625 (AKAMAI-AS)
9 31 142.250.186.162 15169 (GOOGLE)
49 172.217.18.2 15169 (GOOGLE)
23 142.250.185.161 15169 (GOOGLE)
5 142.250.181.228 15169 (GOOGLE)
5 142.250.185.74 15169 (GOOGLE)
1 1 51.83.220.94 16276 (OVH)
1 178.250.1.8 44788 (ASN-CRITE...)
3 185.29.134.248 30419 (MEDIAMATH...)
2 5 69.173.144.165 26667 (RUBICONPR...)
4 4 154.54.250.150 26558 (FREEWHEEL)
3 7 69.173.144.138 26667 (RUBICONPR...)
1 1 185.86.138.155 201081 (SMARTADSE...)
3 35.244.174.68 15169 (GOOGLE)
2 5 52.46.143.56 16509 (AMAZON-02)
3 5 3.75.62.37 16509 (AMAZON-02)
5 8 3.123.247.10 16509 (AMAZON-02)
3 3 52.214.193.22 16509 (AMAZON-02)
1 2 212.8.250.228 49981 (WORLDSTREAM)
1 1 23.56.202.187 16625 (AKAMAI-AS)
1 141.226.224.32 200478 (TABOOLA-AS)
1 18.66.97.52 16509 (AMAZON-02)
1 167.235.184.171 24940 (HETZNER-AS)
1 13.32.99.81 16509 (AMAZON-02)
2 3 76.223.111.18 16509 (AMAZON-02)
3 142.250.185.131 15169 (GOOGLE)
2 172.64.149.180 13335 (CLOUDFLAR...)
2 198.47.127.18 3257 (GTT-BACKB...)
4 4 37.157.3.20 198622 (ADFORM)
1 142.250.185.198 15169 (GOOGLE)
1 1 188.42.191.196 7979 (SERVERS-COM)
1 1 8.2.108.194 46636 (NATCOWEB)
1 35.205.65.172 396982 (GOOGLE-CL...)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
7 2.18.161.51 16625 (AKAMAI-AS)
2 193.108.153.19 20940 (AKAMAI-ASN1)
2 130.211.44.5 15169 (GOOGLE)
1 142.250.184.226 15169 (GOOGLE)
1 172.217.163.35 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
504 71
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
4    172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f193.1e100.net
cdn.ampproject.org
12    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
securepubads.g.doubleclick.net
2    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
7    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
40    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
2    162.210.196.208 (Annandale, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
2    104.26.5.103 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
16    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
3    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
4    3.233.145.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-145-247.compute-1.amazonaws.com
http-intake.logs.datadoghq.com
10    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
3    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
fonts.googleapis.com
14    185.180.223.67 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-67.hosted-by-worldstream.net
ad.vidverto.io
5    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googletagservices.com
1    104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
11    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
16    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    3.124.160.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-160-8.eu-central-1.compute.amazonaws.com
tlx.3lift.com
3    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    54.77.250.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
ads.servenobid.com
7    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
2    213.19.162.41 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
5    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
25    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
2    54.155.236.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
2    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
9    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
2    3.73.254.34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-254-34.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
3    91.228.74.208 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
8    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
sync.taboola.com
10    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
5    54.228.148.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-148-187.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
8    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
31    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
49    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
pagead2.googlesyndication.com
23    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
tpc.googlesyndication.com
5    142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net
www.google.com
5    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
imasdk.googleapis.com
1    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
1    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
token.rubiconproject.com
4    154.54.250.150 (Saint-Denis, France)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
7    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
5    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
8    3.123.247.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-247-10.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    52.214.193.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-193-22.eu-west-1.compute.amazonaws.com
ad.360yield.com
match.360yield.com
2    212.8.250.228 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 212-8-250-228.hosted-by-worldstream.net
ad.mox.tv
1    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    18.66.97.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-52.fra56.r.cloudfront.net
rules.quantcount.com
1    167.235.184.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.171.184.235.167.clients.your-server.de
inv-nets.admixer.net
1    13.32.99.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-81.fra60.r.cloudfront.net
live.primis.tech
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
2    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
4    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
s0.2mdn.net
1    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    35.205.65.172 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.65.205.35.bc.googleusercontent.com
cookiesync.api.bliink.io
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
7    2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com
t.teads.tv
t2.teads.tv
2    193.108.153.19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-19.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
2    130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
pubads.g.doubleclick.net
1    172.217.163.35 (United States)

ASN15169 (GOOGLE, US)
PTR: maa05s01-in-f3.1e100.net
csi.gstatic.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
75 googlesyndication.com
92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
723 KB
69 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
trc.taboola.com — Cisco Umbrella Rank: 705
vidstat.taboola.com — Cisco Umbrella Rank: 3029
il-trc-events.taboola.com — Cisco Umbrella Rank: 20251
images.taboola.com — Cisco Umbrella Rank: 1923
imprammp.taboola.com — Cisco Umbrella Rank: 15442
am-match.taboola.com — Cisco Umbrella Rank: 15833
wf.taboola.com — Cisco Umbrella Rank: 3148
am-vid-events.taboola.com — Cisco Umbrella Rank: 15082
pips.taboola.com — Cisco Umbrella Rank: 1694
cds.taboola.com — Cisco Umbrella Rank: 1933
am-wf.taboola.com — Cisco Umbrella Rank: 17326
vidstatb.taboola.com — Cisco Umbrella Rank: 5039
sync.taboola.com — Cisco Umbrella Rank: 1322
1 MB
45 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
ad.doubleclick.net Failed
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 Failed
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401 Failed
410 KB
25 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
39 KB
25 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
eus.rubiconproject.com — Cisco Umbrella Rank: 602
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2394
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
token.rubiconproject.com — Cisco Umbrella Rank: 458
73 KB
16 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
a5174.casalemedia.com Failed
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
16 KB
15 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16569
e3.adpushup.com — Cisco Umbrella Rank: 19508
301 KB
14 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 30159
cdn.vidverto.io Failed
249 KB
12 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
t2.teads.tv — Cisco Umbrella Rank: 25995 Failed
t.teads.tv — Cisco Umbrella Rank: 2845 Failed
sync.teads.tv Failed
s8t.teads.tv Failed
40 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
acdn.adnxs.com Failed
8 KB
10 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
4 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
2 KB
10 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
x.bidswitch.net — Cisco Umbrella Rank: 351
10 KB
9 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com — Cisco Umbrella Rank: 2822
static.smilewanted.com — Cisco Umbrella Rank: 9244
17 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
979 KB
7 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
adpushup-d.openx.net Failed
us-u.openx.net Failed
714 B
5 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com Failed
3 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
mts0.google.com Failed
2 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
297 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 496
tps.doubleverify.com — Cisco Umbrella Rank: 515
tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 11101
105 KB
4 gstatic.com
www.gstatic.com Failed
fonts.gstatic.com
csi.gstatic.com
71 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 599 Failed
cm.adform.net Failed
2 KB
4 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
2 KB
4 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8487
1009 B
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
90 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 781
match.360yield.com — Cisco Umbrella Rank: 2249
1 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 728
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
1 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
10 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
430 B
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
350 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674 Failed
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
2 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 42792
302 B
2 pubmatic.com
image2.pubmatic.com Failed
image8.pubmatic.com — Cisco Umbrella Rank: 662
image6.pubmatic.com Failed
78 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
cs.media.net Failed
contextual.media.net Failed
3 KB
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
1 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
bidder.criteo.com — Cisco Umbrella Rank: 757 Failed
ssp-sync.criteo.com Failed
492 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
60 KB
2 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15951
40 KB
2 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30610
sync.aralego.com — Cisco Umbrella Rank: 3112 Failed
1 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27295
12 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 15116
c.statcounter.com — Cisco Umbrella Rank: 9937
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
180 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
760 B
1 bliink.io
cookiesync.api.bliink.io — Cisco Umbrella Rank: 10511
174 B
1 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3060
496 B
1 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
613 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
527 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300 Failed
61 KB
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2430
262 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
634 B
1 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
302 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10367
258 B
1 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2437
public.servenobid.com Failed
655 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
2 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
18 KB
0 sportradarserving.com Failed
a.sportradarserving.com Failed
0 1rx.io Failed
sync.1rx.io Failed
0 richaudience.com Failed
sync.richaudience.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 w55c.net Failed
pm.w55c.net Failed
0 googleadservices.com Failed
partner.googleadservices.com Failed
www.googleadservices.com Failed
0 mediago.io Failed
trace.mediago.io Failed
0 rfihub.com Failed
a.rfihub.com Failed
0 tremorhub.com Failed
google.partners.tremorhub.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 ad4m.at Failed
ad4m.at Failed
0 adentifi.com Failed
rtb.adentifi.com Failed
0 liadm.com Failed
i.liadm.com Failed
0 smartclip.net Failed
ad.sxp.smartclip.net Failed
0 smartstream.tv Failed
ads.smartstream.tv Failed
0 cloudfront.net Failed
d2q8xv8xf7whrd.cloudfront.net Failed
0 yahoo.net Failed
hb.yahoo.net Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 lijit.com Failed
ce.lijit.com Failed
ap.lijit.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 linkedin.com Failed
px.ads.linkedin.com Failed
0 inmobi.com Failed
sync.inmobi.com Failed
0 sharethrough.com Failed
match.sharethrough.com Failed
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 blismedia.com Failed
tr.blismedia.com Failed
0 criteo.net Failed
static.criteo.net Failed
0 vidver.to Failed
ad.vidver.to Failed
504 86
Domain Requested by
49 pagead2.googlesyndication.com www.bg3.co
ads.aralego.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
tpc.googlesyndication.com
imasdk.googleapis.com
cdn.adpushup.com
www.googletagservices.com
securepubads.g.doubleclick.net
25 onetag-sys.com 4 redirects cdn.adpushup.com
ad.vidverto.io
onetag-sys.com
www.bg3.co
csync.smilewanted.com
googleads.g.doubleclick.net
23 cm.g.doubleclick.net 9 redirects onetag-sys.com
googleads.g.doubleclick.net
92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
www.bg3.co
23 tpc.googlesyndication.com www.bg3.co
92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
16 il-trc-events.taboola.com www.bg3.co
16 cdn.taboola.com www.bg3.co
cdn.taboola.com
14 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
14 images.taboola.com www.bg3.co
12 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
10 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
onetag-sys.com
www.bg3.co
ssum-sec.casalemedia.com
cdn.adpushup.com
10 e3.adpushup.com www.bg3.co
9 ib.adnxs.com 5 redirects cdn.adpushup.com
www.bg3.co
googleads.g.doubleclick.net
8 x.bidswitch.net 5 redirects onetag-sys.com
am-match.taboola.com
8 googleads.g.doubleclick.net www.bg3.co
pagead2.googlesyndication.com
googleads.g.doubleclick.net
8 eus.rubiconproject.com imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
ads.aralego.com
cdn.adpushup.com
7 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
7 pixel.rubiconproject.com 3 redirects onetag-sys.com
www.bg3.co
7 rtb.openx.net 3 redirects cdn.adpushup.com
6 t2.teads.tv www.bg3.co
6 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
onetag-sys.com
5 ups.analytics.yahoo.com 3 redirects onetag-sys.com
5 s.amazon-adsystem.com 2 redirects onetag-sys.com
www.bg3.co
ssum-sec.casalemedia.com
5 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
5 www.google.com www.bg3.co
92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
5 pr-bh.ybp.yahoo.com 1 redirects imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
5 a.teads.tv cdn.adpushup.com
a.teads.tv
5 htlb.casalemedia.com cdn.adpushup.com
5 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 ssum-sec.casalemedia.com 1 redirects www.bg3.co
ssum-sec.casalemedia.com
js-sec.indexww.com
4 c1.adform.net 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
4 token.rubiconproject.com 1 redirects eus.rubiconproject.com
www.bg3.co
4 ads.stickyadstv.com 4 redirects
4 http-intake.logs.datadoghq.com cdn.adpushup.com
4 trc.taboola.com cdn.taboola.com
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 am-wf.taboola.com vidstat.taboola.com
3 fonts.gstatic.com fonts.googleapis.com
ad.vidverto.io
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 id.rlcdn.com onetag-sys.com
3 sync.mathtag.com onetag-sys.com
3 prebid.a-mo.net cdn.adpushup.com
3 fonts.googleapis.com cdn.taboola.com
92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
3 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 region1.google-analytics.com www.googletagmanager.com
2 cdn.doubleverify.com a.teads.tv
www.bg3.co
2 image8.pubmatic.com onetag-sys.com
2 secure.adnxs.com 2 redirects
2 ad.mox.tv 1 redirects onetag-sys.com
2 ad.360yield.com 2 redirects
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 grid.bidswitch.net cdn.adpushup.com
2 prebid.smilewanted.com cdn.adpushup.com
2 prebid.media.net cdn.adpushup.com
2 hb-api.omnitagjs.com cdn.adpushup.com
2 fastlane.rubiconproject.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 tlx.3lift.com cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 cdn.aralego.net www.bg3.co
ads.aralego.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 delivery.adrecover.com www.bg3.co
2 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
1 tpsc-ew1.doubleverify.com cdn.doubleverify.com
1 csi.gstatic.com imasdk.googleapis.com
1 tps.doubleverify.com cdn.doubleverify.com
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 googleads4.g.doubleclick.net www.bg3.co
1 match.360yield.com 1 redirects
1 um.simpli.fi 1 redirects
1 sync.taboola.com am-match.taboola.com
1 t.teads.tv www.bg3.co
1 vidstatb.taboola.com www.bg3.co
1 cookiesync.api.bliink.io csync.smilewanted.com
1 us.ck-ie.com 1 redirects
1 ads.betweendigital.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 static.smilewanted.com csync.smilewanted.com
1 js-sec.indexww.com ssum-sec.casalemedia.com
cdn.adpushup.com
1 cms.quantserve.com 1 redirects
1 live.primis.tech www.bg3.co
1 pixel.quantserve.com www.bg3.co
1 s0.2mdn.net www.bg3.co
imasdk.googleapis.com
s0.2mdn.net
1 inv-nets.admixer.net ad.vidverto.io
1 rules.quantcount.com secure.quantserve.com
1 cds.taboola.com cdn.taboola.com
1 secure-assets.rubiconproject.com 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 pips.taboola.com cdn.taboola.com
1 a4p.adpartner.pro 1 redirects
1 imprammp.taboola.com vidstat.taboola.com
1 secure.quantserve.com cdn.adpushup.com
1 ads.servenobid.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 ad.doubleclick.net Failed www.bg3.co
0 s8t.teads.tv Failed www.bg3.co
0 sync.teads.tv Failed a.teads.tv
0 image6.pubmatic.com Failed googleads.g.doubleclick.net
0 a.sportradarserving.com Failed googleads.g.doubleclick.net
0 ssp-sync.criteo.com Failed csync.smilewanted.com
0 cm.adform.net Failed csync.smilewanted.com
0 sync.1rx.io Failed csync.smilewanted.com
0 sync.richaudience.com Failed csync.smilewanted.com
0 ap.lijit.com Failed csync.smilewanted.com
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
0 pm.w55c.net Failed ssum-sec.casalemedia.com
0 us-u.openx.net Failed googleads.g.doubleclick.net
0 contextual.media.net Failed cdn.adpushup.com
0 acdn.adnxs.com Failed cdn.adpushup.com
0 public.servenobid.com Failed cdn.adpushup.com
0 adpushup-d.openx.net Failed cdn.adpushup.com
0 www.googleadservices.com Failed www.bg3.co
0 partner.googleadservices.com Failed pagead2.googlesyndication.com
0 trace.mediago.io Failed 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
0 a.rfihub.com Failed 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
0 google.partners.tremorhub.com Failed 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
0 sync.go.sonobi.com Failed 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
0 mts0.google.com Failed 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
0 b1sync.zemanta.com Failed ssum-sec.casalemedia.com
0 ad4m.at Failed ssum-sec.casalemedia.com
0 rtb.adentifi.com Failed ssum-sec.casalemedia.com
0 i.liadm.com Failed ssum-sec.casalemedia.com
0 ad.sxp.smartclip.net Failed googleads.g.doubleclick.net
0 ads.smartstream.tv Failed googleads.g.doubleclick.net
0 www.gstatic.com Failed 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
0 a5174.casalemedia.com Failed cdn.adpushup.com
0 d2q8xv8xf7whrd.cloudfront.net Failed cdn.adpushup.com
0 hb.yahoo.net Failed www.bg3.co
0 pixel.tapad.com Failed www.bg3.co
0 sync.ipredictive.com Failed www.bg3.co
0 ce.lijit.com Failed www.bg3.co
0 match.prod.bidr.io Failed www.bg3.co
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 px.ads.linkedin.com Failed www.bg3.co
0 cdn.vidverto.io Failed www.bg3.co
0 sync.inmobi.com Failed 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
0 match.sharethrough.com Failed 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
0 cs.media.net Failed 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
googleads.g.doubleclick.net
0 match.adsby.bidtheatre.com Failed 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
0 tr.blismedia.com Failed 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
0 static.criteo.net Failed cdn.adpushup.com
0 image2.pubmatic.com Failed onetag-sys.com
0 ad.vidver.to Failed www.bg3.co
0 sync.aralego.com Failed ads.aralego.com
www.bg3.co
0 static.bg3.co Failed www.bg3.co
504 154
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
ad.vidverto.io
R3		 2023-09-24 -
2023-12-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.a-mo.net
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2022-11-21 -
2023-12-22		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.api.bliink.io
GoGetSSL RSA DV CA		 2023-05-22 -
2024-06-21		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2023-09-29 -
2024-09-28		 a year crt.sh

This page contains 66 frames:

Primary Page: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Frame ID: 8808A226B60029AB82677C43E6F869A3
Requests: 214 HTTP requests in this frame

Frame: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B63A6B672DC4780233CD727352F650A2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_sfiEUfMmsR41O4QtZdAWK3-AjmNsis_7ksGmBi6seGFMYY84LCZSXYYxT4LfrpASQHPvQOQjkLoKzEpYz1N3rs-l-EBH4eOajNkds7dcQ4Nu0Z5FbZJMdqGzfrU9AjzrvnJmbRsZ5z7BEVZOSRNm6zuNIQ4966bkxWrrUgnpwL-lB1vgMX1xxuzcoExFVYAd83pKGBM69XvY-F3uu0AdjWON0empNyK_kMMLnGdpSLSDL72UgVhDWWdG5OCE5nNnod6J4mbbsZDaKg5hmPVUcGI7f13OixVX5NOZiPVnrAHW-rsLi9Jd8qtRPd1VEDSJHA&sai=AMfl-YSuVJ1ssCHFkqA8S7X1AyMd2e2kYL1pd73DwIHF3KwSwWnUEawdTbDha2uTZFpakyT473ZqTTGj855BtMVsulQIqsLEfE1J4NhSvEtTDv-RQHKrXQsPKYT4ExOjxifWw7gB6J8X-B3qlbC_EuKw&sig=Cg0ArKJSzNyuSIZTYdu3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: B9188CF20E01A5BBEB4FD38E13C49B98
Requests: 4 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&cmcv=&pix=undefined&cb=1699281044492&uv=146687325&tms=1699281044492&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!eidc_vA!lvlstst-in2_vA!lvlstst1_vA!pl146687-346_vB!t45!t45!ufm_vD!v146687h_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ad5a851a-afd7-46e7-a0c9-19eba1ddf523&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: E6E6E27FE33C637082DC386327F0E32E
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 9CB36D272C78FEA2E1201CB4ECFE07FB
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 19E58AC6F1535E963470D27B27862B17
Requests: 3 HTTP requests in this frame

Frame: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4268597481BC1A0FCAD6111051DA3CA2
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGNn-0_oBMAE&v=APEucNVWkfaMWrTL7yYsGE_W6nAP8K1VDHGIwN_mr77MGyCOd0sj4zvLpq1B9ig_h-IIDvIhKZk_CJoOA_eCpv-8g1PDH9ngrA
Frame ID: 02B48E76FBDDA185501D26436AB4AAA7
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 14EC1E6D35D127F443E582E7AE8B844D
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 1AE10681526DB558488252E917B8DAD9
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 69564A4050B9A42014FC6C2C3F1447D5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: F60C929B66F820467268EA394A37F7D1
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 61D8F13342164ED9D358E9906E8B87EA
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 955E76BE7452E5E80D852A20BD617F33
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 672BBAD1CCD92DA2A8363F002D07D8CB
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Frame ID: D088005FFD54F95201C5EFE3C88C7340
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7442D01B0E1F46A949105816CBC40DEE
Requests: 1 HTTP requests in this frame

Frame: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FF4CE59D0E737B146642278724386100
Requests: 20 HTTP requests in this frame

Frame: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Frame ID: 7BE17D070221170C3E55C4F2C5D826C0
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Frame ID: C386569C7E3F1443EB5B3A187A1E1646
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFRSiuMAgPt9p4q-OfQdxgVPjnGNSYI42xtF-W_2bw_PxRyH12Bk5O4VkchLtObTt9ZMYKvLSToGU4OgX284gQzTfBThm_O2pHjGLvtE7hBVlOJe-eYrIcA7RrrgXhwuODB67VLTDEj061TUoOp3P_a3CoRGDxqPH0jXGWeNz0DDD_pzYcJE-HIPI9WthABNkCvbGa2l7g_nbCrhYGdVvqqYhZ7saK2eCyrTQ9Ybaf4d4u0Wg7Vqu3qRkwARxOFgl_ZDop-FWa97YNZpYGKHqNiAimtIUfEO8xC01ulMn5B7X8FaFLR9a2dOcSxzAd6p0550XWwDzUCGqHM8Nt_S-i5Vriz17V&sai=AMfl-YQw6cLN-QZ3_kAkF1K3owv5-polfKYhO8m7ny5c54mDb12jmcCZ7b0xMuwJZrPLSy8NO5YRH_vCG36eGDDKnBA8eMjRAsD30Lzkx23YYBSIwl7r7UuZbNrdodbcjU8&sig=Cg0ArKJSzBBdz2FYEZmCEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E068E16675961D655E643A98C5332369
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGNn-0_oBMAE&v=APEucNV2Y4DJ5BSmlxOyLMdG1pA_4clvop8mJGqza5d1t9d4J4YCDxI4a9tngFKepPLw34H9O7FRak0IU-6uXueQX4TdwbKD0Q
Frame ID: E0BABC59AF441EA4CD099FA2E15F90D2
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Frame ID: 3A03362D02E4B88F698A5FFEF4674116
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AE0E8551C4F6E6E7245491A27AEAFDEE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Frame ID: A495CE3292072CC705F4FB4DEB45CE5E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js
Frame ID: 5E298D13CDE35A73172921CADEF8DC33
Requests: 1 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: 89AD8CA5FBB93F9DCC06EDCF7BA72237
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2C9FEB77795954EDB649D155667FEDF5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 86D5E1FCF54BDD2A6737AC2D55F78117
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 881874AA79D865C71C17E5960535E2C2
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 75B739A80CECEDAA927C9E93C6C3488F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1699281045701
Frame ID: 5F5FD58289518CF14D8668F978D87F64
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B233EEF5D5F47100416DE7F8E44708ED
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 7C6D0011E1A622462808043D757B9103
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5C48780B2F321C755837233242EB02D7
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 7A197E89647A0A5496C365C1DE61CD89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjdWBCR3NjJBRin3dP7ATAB&v=APEucNWmYuIj3N4on-2wJMLdIHDBkgzbnM5NLi2ZAAAJ46m4G3dDsyc450qOekK0WBP72ftjrKKv69Kc2Dx8TwHSgaBO4bnWXQ
Frame ID: FD728E9863BA70703429D7EDF5B72066
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 3F4D266255BA5BBFCA19E63B4F355575
Requests: 18 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BDCBB7872C1B6C11C82F3C51FBC4CA0A
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 9EC7E0173E70E42D55914029AAF17C2A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: B52DF67B51E736C24FB76E02A3EBC13D
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E9ED6FE968742C6D49E62062FA45AE75
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 5780E7888ACE53E466E148933CE3D05E
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Frame ID: 5A0917F052CFB24D5ED381CA1C5F2C3A
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
Frame ID: 5F59FB4B1183EB398089CB8440A6FB14
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EC3ABEDB3052D595A968998F1157D6B0
Requests: 9 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/c45cc90a-3a1d-5236-b63d-3063d375c8f4
Frame ID: DF6DBB6AA2DEE4171FB520CD21115EEE
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/446dcf91fd5ac2d8e2e0794fcdf2a3a4f916f892a4a6a08acfc5e1fe451264a4
Frame ID: D8A5FD47E195D55B195CEA15CBFD2F6D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: 780463CF6E5238906319D6963A9DC023
Requests: 1 HTTP requests in this frame

Frame: https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
Frame ID: B88C1787ADB10BBE887F3968A8C3D3EB
Requests: 1 HTTP requests in this frame

Frame: https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Frame ID: DB7C406D7ED5F9EB98C4B913EDB2794E
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 93728C3E818566BC0B948753CA83FF63
Requests: 4 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/4f188bc43cbff39d850495a97db9b7c?gdpr_consent=&gdpr=0
Frame ID: 4FC372C19B4B44FEF12C632F702E468A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B2C8B7FFD039ED77FAF975A8D2C50D06
Requests: 3 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178&viewerId=efb1620c-f688-453c-8ccd-126052553619
Frame ID: D60B73190B10CD07E72264F24DA4FF40
Requests: 1 HTTP requests in this frame

Frame: https://s8t.teads.tv/creative-2c300e30-5c50-11ee-9d56-c50e1e5624e6/performance-image-dco-912cca70-53eb-4fbe-85eb-fa99e362fbce.jpg
Frame ID: 1243CDF3F7F53A85E6B5C5B87D8E52B3
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7782998610513530828/index.html?e=69&leftOffset=0&topOffset=0&c=7JJme3abqI&t=1&renderingType=2&ev=01_250
Frame ID: 86B7AA81457EE554F7F5EF360AAD79EA
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Frame ID: 130C0D4702D3315B954A8F39805457E4
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1E88F520D749AD7B2055EBE657D0C0EB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4866.js
Frame ID: EFF314B8754B0F1C47534085A2BA12CB
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Frame ID: AE0C48A241D71A8C48877DE78CA7E802
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 82A85CA1B61F78C24E86EAE3EBB67C4A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AACF23A0B09E50299085395A7E142FE6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3FE93CBD47503ECBEFF5313982D61582
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4234D1F6E48E4033A7A58C28D6DDDAF4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0DED628B07A8D6C6092888639DFE23FF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

曼谷新人去哪「拍婚紗」?多彩摩洛哥風旅館超夯 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

504
Requests

70 %
HTTPS

0 %
IPv6

86
Domains

154
Subdomains

71
IPs

11
Countries

4868 kB
Transfer

15103 kB
Size

77
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 156
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=5c28b338-8b80-4d11-9ab7-f81d010b1f0d&p_id=23
Request Chain 157
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=5dddf150-824f-492c-9ade-1fe74afe8f80&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=5dddf150-824f-492c-9ade-1fe74afe8f80&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-4352386990154330240 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=c45cc90a-3a1d-5236-b63d-3063d375c8f4&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=64815808-0e60-493b-bad5-d2adccca1543&p_id=15
Request Chain 188
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LON027IV-10-F96X&gdpr=0
Request Chain 189
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7069209738041572370
Request Chain 190
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=4f188bc43cbff39d850495a97db9b7c&gdpr_consent=&gdpr=0
Request Chain 192
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi6ULDKWx18OK6iiu7ATlwQ56ZrjmTT8nWg
Request Chain 193
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=3230359227279246928
Request Chain 195
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=a3NPt_1cEvoyYt2m5KbJVr6ilHZWeH9SqzgFVfLht9E
Request Chain 196
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUJCRDQxQ0MtMzUxMS00MDg1LTlDOEQtRjY2NUMwQzBFRjYz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgkM9PluzuwbQ_nGWXIs7Q&google_cver=1
Request Chain 198
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-0Z0avONE2uFU6NGaVxtW02XguzEAQZM5cTznFtY-~A
Request Chain 200
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.360yield.com/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=64815808-0e60-493b-bad5-d2adccca1543&r=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D446%26user_id%3D%7BPUB_USER_ID%7D%26ssp%3D{SSP}%26gdpr%3D{GDPR}%26gdpr_consent%3D{GDPR_CONSENT}%26ssp%3D{SSP}%26bsw_param%3D{BSW_PARAM} HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=64815808-0e60-493b-bad5-d2adccca1543&r=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D446%26user_id%3D%7BPUB_USER_ID%7D%26ssp%3D%7BSSP%7D%26gdpr%3D%7BGDPR%7D%26gdpr_consent%3D%7BGDPR_CONSENT%7D%26ssp%3D%7BSSP%7D%26bsw_param%3D%7BBSW_PARAM%7D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=446&user_id=413cd1fe-7134-4f0e-8d15-b24bbe02d580&ssp=onetag&gdpr=0&gdpr_consent=&ssp=onetag&bsw_param=64815808-0e60-493b-bad5-d2adccca1543 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=64815808-0e60-493b-bad5-d2adccca1543&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 201
  • https://ad.mox.tv/delivery/sync?userid=5cxk81p_D-S1RpjR2OjtC5fsH6V5pN6H_eTxxC_QYNk&p_id=5 HTTP 301
  • https://ad.mox.tv/delivery/v2/sync?userid=5cxk81p_D-S1RpjR2OjtC5fsH6V5pN6H_eTxxC_QYNk&p_id=5
Request Chain 205
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 206
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/cf3e1201-5e91-3d67-9887-923d8d5f7a00?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-reV3YnVE2oXuFeXtIvtawtdQwNjtkXJHHhVSdX0-~A&redirect=
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtqCFUSs_T7OaToq6vFbvc&google_cver=1
Request Chain 223
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUj4ly0uyDqVghiSXC.figAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtqCFUSs_T7OaToq6vFbvc&google_cver=1&google_hm=2
Request Chain 237
  • https://rtb.openx.net/sync/dds?google_gid=CAESEDmLmu1msX7kWHitymUEEB4&google_cver=1&google_push=AXcoOmQKiIVYAjPytuQsSjIPjjKG1dc8WI_ZsiHyiSKvO9Wf_7fqw3Bhh-3uL9AgUT1t6xD-PwuHH24udfvBbQoL_pihGf89cxEYpg HTTP 302
  • https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEDmLmu1msX7kWHitymUEEB4&google_push=AXcoOmQKiIVYAjPytuQsSjIPjjKG1dc8WI_ZsiHyiSKvO9Wf_7fqw3Bhh-3uL9AgUT1t6xD-PwuHH24udfvBbQoL_pihGf89cxEYpg&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQKiIVYAjPytuQsSjIPjjKG1dc8WI_ZsiHyiSKvO9Wf_7fqw3Bhh-3uL9AgUT1t6xD-PwuHH24udfvBbQoL_pihGf89cxEYpg&google_hm=g8U5aOZqz8svN7gM-Ac0Pg==
Request Chain 243
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LON027IV-10-F96X HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LON027IV-10-F96X HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/cf3e1201-5e91-3d67-9887-923d8d5f7a00?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-reV3YnVE2oXuFeXtIvtawtdQwNjtkXJHHhVSdX0-~A&redirect=
Request Chain 253
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzgwODU3NGUyNDIwYjQxZTExYzhkNDcyNWZhNDRiZDM3ZTViMWEwNA
Request Chain 254
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vaS4RANlSv2BxLXqZlJQmQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vaS4RANlSv2BxLXqZlJQmQ
Request Chain 255
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LON027IV-10-F96X
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG7HId0WOJiXNYWZQcM2VQ0&google_cver=1
Request Chain 260
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/pLldN_VR0jUbhH_lbHDfY8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-QmojKuZE2oJ9wXYL.LiYN2BmdmTtjeNl.0KYBA--~A
Request Chain 262
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LON027IV-10-F96X
Request Chain 265
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LON027IV-10-F96X
Request Chain 266
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LON027IV-10-F96X
Request Chain 267
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LON027IV-10-F96X&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LON027IV-10-F96X&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1wZ0w5ZWU5RTJ1SC5hd3EybEcwQW1zNWJQUnZHZEhxX35B&ovsid=LON027IV-10-F96X&dpid=58160
Request Chain 268
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LON027IV-10-F96X
Request Chain 303
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEAI4_aMwYnE34eheWEGcSAo&google_cver=1
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEPniufZfbQneTLy34HOoyzk&google_cver=1
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUj4ly0uyDqVghiSXC-figAAFDoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECGSC446qNIlIdxCJ3Og8AA&google_cver=1
Request Chain 316
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=tXLAOOV_zTeuJJU55nDZN-UhwmGuJsVj4HaDE3kB
Request Chain 327
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECGSC446qNIlIdxCJ3Og8AA&google_cver=1&google_push=AXcoOmQjPUUky4tDEDGkReK5CR_V8WPnY06S3bTfBRJ8EH-9U9ezvAVyMRRaUqGRFCI3qMDAzm7KmG0JbyDCCf4GN-JOHVDh2J4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECGSC446qNIlIdxCJ3Og8AA&google_hm=ZUj4ly0uyDqVghiSXC-figAAFDoAAAIB&google_nid=index&google_push=AXcoOmQjPUUky4tDEDGkReK5CR_V8WPnY06S3bTfBRJ8EH-9U9ezvAVyMRRaUqGRFCI3qMDAzm7KmG0JbyDCCf4GN-JOHVDh2J4
Request Chain 330
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEB1jvEFXJjD7Rpk2oS5LMTQ&google_cver=1&google_push=AXcoOmQfoT8cN_MvJRc99r9una4Z4Zt0T1L6G3O0CJpQyeOmTiTTslO0B-X8p73Ym2OUBKlCMX782eD899Hh1tYvcZoLOVwmPlE HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQfoT8cN_MvJRc99r9una4Z4Zt0T1L6G3O0CJpQyeOmTiTTslO0B-X8p73Ym2OUBKlCMX782eD899Hh1tYvcZoLOVwmPlE&google_gid=CAESEB1jvEFXJjD7Rpk2oS5LMTQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkxNTg0NjM4MzA1ODI4MDA5MjI2Ng%3D%3D&google_push=AXcoOmQfoT8cN_MvJRc99r9una4Z4Zt0T1L6G3O0CJpQyeOmTiTTslO0B-X8p73Ym2OUBKlCMX782eD899Hh1tYvcZoLOVwmPlE
Request Chain 333
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJs_N4QsUswf90XUFWyiqHQ&google_cver=1&google_push=AXcoOmTsL61ZwVkQrZPupnsPVS5NwangneGjmRe0KMSyBeKA8JUVteFMFdmng62kMnwBCOvF5ijvG07Gp7JEe_gVcykr4ubDQu6n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzA2OTIwOTczODA0MTU3MjM3MA%3D%3D&google_gid=CAESEJs_N4QsUswf90XUFWyiqHQ&google_cver=1&google_push=AXcoOmTsL61ZwVkQrZPupnsPVS5NwangneGjmRe0KMSyBeKA8JUVteFMFdmng62kMnwBCOvF5ijvG07Gp7JEe_gVcykr4ubDQu6n
Request Chain 341
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C6pl_l_hIZYy4B9WSjuwP8s2noAeCiYyGdMjc0LL6EWQQASC6hMAzYPXtzIHgBKAByNma_QPIAQmpAp83uxywuLI-4AIAqAMByAPLBKoE6QJP0O-rGyKumMXUOnrleYBHOMTpuu3VBKzQ1L8jlWTgDJ1T4bd5Yf0ZJ85kTN0ISCDBw1um0HrU9Hhne1Cbi0m33wE2REVKpDwDe8VTgUdF3Dh8VX9-Ss0ukaf0EHAYaM6Sb9ONhYMltCY09PkihhmmHla43d_JMLW3UxaQrjq1BhPxPATKazvLmO7OenLC0xy3ZbRUGbgiIefLAgROFE6iF9G8EQRS-yGvf_8xFywplFGYADT5TAEpMbK96D9F4Km70fHJykb7fNu1LCy0NC8Tw1FpTim9-6aSYRJj1AcSAz_G40xTAFdx9etQf5FtXHN2SCPu7TlYU2BM8Wb1zeLjmbO6GoZ4pTse8WzcjhDI0nCuVxj4WAyj99-tnP3Rt_4e0v-MXKByRefExWnfDpoq_fA-QA_XY0FxGMCiZBPxdbR-AJLMsKhRJ-IZJigX3Tj8J2FJXN7rT-6nj1Wd7CHMu6IBu2eS814wwATJ-fCNwATgBAGIBYCzw-hLkgUECAQYAZIFBAgFGASgBi6AB6Cm5QKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC6kQjSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MJoJRWh0dHBzOi8vd3d3LmZyYW5rZW5zcGFsdGVyLmNoL2RlL2t1ZWNoZS1nYXN0cm8va3VlaGxlbi1nZWZyaWVyZW4uaHRtbIAKA8gLAZgM48Dix7UEogwMKgoKCOS0sQLutbEC2gwQCgoQ4IaQlMGZ9oIcEgIBA-INEwip8r2Zy6-CAxVViYMHHfLmCXS4E6EE2BMO0BUBmBYBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=6t1SAPRDNdw&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNNuRXPGsdo_q-JUje_F1GXdDN4Jcuz53cLhFL8cH62Scr_WfJIEtr0uzO42-Pf_IJzj0sSaT69xgB&template_id=545&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6c982058dafdb70f0000000000000000%22,%222%22:%220x1eb9bd88a64d897f0000000000000000%22,%223%22:%220x1bfa190290ad6e2f0000000000000000%22,%224%22:%220x7edce9b2d725c8b80000000000000000%22,%225%22:%220x6197e68ae7cb6a860000000000000000%22},%22debug_key%22:%224098183907724616598%22,%22debug_reporting%22:true,%22destination%22:%22https://frankenspalter.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221067887816%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221042761916752009793%22}&andc=true
Request Chain 361
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7069209738041572370
Request Chain 362
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=4f188bc43cbff39d850495a97db9b7c&gdpr_consent=&gdpr=1
Request Chain 366
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgkM9PluzuwbQ_nGWXIs7Q&google_cver=1
Request Chain 381
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFl8egr0Au_VKgcaPESPyR0&google_cver=1
Request Chain 382
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA2OTIwOTczODA0MTU3MjM3MA%3D%3D
Request Chain 383
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL1qRgOXWrwSAjRJBI5Fz4U&google_cver=1
Request Chain 390
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7069209738041572370
Request Chain 391
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZUj4ly0uyDqVghiSXC-figAAFDoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZUj4ly0uyDqVghiSXC-figAAFDoAAAIB
Request Chain 392
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5812912161428483942&expiration=1700490652
Request Chain 398
  • https://onetag-sys.com/usync/?tag=img HTTP 302
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7783354667394345830&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=64815808-0e60-493b-bad5-d2adccca1543&gdpr=&gdpr_consent=&us_privacy=
Request Chain 414
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/c45cc90a-3a1d-5236-b63d-3063d375c8f4
Request Chain 415
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/446dcf91fd5ac2d8e2e0794fcdf2a3a4f916f892a4a6a08acfc5e1fe451264a4
Request Chain 418
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7069209738041572370
Request Chain 419
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=4f188bc43cbff39d850495a97db9b7c&gdpr_consent=&gdpr=1
Request Chain 423
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgkM9PluzuwbQ_nGWXIs7Q&google_cver=1
Request Chain 435
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/4f188bc43cbff39d850495a97db9b7c?gdpr_consent=&gdpr=0
Request Chain 446
  • https://pr-bh.ybp.yahoo.com/sync/taboola/a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-v.sHSxtE2oR6DKlMayH5m6MulR.8bZU8Gz7Btw--~A
Request Chain 448
  • https://um.simpli.fi/gp_match?google_gid=CAESEK3ltD2PIKwtGiFhABMgtw8&google_cver=1&google_push=AXcoOmQ12LG4lf0WZsq1oEjlChUGmyD8CzLIzkabf17jNXmHt8ZTHtTD8-FyJNR4ngbwLI-MBo9HTND195vlNCFyPsk2JwJC3GIM84w7m0G6JI0bJfEXmcNNi2a4-ve4Z4dGtVxiyn26V-xnZAgHDVemY3mv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C9CFE0BE7F9E4F48B40D715BF90B7699&google_push=AXcoOmQ12LG4lf0WZsq1oEjlChUGmyD8CzLIzkabf17jNXmHt8ZTHtTD8-FyJNR4ngbwLI-MBo9HTND195vlNCFyPsk2JwJC3GIM84w7m0G6JI0bJfEXmcNNi2a4-ve4Z4dGtVxiyn26V-xnZAgHDVemY3mv
Request Chain 449
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMJhjXNqa-XBScQOSFLznzY&google_cver=1&google_push=AXcoOmR-nCPzTmGb2FTDAsjAgU7sAQQpJZVnTF3fayme_IPSE2DRejldicSHQud7fdm6i3UDT4g_KidjUz8uzXqOAy-Nh_BuSVs82cHek2RiIQ53NIDAZAHaL2wnzZQzavsQxAY7Oh_B76yffOSR-RsZ3jD8 HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
Request Chain 450
  • https://rtb.openx.net/sync/dds?google_gid=CAESEDmLmu1msX7kWHitymUEEB4&google_cver=1&google_push=AXcoOmQ14rtnGRU0JBEufxMCHZJ-caR-Kdu5a3o2FEtHkwkJXygA4qqag6p2DVA7w5ss6oIUfYHYe5ycbIxFMjZq939424j23b-r9HXFkh6y2OD52k8iIit4gcAOctO6TPpY5NckaFu9UbAwIFSGDmNK3TE9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQ14rtnGRU0JBEufxMCHZJ-caR-Kdu5a3o2FEtHkwkJXygA4qqag6p2DVA7w5ss6oIUfYHYe5ycbIxFMjZq939424j23b-r9HXFkh6y2OD52k8iIit4gcAOctO6TPpY5NckaFu9UbAwIFSGDmNK3TE9&google_hm=g8U5aOZqz8svN7gM-Ac0Pg==
Request Chain 452
  • https://match.360yield.com/match/ebda?google_gid=CAESEF28D33y9zXxLsOpv8eXr1E&google_cver=1&google_push=AXcoOmQTdRUHGW3jG2SscgGh2tWh1Y9EqFjSAw0_hrJFhAsd_JJU8oqd585tGfMksI0T7iqbS2LD4W3GgZJx1OPko4_foc36bUxcDPsz-KgNx47Qp5g0kdWdFJMBiW6srBvIiPYBvmMfkWnlieqP5BmZ-rqi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QTzR_nE0Tw6NFbJLvgLVgA&google_push=AXcoOmQTdRUHGW3jG2SscgGh2tWh1Y9EqFjSAw0_hrJFhAsd_JJU8oqd585tGfMksI0T7iqbS2LD4W3GgZJx1OPko4_foc36bUxcDPsz-KgNx47Qp5g0kdWdFJMBiW6srBvIiPYBvmMfkWnlieqP5BmZ-rqi
Request Chain 454
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECgkM9PluzuwbQ_nGWXIs7Q&google_cver=1&google_push=AXcoOmQvjN8h-jHjPh9JOzQB9xl-OWbIfGIbme_p85rTjoYUlFQdpUbXDTW_7PsO5yasaci4OJQZSiRzQqUPGTNSMcvSRz5ACNaYPT09x_Dw4YCeh8PmyOpGo7TQkDbBJ8-4ARMWP11U27P_nD-5VyGZyr08HA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi6ULIu1ezwC8fMIb6412rQCBHcASKd8aeQ&google_push=AXcoOmQvjN8h-jHjPh9JOzQB9xl-OWbIfGIbme_p85rTjoYUlFQdpUbXDTW_7PsO5yasaci4OJQZSiRzQqUPGTNSMcvSRz5ACNaYPT09x_Dw4YCeh8PmyOpGo7TQkDbBJ8-4ARMWP11U27P_nD-5VyGZyr08HA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5

504 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
www.bg3.co/a/ 		61 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8650999c3cf7ab4a078baabd7987daa70e1fe86439e39e3b36fc3c36104bb538

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 06 Nov 2023 14:30:41 GMT
etag
"f59c-lVD0xETw9b/5ohNM2BMJlNIgj3Y"
expires
Mon, 06 Nov 2023 14:31:41 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
d814714dfdb518b0e13c82074c7ba39581f53169afcc1424f88e25927f020adb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 14:30:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73131
x-xss-protection
0
server
sffe
etag
"8cd1ce497f4c5169"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Nov 2023 14:30:42 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
b8772a132b701c01463cd2da89c0f05adc6a0d45824ae699de2e9abc043dba71
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 14:30:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9636
x-xss-protection
0
server
sffe
etag
"cd39d6f814bcf243"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Nov 2023 14:30:42 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
c25a259861a8e488612ce06a2c21a3361ad515dc764c8b4da09e75fa54110463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31293
x-xss-protection
0
server
cafe
etag
206 / 19667 / 31079419 / config-hash: 14899894906618228737
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 14:30:42 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
cb6041dfa840839f10f93b76f66b19f62cdc1e054483ed8f1211ab7e34b52090
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91452
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Nov 2023 14:30:42 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Nov 2023 18:38:23 GMT
server
cloudflare
age
40726
etag
W/"6543ec9f-a1eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
821e09314c761da4-FRA
expires
Mon, 06 Nov 2023 15:11:56 GMT
adRecover.js
delivery.adrecover.com/43519/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF4) /
Resource Hash
915e540ec4846f32a7e0ded607aecbe88840842f30933a946260d0fdcd72c782

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 06 Nov 2023 14:30:42 GMT
content-encoding
br
age
12734
x-cache
HIT
x-client-device
desktop
content-length
10744
x-ap-device
DESKTOP
last-modified
Mon, 06 Nov 2023 07:59:44 GMT
server
ECAcc (frc/4CF4)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Mon, 06 Nov 2023 15:30:42 GMT
adpushup.js
cdn.adpushup.com/42753/ 		736 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3e584f0dadd9e3c67522fc3fafe0bdaa96281cac762788fe8245d9275e6450ee

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 06 Nov 2023 15:30:42 GMT
date
Mon, 06 Nov 2023 14:29:54 GMT
content-encoding
br
x-ap-device
DESKTOP
last-modified
Mon, 06 Nov 2023 11:50:35 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
x-client-device
desktop
x-client-geo
CH
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		668 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a48d3d2e58721e4e80b4ab99055e3aa6e0707dc1fa76da809667315349b632c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
nMcWTi.5hBMBDtlXzLZeICNCm9sgbtWf
content-encoding
gzip
via
1.1 varnish
date
Mon, 06 Nov 2023 14:30:42 GMT
x-amz-request-id
MBKXG2FJRGJE3CGX
age
2597
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
56530
x-amz-id-2
fFDsH7GyNx3r3/K6M4Ez8muyCbAk6bBLFjLohTts6iX2azZOxACUB/6l6fQYMGwGuGWDJl7RxKg=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Mon, 06 Nov 2023 13:46:55 GMT
server
AmazonS3
x-timer
S1699281042.127143,VS0,VE0
etag
"9ba6bdf2f4c0174739282116def2afb4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
41
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
2
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5690
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbJRTjWdyg02LYBIe2BU4zah5rlbBloiSNCctgaB4LseqC7mRKjAbVkTaEgkZneOXqx4sXRdEkeXorDQO0zYJOVeu5VQp2ZMLL6iiVITO%2F5mA3Dhr%2BqExWfRtoOsXBtaZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
821e09399e1a35e0-FRA

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
t.php
c.statcounter.com/ 		192 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=8E60158DFA374FFF87681BB65D8AEE09&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&t=%E6%9B%BC%E8%B0%B7%E6%96%B0%E4%BA%BA%E5%8E%BB%E5%93%AA%E3%80%8C%E6%8B%8D%E5%A9%9A%E7%B4%97%E3%80%8D%EF%BC%9F%E5%A4%9A%E5%BD%A9%E6%91%A9%E6%B4%9B%E5%93%A5%E9%A2%A8%E6%97%85%E9%A4%A8%E8%B6%85%E5%A4%AF%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=4953&sc_rum_e_e=4962&sc_rum_f_s=0&sc_rum_f_e=4949&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
821e09322dcd1da4-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
impl.20231106-1-RELEASE.js
cdn.taboola.com/libtrc/ 		816 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231106-1-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d0a7178e72e957378c0f7b49e1199dceefbec6bfc4204b9b2ad7b913ed68a725

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
TrwPJ6c2B48doJLKp9VZw0PM.8ezHMbu
content-encoding
br
via
1.1 varnish
date
Mon, 06 Nov 2023 14:30:42 GMT
x-amz-request-id
FFWQ213HS86AGCM1
age
15360
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173002
x-amz-id-2
m705P4fTO/k5cuAHdgC8C1jOyRTg2gF44cbgTeK/eG+zd4slcfwHrsrJc01mqzGqj+VQgxSKA10=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Mon, 06 Nov 2023 10:06:23 GMT
server
AmazonS3-br
x-timer
S1699281042.338397,VS0,VE0
etag
"84378986b1159783130c02e2a620888b"
vary
Accept-Encoding
content-type
application/javascript
abp
40
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
51994
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:42 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4478838
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-fra-eddf8230136-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1699281043.972224,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
44, 23217
sync
gum.criteo.com/ 		46 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231106-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
272970
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		78 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=15%3A30%3A42.580&lti=deflated&data=%7B%22id%22%3A142%2C%22ii%22%3A%22%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1699278358139%2C%22vi%22%3A1699281042576%2C%22cv%22%3A%2220231106-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html%22%2C%22vpi%22%3A%22%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3334%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1983.140625%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231106-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0a80f36b81bb1520637bb04834c9dff97b03b1367910d4baa9ac695e7daf2841

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
377
date
Mon, 06 Nov 2023 14:30:43 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.3343749999999999
x-fastly-to-nlb-rtt
59106
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230137-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1699281043.637222,VS0,VE377
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
7799bec6189441c21619134d8adb850d.jpg
static.bg3.co/imgs/202105/ 		0
0
69ad1533d73c5e257d335b976d2895bd.jpg
static.bg3.co/imgs/202105/ 		0
0
c8cfd5e2bc439291c21f2fbd1e55543d.jpg
static.bg3.co/imgs/202105/ 		0
0
00b9c55352c6d820c5d892ba163b5264.jpg
static.bg3.co/imgs/202106/ 		0
0
c10b77f3f4a25f44545fe40717b5032d.jpg
static.bg3.co/imgs/202105/ 		0
0
1a3b8999398276a368d8f37969a85e43.jpg
static.bg3.co/imgs/202105/ 		0
0
0ddb004acd894c23d2d6d9e1cc371586.jpg
static.bg3.co/imgs/202105/ 		0
0
505b4a95b8d806c795fc6f1c990a36cb.jpg
static.bg3.co/imgs/202105/ 		0
0
18c48024bef49e757c93b38668176786.jpg
static.bg3.co/imgs/202105/ 		0
0
05c07ec853bf8c189ef589e145be74f3.jpg
static.bg3.co/imgs/202105/ 		0
0
5483c53934f1cd744c72f3d406d27107.jpg
static.bg3.co/imgs/202105/ 		0
0
5c77520c66ff397ea20ad34699a788fb.jpg
static.bg3.co/imgs/202105/ 		0
0
478ac97549ae4353d83945baea2789f9.jpg
static.bg3.co/imgs/202106/ 		0
0
01502244f0f6b812edf18d86e81e17c4.jpg
static.bg3.co/imgs/202106/ 		0
0
47b6528d8891ba32fdcd8ddf1986e809.jpg
static.bg3.co/imgs/202105/ 		0
0
4db17f0b9c3fd5c30eafcc11ca28e2b2.jpg
static.bg3.co/imgs/202105/ 		0
0
3249f04345c58b82dd826270839dfa26.jpg
static.bg3.co/imgs/202310/ 		0
0
5b5a2cafa4e7ea17077fda6952f4b7eb.jpg
static.bg3.co/imgs/202105/ 		0
0
d017d34282d8d52215c2ac19da0a9f0c.jpg
static.bg3.co/imgs/202106/ 		0
0
9363f47a8c64eb59a5dbd6b6d78c4336.jpg
static.bg3.co/imgs/202105/ 		0
0
3b406c7532254597dacc24e2daa094eb.jpg
static.bg3.co/imgs/202105/ 		0
0
9920ae0b6f35feacfe97a635bf147fd8.jpg
static.bg3.co/imgs/202105/ 		0
0
bd7369ad6b628148702975b5a2164bbf.jpg
static.bg3.co/imgs/202105/ 		0
0
c013a3cc9cb777bc481835f2048808b7.jpg
static.bg3.co/imgs/202106/ 		0
0
9ef56bd4fb9245943fecaf4068d9208d.jpg
static.bg3.co/imgs/202105/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012310201815000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
46f3814580ed67b82400f08e6e77214c1ab59427a34f8a4180b2129f70c477ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Oct 2023 18:16:15 GMT
age
504868
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"4ca4ccf1afd64d82"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Oct 2024 18:16:15 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310201815000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
0daacbec8b84ea75e745a5eb6f3556e1e9e0bd14566bd91e7f3c5a0a53c6c178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Oct 2023 18:16:15 GMT
age
504868
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3941
x-xss-protection
0
server
sffe
etag
"aef77be21ea5e253"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Oct 2024 18:16:15 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3b11v9102959953&_p=1699281041892&gcd=11l1l1l1l1&cid=116137940.1699281043&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699281042&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&dt=%E6%9B%BC%E8%B0%B7%E6%96%B0%E4%BA%BA%E5%8E%BB%E5%93%AA%E3%80%8C%E6%8B%8D%E5%A9%9A%E7%B4%97%E3%80%8D%EF%BC%9F%E5%A4%9A%E5%BD%A9%E6%91%A9%E6%B4%9B%E5%93%A5%E9%A2%A8%E6%97%85%E9%A4%A8%E8%B6%85%E5%A4%AF%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5696
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/ 		425 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079419
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
16a2002fe6073aa0708f1048d7e523b42f8043a72770e1c5782c7e1010ab03a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:30:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
79210
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136527
x-xss-protection
0
server
cafe
etag
6152360919581633401
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 04 Nov 2024 16:30:32 GMT
block.jpg
delivery.adrecover.com/ 		631 B
794 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1699281043075
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC2) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 05 Nov 2024 14:30:43 GMT
date
Mon, 06 Nov 2023 14:30:43 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (frc/4CC2)
age
7011319
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:43 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4042942
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230136-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1699281043.155798,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
11, 1137829
floating-unit.20231106-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231106-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eaed891fb8da3e0298b57a6bf5ce06806364bc946ddd5ac5e8087d1487ed858e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
yB4ry.06gcptHL1ZZTrjYffzhu3EIeM9
content-encoding
gzip
via
1.1 varnish
date
Mon, 06 Nov 2023 14:30:43 GMT
x-amz-request-id
GPBRBX4QV0HBSS9M
age
15258
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2492
x-amz-id-2
4CRxK0miGocUEEw5/ZmMle+pcN3ce7xHbnbYqHIhOnls21CnxFUbBdykzChK+ld7BVTMAU7Qxqc=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Mon, 06 Nov 2023 10:06:37 GMT
server
AmazonS3
x-timer
S1699281043.180456,VS0,VE0
etag
"14e3ea3b0fb1b3052c5b4534767875e8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
74
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4532
taboola-vignette-new-scanning.20231106-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231106-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1d03b476888ae905bc214b6bb86077959a05e7ecb2bff5ab5d5063611e91f01

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
F7U06YKT2gOFjo2TuL7LBZ6rnIm9I6EA
content-encoding
gzip
via
1.1 varnish
date
Mon, 06 Nov 2023 14:30:43 GMT
x-amz-request-id
922CJ58X0Q4MYNYN
age
15276
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
8019
x-amz-id-2
djK7ygPZMUtPSp0v43UPogHEdspxElPQULhTEaI/jAJIktPZwdNsDIeKnvXdDQfO+1i5YctMxhk=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Mon, 06 Nov 2023 10:06:19 GMT
server
AmazonS3
x-timer
S1699281043.180439,VS0,VE0
etag
"322cc15a76da1c0a613a21c29da91dde"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
68
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3131
distance-from-article.20231106-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231106-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33ee1cf059c27b908a136283d4dec5831b42e0a7cfcf6a6a1c9fe485896cef2d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_cb7pyqeXp_e1AlxSdDdIA7TaP7MGOI9
content-encoding
gzip
via
1.1 varnish
date
Mon, 06 Nov 2023 14:30:43 GMT
x-amz-request-id
9C5JKXANV1R5CNPT
age
15354
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1131
x-amz-id-2
xtIMDaNVkEsdOWqfqsNQBDVRqHYzUEt+p0d5wTSU0taxMN1X8o5JhcX/n2CBSz+2Z55DFKLZld8=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Mon, 06 Nov 2023 10:06:48 GMT
server
AmazonS3
x-timer
S1699281043.199047,VS0,VE0
etag
"514ac2a89d1e577354361ffd0a033dbd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
8
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
41439
article-detection.20231106-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231106-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
255bb19a77ea949d156e748a6d1ce4b1eadbac7c599cf0c5383a5d6782b20ba2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KAMUgwn0OppGZY09YLgCEo.sxRvRWhGb
content-encoding
gzip
via
1.1 varnish
date
Mon, 06 Nov 2023 14:30:43 GMT
x-amz-request-id
9C5VGX9DSRS9VZ0K
age
15354
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1291
x-amz-id-2
sqUN1jEJmCrO87Xvb/rOCZk3MmYfuldmbRHmH3lpYLp1y0AV5xjTC/PEmtfMuYsNnDoO2RWBMok=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Mon, 06 Nov 2023 10:06:54 GMT
server
AmazonS3
x-timer
S1699281043.199015,VS0,VE0
etag
"75affd125a0ee1646b62baa6b866c93b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
64
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
41454
article-and-feed-area-scanner.20231106-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20231106-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b61cd22e13ff1b780738095e963bae3609e6567bdc8cbadaaf64402c59513b2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ai4uEwz_m7VL.cDzZrRC99aNDzkr3nBj
content-encoding
gzip
via
1.1 varnish
date
Mon, 06 Nov 2023 14:30:43 GMT
x-amz-request-id
9C5PN8BG45ZJMDV5
age
15355
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1148
x-amz-id-2
yB6yIi98dI/URRXNci9J9CyJ061UlYH9m0Dhk4HQKdhhmoQkezvhxnekWCdwYptSN4qSO8yl1V4=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Mon, 06 Nov 2023 10:06:56 GMT
server
AmazonS3
x-timer
S1699281043.216855,VS0,VE0
etag
"acd12bf9fb7bad3e69c090756cd46451"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
14
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11759
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.5.4/ 		130 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231106-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a10026a5515532bc83d5cc40f634aaca4ee39b21ae46ab1edcfd12f8e90396d

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:43 GMT
via
1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
392950
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
35015
x-served-by
cache-fra-eddf8230127-FRA
last-modified
Thu, 02 Nov 2023 01:19:16 GMT
server
AmazonS3
x-timer
S1699281043.414121,VS0,VE0
etag
"b47108d5ce64f616cbca39ef75fd8496"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
O1l3Ixw_wY44bx8WXWnIRJ50Fvq8QXqwkxRLyBtdbXordIVQfBE_yg==
x-cache-hits
59718
feed-card-placeholder.20231106-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231106-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
085e85263c4f84e282ff973ce564c40757303a9c4aef19f6f2f98c1992399020

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
nnZHQ7LEc3wiHvaSSivqUJYwapkaIipI
content-encoding
gzip
via
1.1 varnish
date
Mon, 06 Nov 2023 14:30:43 GMT
x-amz-request-id
9C5HMDNK5Q8PYMMG
age
15354
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1262
x-amz-id-2
ve6WshTVKra5AxxYoGgsOQd3ZVImRo7vfEO6TlDr7KMl6TgDHGqNBzLqIdAeNYjUtAyW+ryGooQ=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Mon, 06 Nov 2023 10:06:42 GMT
server
AmazonS3
x-timer
S1699281043.216839,VS0,VE0
etag
"a01af87c4f67740e1bd8be72659c3544"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
97
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
33064
userx.20231106-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231106-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9181b5f805ea4f23beddd61025a4dae21f05e8728b6ee5aad10f343912f6633

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
0mztux1wOITxhGHaEeWe0rXSonJ4r8Tm
content-encoding
gzip
via
1.1 varnish
date
Mon, 06 Nov 2023 14:30:43 GMT
x-amz-request-id
V3MV4QWMCEX9YCV2
age
15326
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5397
x-amz-id-2
OjDqrdyPRmmsqzNVc0QjMgPd+xiuXyIZ7soMbHvlSXKrYWdLjYPYN84cD2eQEK7Zbqs+y0jY+rU=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Mon, 06 Nov 2023 10:06:16 GMT
server
AmazonS3
x-timer
S1699281043.217003,VS0,VE0
etag
"b1204b231c9cc5a5ffea526aa2009b17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
92
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
12100
explore-more.20231106-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231106-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
745b63e80b66a7a5c73e8ad4fecefd5c25ceb19ed68eb838a248caeaacf0dd91

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
CnH2er2InbSMRZjQ.wz1OhUH11QHRyjM
content-encoding
gzip
via
1.1 varnish
date
Mon, 06 Nov 2023 14:30:43 GMT
x-amz-request-id
VAN3YZG7M23949BY
age
15324
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
7706
x-amz-id-2
MwvJ0cN41oRTbbo+k1EzOJiC9Q2arC0lAaYAcmL3pC9FFFLmtWSFRnEPpwS4XmI2P0xAJWhACt0=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Mon, 06 Nov 2023 10:06:44 GMT
server
AmazonS3
x-timer
S1699281043.243821,VS0,VE0
etag
"955350d386b97405f144b5f921e6af7d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
17138
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=12019&tvi50=11103&lti=deflated&ri=b2cb87ba71875a1a8b4d485307a5f8ac&sd=v2_a6df6b8ee10684cb52cb29afdd2b5b4b_a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12_1699281042_1699281042_CNawjgYQ2YJdGJD5q6i6MSABKAEwKziy0A1A0IgQSMTq2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12&pi=/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&wi=1959647875322444605&pt=text&vi=1699281042576&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=15%3A30%3A43.136&id=785&llvl=2&cv=20231106-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 06 Nov 2023 14:30:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=12019&tvi50=11103&lti=deflated&ri=b2cb87ba71875a1a8b4d485307a5f8ac&sd=v2_a6df6b8ee10684cb52cb29afdd2b5b4b_a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12_1699281042_1699281042_CNawjgYQ2YJdGJD5q6i6MSABKAEwKziy0A1A0IgQSMTq2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12&pi=/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&wi=1959647875322444605&pt=text&vi=1699281042576&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1699281043137%7D&tim=15%3A30%3A43.137&id=526&llvl=2&cv=20231106-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 06 Nov 2023 14:30:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=12019&tvi50=11103&lti=deflated&ri=b2cb87ba71875a1a8b4d485307a5f8ac&sd=v2_a6df6b8ee10684cb52cb29afdd2b5b4b_a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12_1699281042_1699281042_CNawjgYQ2YJdGJD5q6i6MSABKAEwKziy0A1A0IgQSMTq2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12&pi=/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&wi=1959647875322444605&pt=text&vi=1699281042576&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1699281043152%7D&tim=15%3A30%3A43.152&id=1147&llvl=2&cv=20231106-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 06 Nov 2023 14:30:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=12019&tvi50=11103&lti=deflated&ri=b2cb87ba71875a1a8b4d485307a5f8ac&sd=v2_a6df6b8ee10684cb52cb29afdd2b5b4b_a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12_1699281042_1699281042_CNawjgYQ2YJdGJD5q6i6MSABKAEwKziy0A1A0IgQSMTq2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12&pi=/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&wi=1959647875322444605&pt=text&vi=1699281042576&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=15%3A30%3A43.210&id=1228&llvl=2&cv=20231106-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 06 Nov 2023 14:30:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=15%3A30%3A43.214&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=7006&cv=20231106-1-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
86624
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=15%3A30%3A43.216&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=2726&cv=20231106-1-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
86624
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=15%3A30%3A43.223&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=6795&cv=20231106-1-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
86624
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=15%3A30%3A43.224&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5815&cv=20231106-1-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
86624
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=15%3A30%3A43.244&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5947&cv=20231106-1-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
86624
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Mon, 06 Nov 2023 14:30:43 GMT
x-amz-request-id
Y1PG8J215N22T8P1
age
91
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1699281043.326921,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
69
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
140
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=23128242472952&correlator=4277503370742336&eid=31079466%2C31079419&output=ldjh&gdfp_req=1&vrg=202311010101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1699281043330&lmt=1699281043&adxs=220&adys=454&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=116137940.1699281043&ga_sid=1699281043&ga_hid=1947783032&ga_fc=true&dlt=1699281041825&idt=1454&adks=2226185566&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
5a9ea7c2395ec54815384590db64d80caf149a93926b12dc10ae90e04f95e73a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12777
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B63A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 14:30:44 GMT
expires
Tue, 05 Nov 2024 14:30:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
30acfac8-5efb-4b51-acf8-f8321afee1e1__qc8yLzRd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_465%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_465%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/30acfac8-5efb-4b51-acf8-f8321afee1e1__qc8yLzRd.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f31575b6d06519c6610e42b0b7deae0ef561c46c3e1f3ba6c30f3fa1978c2d7f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 06 Nov 2023 14:30:43 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_465%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/30acfac8-5efb-4b51-acf8-f8321afee1e1__qc8yLzRd.jpg
age
4645949
edge-cache-tag
363648267922384833427393371159591559978,329816201582900904242778866044340755450,29ecf9b93bbf306179626feeda1fab70
cache-tag
363648267922384833427393371159591559978,329816201582900904242778866044340755450,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
639
req-referer
https://www.news.de/
content-length
20374
x-request-id
7ba1519bc738c0c91463192f26f5c691
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100068-IAD, cache-iad-kiad7000079-IAD, cache-iad-kiad7000142-IAD, cache-fra-eddf8230137-FRA
last-modified
Thu, 07 Sep 2023 07:11:54 GMT
server
nginx
surrogate-reporting
width=620,height=465,bytes=28912,owidth=2000,oheight=1457,obytes=197392
x-timer
S1699281043.470161,VS0,VE1
etag
"3808aa30a4534a9d30498710a13bfa54"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 12, 1
30acfac8-5efb-4b51-acf8-f8321afee1e1__qc8yLzRd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/30acfac8-5efb-4b51-acf8-f8321afee1e1__qc8yLzRd.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3c2b33470f71b406f376d87a73f3236288f686359b37a640e281f9a2c41025d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 06 Nov 2023 14:30:43 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/30acfac8-5efb-4b51-acf8-f8321afee1e1__qc8yLzRd.jpg
age
2960924
edge-cache-tag
363648267922384833427393371159591559978,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
363648267922384833427393371159591559978,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
221
expiration
expiry-date="Fri, 13 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ka-news.de/
content-length
30596
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200151-IAD, cache-iad-kiad7000042-IAD, cache-iad-kcgs7200166-IAD, cache-fra-eddf8230137-FRA
last-modified
Tue, 12 Sep 2023 05:56:13 GMT
server
nginx
surrogate-reporting
width=920,height=460,owidth=2000,oheight=1457,obytes=197392
x-timer
S1699281044.515225,VS0,VE2
etag
"73d01b1eac55d832206217d10b36b5fd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 4, 1
6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
57d726902e7e61bdd77159edc80d18774870eadd91c277653646d3374aba27af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 06 Nov 2023 14:30:43 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age
1073617
edge-cache-tag
356686445197087509435470419559440289029,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
356686445197087509435470419559440289029,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
603
req-referer
https://www.southernstar.ie/
content-length
28970
x-request-id
d3b837faac4b5e239204c58f8e06722d
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000106-IAD, cache-iad-kiad7000147-IAD, cache-iad-kjyo7100156-IAD, cache-fra-eddf8230137-FRA
last-modified
Sun, 10 Sep 2023 20:32:02 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=37980,owidth=1344,oheight=896,obytes=2099614
x-timer
S1699281044.556032,VS0,VE1
etag
"5eeb390e640ddfaeffbf8000fc7a0145"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1474, 1
32a138fd7ef8b664e4231c98c5b25f9b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32a138fd7ef8b664e4231c98c5b25f9b.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bf6ad585e13e6e4b6832a8c8b75b1c83b4e7ee3683c5f786a274527b5fe7d27

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 06 Nov 2023 14:30:43 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32a138fd7ef8b664e4231c98c5b25f9b.jpg
age
1747829
edge-cache-tag
588966396686879871830918856448821189567,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
588966396686879871830918856448821189567,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
490
req-referer
https://revistaoeste.com/brasil/jovem-pan-demite-pavinatto-por-excessos-e-desobediencia/
content-length
25448
x-request-id
672d8e2ace30f941ac8d72085a9171de
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000136-IAD, cache-iad-kiad7000092-IAD, cache-iad-kiad7000098-IAD, cache-fra-eddf8230137-FRA
last-modified
Wed, 26 Jul 2023 13:32:18 GMT
server
nginx
x-timer
S1699281044.556032,VS0,VE1
etag
"34a86780c8427774629d3aba27d34975"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 449, 1
0dd6f730d4a86208c98bf847b1adfea8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0dd6f730d4a86208c98bf847b1adfea8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
88c5316269d027d86caacb864643422ccf0429d1f65800515dd13485499156d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 06 Nov 2023 14:30:43 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0dd6f730d4a86208c98bf847b1adfea8.jpg
age
1643642
edge-cache-tag
356468927228789546679243517129575006625,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
356468927228789546679243517129575006625,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
244
expiration
expiry-date="Sun, 24 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.itasportpress.it/
content-length
19542
x-backend-name
US_nlb106
x-served-by
cache-iad-kiad7000066-IAD, cache-iad-kiad7000066-IAD, cache-pdk-kpdk1780054-PDK, cache-iad-kcgs7200096-IAD, cache-fra-eddf8230137-FRA
last-modified
Thu, 24 Aug 2023 02:02:44 GMT
server
nginx
surrogate-reporting
width=1000,height=500,owidth=1000,oheight=743,obytes=265709
x-timer
S1699281044.556013,VS0,VE2
etag
"96bed056b58a2e3e878de2dd035059f6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 20, 0, 45, 1
bdc96404eba85fd374584ceed5e0d9cf.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bdc96404eba85fd374584ceed5e0d9cf.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4264d2c442f18cc5aa7079a72a709e32811075aced702e27170b5bbf474e4a9a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 06 Nov 2023 14:30:43 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bdc96404eba85fd374584ceed5e0d9cf.png
age
2971668
edge-cache-tag
366550682837043004145125579800052646069,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
366550682837043004145125579800052646069,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
536
req-referer
https://flytant.com/
content-length
19678
x-request-id
be7b5cf5d4aaf5b558341fc2965a7b62
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100060-IAD, cache-iad-kiad7000063-IAD, cache-lax10653-LGB, cache-iad-kjyo7100130-IAD, cache-fra-eddf8230137-FRA
last-modified
Sun, 13 Aug 2023 13:39:39 GMT
server
nginx
x-timer
S1699281044.574276,VS0,VE2
etag
"968eedb115307c944a83dda254c99dcd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 60, 1
1303462996__xX3kvWan.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1303462996__xX3kvWan.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0f9633e3eb0bcc9ab4f4b506d71918d5451f4ae65e929dd87bac259b7d1129b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Mon, 06 Nov 2023 14:30:43 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1303462996__xX3kvWan.jpg
age
2960297
edge-cache-tag
430534406613563534024929358410633386892,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
430534406613563534024929358410633386892,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
58
expiration
expiry-date="Sat, 28 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://tamilwin.com/
content-length
16648
x-backend-name
US_nlb101
x-served-by
cache-iad-kjyo7100028-IAD, cache-iad-kiad7000130-IAD, cache-iad-kjyo7100029-IAD, cache-fra-eddf8230137-FRA
last-modified
Wed, 27 Sep 2023 18:00:56 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=26852,owidth=1999,oheight=1499,obytes=1424836
x-timer
S1699281044.684993,VS0,VE4
etag
"7a72bc994d1eb54323e78a879e56ee37"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 6, 1
30acfac8-5efb-4b51-acf8-f8321afee1e1__qc8yLzRd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/30acfac8-5efb-4b51-acf8-f8321afee1e1__qc8yLzRd.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c0241c3f3f13bb847c5aff54769b3de470d263a088a589ae4b3efb768270d7b2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 06 Nov 2023 14:30:43 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/30acfac8-5efb-4b51-acf8-f8321afee1e1__qc8yLzRd.jpg
age
3153836
edge-cache-tag
363648267922384833427393371159591559978,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
363648267922384833427393371159591559978,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
255
expiration
expiry-date="Wed, 11 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://dnes.dir.bg/
content-length
33236
x-backend-name
US_nlb105
x-served-by
cache-iad-kcgs7200109-IAD, cache-iad-kiad7000159-IAD, cache-iad-kiad7000168-IAD, cache-fra-eddf8230137-FRA
last-modified
Sun, 10 Sep 2023 08:17:12 GMT
server
nginx
surrogate-reporting
width=940,height=523,owidth=2000,oheight=1457,obytes=197392
x-timer
S1699281044.685124,VS0,VE1
etag
"3bb4cf0d908a96cab5dd4873ba3cea84"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 12, 1
0dd6f730d4a86208c98bf847b1adfea8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0dd6f730d4a86208c98bf847b1adfea8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a91ba23c02a9c343dd527fd8b42544211314ec443cda1ec326b849a0098cb8f8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 06 Nov 2023 14:30:43 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0dd6f730d4a86208c98bf847b1adfea8.jpg
age
5357112
edge-cache-tag
356468927228789546679243517129575006625,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
356468927228789546679243517129575006625,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
269
expiration
expiry-date="Sat, 16 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://dk.newsner.com/
content-length
21138
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200085-IAD, cache-iad-kiad7000139-IAD, cache-iad-kjyo7100079-IAD, cache-fra-eddf8230137-FRA
last-modified
Wed, 16 Aug 2023 03:07:36 GMT
server
nginx
x-timer
S1699281044.684950,VS0,VE1
etag
"608b833a02b999690558d7780f203e21"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 62, 1
6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
223b0d1f5fe9805e59af9f9b4eca70ba74d52431790f365d72f6c4c761d1c961

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 06 Nov 2023 14:30:43 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age
3571752
edge-cache-tag
356686445197087509435470419559440289029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
356686445197087509435470419559440289029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
293
expiration
expiry-date="Sun, 15 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.abendblatt.de/
content-length
94302
x-backend-name
CH_nlb804
x-served-by
cache-iad-kjyo7100128-IAD, cache-iad-kiad7000084-IAD, cache-iad-kjyo7100132-IAD, cache-fra-eddf8230137-FRA
last-modified
Thu, 14 Sep 2023 18:15:05 GMT
server
nginx
surrogate-reporting
width=1344,height=746,bytes=180107,owidth=1344,oheight=896,obytes=2099614
x-timer
S1699281044.684929,VS0,VE2
etag
"78af0e2d92f1d0853f93e08bf0474e82"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 850, 1
32a138fd7ef8b664e4231c98c5b25f9b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32a138fd7ef8b664e4231c98c5b25f9b.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f03ea718e3c89f9d30e8990bd107def41d65d7c443bb24338ded25364752800d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 06 Nov 2023 14:30:43 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32a138fd7ef8b664e4231c98c5b25f9b.jpg
age
1625359
edge-cache-tag
588966396686879871830918856448821189567,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
588966396686879871830918856448821189567,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
294
expiration
expiry-date="Mon, 09 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://cdn.taboola.com/
content-length
58064
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100174-IAD, cache-iad-kjyo7100164-IAD, cache-iad-kiad7000140-IAD, cache-fra-eddf8230137-FRA
last-modified
Fri, 08 Sep 2023 23:22:33 GMT
server
nginx
surrogate-reporting
width=1000,height=555,owidth=1000,oheight=667,obytes=850505
x-timer
S1699281044.944207,VS0,VE2
etag
"b2dd1ff87cba6ec0a47217a8476311eb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 10, 1
pb.42753.1698934930219.js
cdn.adpushup.com/prebid/ 		437 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C8E) /
Resource Hash
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 06 Nov 2023 14:30:43 GMT
content-encoding
br
age
279509
x-cache
HIT
x-client-device
desktop
content-length
130160
last-modified
Thu, 02 Nov 2023 14:21:48 GMT
server
ECAcc (frc/4C8E)
etag
W/"6543b07c-6d3da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Nov 2024 14:30:43 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD4) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 06 Nov 2023 14:30:43 GMT
content-encoding
br
age
5454862
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (frc/4CD4)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Nov 2024 14:30:43 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-247.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 06 Nov 2023 14:30:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D07) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 06 Nov 2023 14:30:43 GMT
content-encoding
br
age
4567659
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (frc/4D07)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Nov 2024 14:30:43 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTkyODEwNDM1NzEsInBhY2tldElkIjoiMDAwMEE3MDEtMTNmMTY5NzUtNjNkNC00NjFiLTkxMjktODY0NmMwZjQ4MTg5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21hbi1ndS14aW4tcmVuLXF1LW5hLXBhaS1odW4tc2hhLWR1by1jYWktbW8tbHVvLWdlLWZlbmctbHUtZ3Vhbi1jaGFvLWhhbmcuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=6342.399993896484
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=15%3A30%3A43.919&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=8997&cv=20231106-1-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
78268
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231106-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Nov 2023 14:30:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 13:19:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Nov 2023 14:30:44 GMT
spa-detector.20231106-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231106-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9dc5b8bc99ddfbb0e3cfa4bcb5b4affdd531cf598bb58f4bd47f0f1d1aa3f1d3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
roofIiS3hJB_MFcJ0QAtJRcLQ0PwOYHw
content-encoding
gzip
via
1.1 varnish
date
Mon, 06 Nov 2023 14:30:43 GMT
x-amz-request-id
VAN47E6PTZV2W73N
age
15324
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
778
x-amz-id-2
t95gRdyTYxmtz4QiF5NEvrY8OmhzZh+NE54J/TFv326GHog3xSefM+DE8y1llNI+21gg4h39dak=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Mon, 06 Nov 2023 10:06:28 GMT
server
AmazonS3
x-timer
S1699281044.992687,VS0,VE0
etag
"0f0f3075a2d211c33bd3add509ebb769"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
23
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
17618
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=12019&tvi50=11103&lti=deflated&ri=b2cb87ba71875a1a8b4d485307a5f8ac&sd=v2_a6df6b8ee10684cb52cb29afdd2b5b4b_a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12_1699281042_1699281042_CNawjgYQ2YJdGJD5q6i6MSABKAEwKziy0A1A0IgQSMTq2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12&pi=/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&wi=1959647875322444605&pt=text&vi=1699281042576&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=15%3A30%3A43.930&id=8235&llvl=2&cv=20231106-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=12019&tvi50=11103&lti=deflated&ri=b2cb87ba71875a1a8b4d485307a5f8ac&sd=v2_a6df6b8ee10684cb52cb29afdd2b5b4b_a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12_1699281042_1699281042_CNawjgYQ2YJdGJD5q6i6MSABKAEwKziy0A1A0IgQSMTq2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12&pi=/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&wi=1959647875322444605&pt=text&vi=1699281042576&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1699281043933%7D&tim=15%3A30%3A43.933&id=3914&llvl=2&cv=20231106-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=12019&tvi50=11103&lti=deflated&ri=b2cb87ba71875a1a8b4d485307a5f8ac&sd=v2_a6df6b8ee10684cb52cb29afdd2b5b4b_a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12_1699281042_1699281042_CNawjgYQ2YJdGJD5q6i6MSABKAEwKziy0A1A0IgQSMTq2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12&pi=/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&wi=1959647875322444605&pt=text&vi=1699281042576&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=15%3A30%3A43.942&id=9728&llvl=2&cv=20231106-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=12019&tvi50=11103&lti=deflated&ri=b2cb87ba71875a1a8b4d485307a5f8ac&sd=v2_a6df6b8ee10684cb52cb29afdd2b5b4b_a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12_1699281042_1699281042_CNawjgYQ2YJdGJD5q6i6MSABKAEwKziy0A1A0IgQSMTq2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12&pi=/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&wi=1959647875322444605&pt=text&vi=1699281042576&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1699281043944%7D&tim=15%3A30%3A43.944&id=6677&llvl=2&cv=20231106-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
next-up-widget.20231106-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231106-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd7af4a8ea770471dc4746a7ee079ff79d59a2d8e5d2a53dd23e4b1155f78d1f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_kQSGVQC4CkqeHWOoI7j3H35X48J3ni6
content-encoding
gzip
via
1.1 varnish
date
Mon, 06 Nov 2023 14:30:44 GMT
x-amz-request-id
VTQ70TXMS6ZNKFMK
age
15258
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
4623
x-amz-id-2
vdB/uPYwo2COr3pzeN1LEswMx14XdmFLHMYEr18zI4b/T/8PWQvtjcQVTXgALC30rns825DbqBA=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Mon, 06 Nov 2023 10:06:34 GMT
server
AmazonS3
x-timer
S1699281044.054704,VS0,VE0
etag
"feea0a19a382604b829bbf58963193e8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
52
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4461
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=12019&tvi50=11103&lti=deflated&ri=b2cb87ba71875a1a8b4d485307a5f8ac&sd=v2_a6df6b8ee10684cb52cb29afdd2b5b4b_a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12_1699281042_1699281042_CNawjgYQ2YJdGJD5q6i6MSABKAEwKziy0A1A0IgQSMTq2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12&pi=/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&wi=1959647875322444605&pt=text&vi=1699281042576&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A2192%7D%22%2C%22eventTime%22%3A1699281044011%7D&tim=15%3A30%3A44.012&id=5660&llvl=2&cv=20231106-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=12019&tvi50=11103&lti=deflated&ri=b2cb87ba71875a1a8b4d485307a5f8ac&sd=v2_a6df6b8ee10684cb52cb29afdd2b5b4b_a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12_1699281042_1699281042_CNawjgYQ2YJdGJD5q6i6MSABKAEwKziy0A1A0IgQSMTq2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12&pi=/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&wi=1959647875322444605&pt=text&vi=1699281042576&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22303.640625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=15%3A30%3A44.039&id=4481&llvl=2&cv=20231106-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
view
securepubads.g.doubleclick.net/pcs/ Frame B918 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_sfiEUfMmsR41O4QtZdAWK3-AjmNsis_7ksGmBi6seGFMYY84LCZSXYYxT4LfrpASQHPvQOQjkLoKzEpYz1N3rs-l-EBH4eOajNkds7dcQ4Nu0Z5FbZJMdqGzfrU9AjzrvnJmbRsZ5z7BEVZOSRNm6zuNIQ4966bkxWrrUgnpwL-lB1vgMX1xxuzcoExFVYAd83pKGBM69XvY-F3uu0AdjWON0empNyK_kMMLnGdpSLSDL72UgVhDWWdG5OCE5nNnod6J4mbbsZDaKg5hmPVUcGI7f13OixVX5NOZiPVnrAHW-rsLi9Jd8qtRPd1VEDSJHA&sai=AMfl-YSuVJ1ssCHFkqA8S7X1AyMd2e2kYL1pd73DwIHF3KwSwWnUEawdTbDha2uTZFpakyT473ZqTTGj855BtMVsulQIqsLEfE1J4NhSvEtTDv-RQHKrXQsPKYT4ExOjxifWw7gB6J8X-B3qlbC_EuKw&sig=Cg0ArKJSzNyuSIZTYdu3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Nov 2023 14:30:44 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ac2fe2697b560ed2c6826bf1e2aa8e2e11976155d5d72410a196d04beffb10a4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:44 GMT
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 13:45:26 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651ebdf6-66b6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 06 Nov 2023 15:30:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B918 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Nov 2023 14:30:44 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTkyODEwNDQxMjYsInBhY2tldElkIjoiMDAwMEE3MDEtMTNmMTY5NzUtNjNkNC00NjFiLTkxMjktODY0NmMwZjQ4MTg5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21hbi1ndS14aW4tcmVuLXF1LW5hLXBhaS1odW4tc2hhLWR1by1jYWktbW8tbHVvLWdlLWZlbmctbHUtZ3Vhbi1jaGFvLWhhbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=6903.799995422363
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTkyODEwNDQxNDYsInBhY2tldElkIjoiMDAwMEE3MDEtMTNmMTY5NzUtNjNkNC00NjFiLTkxMjktODY0NmMwZjQ4MTg5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21hbi1ndS14aW4tcmVuLXF1LW5hLXBhaS1odW4tc2hhLWR1by1jYWktbW8tbHVvLWdlLWZlbmctbHUtZ3Vhbi1jaGFvLWhhbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=6919.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTkyODEwNDQxNTMsInBhY2tldElkIjoiMDAwMEE3MDEtMTNmMTY5NzUtNjNkNC00NjFiLTkxMjktODY0NmMwZjQ4MTg5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21hbi1ndS14aW4tcmVuLXF1LW5hLXBhaS1odW4tc2hhLWR1by1jYWktbW8tbHVvLWdlLWZlbmctbHUtZ3Vhbi1jaGFvLWhhbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF8zMzZYMjgwXzg2MWUwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M18zMzZYMjgwXzg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlcnZpY2VzIjpbNV0sImFkVW5pdFR5cGUiOjh9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=6924
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=23128242472952&correlator=1603445005960262&eid=31079466%2C31079419&output=ldjh&gdfp_req=1&vrg=202311010101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&arp=1&abxe=1&dt=1699281044172&lmt=1699281044&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=116137940.1699281043&ga_sid=1699281043&ga_hid=1947783032&ga_fc=true&dlt=1699281041825&idt=1454&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv8_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
31924d61890f7e85f15d4dc31227a016d0893e5105a68718ec9a44c205780ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17129
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl_page_level_ads.js?cb=31079419
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
1aa7f035c2446d046b406af2d4c416cb6389213bc9ed4011b14cadad524a9499
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
13971
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13750
x-xss-protection
0
server
cafe
etag
15752963525171346572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 05 Nov 2024 10:37:53 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
641 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
456
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJPpfM2u74Ty6VMX%2BIMlV4ikrqRB7N%2B%2Bto%2BDkZ8CCMVc6ll3rTsFyizuKUwaTaDGvYjEqndVjV4sL6xWRqNlxf4cYTXdsNeIsc9JjLcFBO8iqWZJwOx87jkD7ZbToczsjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
821e093e7cea35e0-FRA
idRequest
sync.aralego.com/ 		0
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTkyODEwNDQxMjYsInBhY2tldElkIjoiMDAwMEE3MDEtMTNmMTY5NzUtNjNkNC00NjFiLTkxMjktODY0NmMwZjQ4MTg5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21hbi1ndS14aW4tcmVuLXF1LW5hLXBhaS1odW4tc2hhLWR1by1jYWktbW8tbHVvLWdlLWZlbmctbHUtZ3Vhbi1jaGFvLWhhbmcuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=7027.199996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.2109730582174052&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Annandale, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231106
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bee226f60cc50dcf362ba1007c883b2c594dd0b852072c7dd8a26c238d343c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
37793
x-jsd-version
1.0.1865
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-mad22077-MAD
x-jsd-version-type
version
server
cloudflare
etag
W/"63f-YvZJs++Y7HOt/pZMVOBCGDIDjo0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qxcrm%2FEh2Z5pOxPLDYs5HMRGeI6Y5a%2FTc%2FGKYoaAP%2BFkBjan9FhL7f7EesoRROpL5M0QsV7c8uSTWLZ4YRkK6nnfZVPjVFYFxT45G3jjsy3nWJJAWdT72gyBRyDlFKvEhV8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
821e0947fbc8f0cb-CDG
prebid
ib.adnxs.com/ut/v3/ 		138 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7a036ab46eca7dcea2b5756c526a6dc2381aaf9c31b4c2bf0f0b64cfb85105b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
an-x-request-uuid
8e18c823-12fb-4f40-8925-ef493d242406
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.219.127.190; 80.219.127.190; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38f324cd35cbc810bb9bee7a118c502dda6b97ed0af19e2da73f4d4223b1f172

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8b%2B3V8pbJXdHYNO0k1piU4zGqz3ZBjklM8CNLwSDsur%2F%2BXxV8zoI8%2FVtAVbSQKvRBJFgTKT9eSGfIkHrnlPCWROOj3wTKdps%2Ff94fDsWJ78jsH%2BN3WpSKYr4I%2B2l5yPUCMjvUdf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
821e09419f372355-ZRH
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9ace66b5ad490abe75f138bb1c167216bc3a1b0ea343b88190cd06b35147456

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1FZfpSaIk4VG6Swzv5VivtxBejwklouAOvtWqCuGBrUfkwJkkaRvVyKcL8NyH8h6iDw1w3mGGVqIWMhAwJGYowYEGyCO4Hwjs7hQkGcNwzeFhbC8AnvXsDEfqlTHtdMbxHHCkVr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
821e09419f3a2355-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
auction
tlx.3lift.com/header/ 		19 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.160.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-160-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory
x-auction-status
29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 06 Nov 2023 14:30:44 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/ 		0
0
adreq
ads.servenobid.com/ 		592 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9712
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
56bc33db1741248df0fdf247982ccf7e0b109b61a66fa1316f8b25fdb9cfb794

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/ 		53 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
ef6c684a92c2d2e2e3ef7a7c60020dd1568986226a250ede78e112f88d143976

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 06 Nov 2023 14:30:44 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
4dee7bd3e3a19e8147f265b7fe3a7c1c88bfaae5d70addf47cab297a4126c5c3

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.1.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=66b971dc-ffa9-45c0-959d-0325bdcc3f41%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E6%9B%BC%E8%B0%B7%E6%96%B0%E4%BA%BA%E5%8E%BB%E5%93%AA%E3%80%8C%E6%8B%8D%E5%A9%9A%E7%B4%97%E3%80%8D%EF%BC%9F%E5%A4%9A%E5%BD%A9%E6%91%A9%E6%B4%9B%E5%93%A5%E9%A2%A8%E6%97%85%E9%A4%A8%E8%B6%85%E5%A4%AF&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=2a8f970d-1b60-4c2b-8de4-e706ef363fb2&l_pb_bid_id=292e899cdd7a85a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=2a8f970d-1b60-4c2b-8de4-e706ef363fb2&rp_maxbids=1&slots=1&rand=0.23137595394437538
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
25360b90f84d350935cbcb115216f9ecd2a2a0371a038c8d4b44f61e6b8f4eb7

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:46 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
43a5d19d130b0a487dc7424de79ea23fbe2c3e7b9b5048394ba25b4b0e3eafd9

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:45 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
492
expires
Mon, 06 Nov 2023 14:30:45 GMT
prebid-request
onetag-sys.com/ 		20 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
1e1f158f7d5d6d220892d4b543eab502cbbc6438aac25f6de6d1353fc5aa7389
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
10165
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
27
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
08133ec4f237bf226f251eb7925e4a5aaf6ea4db8bf1f3f1db86fd10fba36b5d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
106
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Nov 2023 14:30:44 GMT
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
821e09439fb737ef-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
hbjson
grid.bidswitch.net/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.254.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-254-34.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a5b5fba2a0ce725ab390525e789bd93ba1c8c016e23215ba7ce37a350251d059

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 06 Nov 2023 14:30:45 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
7408
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 13 Nov 2023 14:30:45 GMT
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=-2&tvi48=12019&tvi50=11103&route=AM%3AIL%3AV&lti=deflated&bulkSize=11
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231106-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
74
date
Mon, 06 Nov 2023 14:30:44 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
59126
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230137-FRA
pragma
no-cache
server
nginx
x-timer
S1699281045.533016,VS0,VE74
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
st
imprammp.taboola.com/ Frame E6E6 		577 B
432 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&cmcv=&pix=undefined&cb=1699281044492&uv=146687325&tms=1699281044492&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!eidc_vA!lvlstst-in2_vA!lvlstst1_vA!pl146687-346_vB!t45!t45!ufm_vD!v146687h_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ad5a851a-afd7-46e7-a0c9-19eba1ddf523&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4d9bc8bbd7bdb94bd39db7924f8b76b656cc4bbedb8d3744bece43bcd0bd3661

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 06 Nov 2023 14:30:44 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230137-FRA
x-timer
S1699281045.533441,VS0,VE11
sync
am-match.taboola.com/ Frame 9CB3 		577 B
663 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
4d9bc8bbd7bdb94bd39db7924f8b76b656cc4bbedb8d3744bece43bcd0bd3661

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 06 Nov 2023 14:30:45 GMT
machineid
3407
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1699281044506&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=146687346&pt=447812496&tz=60&viewable=true&ddast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!dfrc_vB!eidc_vA!lvlstst-in2_vA!lvlstst1_vA!pl146687-346_vB!t45!t45!ufm_vD!v146687h_vC&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2adee87fcb8a2f7509abdc4b195a1c0b73d8967ed7b507a05337f6badb5133d6

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Mon, 06 Nov 2023 14:30:44 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1458
x-cache
MISS
x-served-by
cache-fra-eddf8230137-FRA
pragma
no-cache
server
nginx
x-timer
S1699281045.552235,VS0,VE255
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&cmcv=&pix=31589837&cb=1699281044492&uv=146687325&tms=1699281044492&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!eidc_vA!lvlstst-in2_vA!lvlstst1_vA!pl146687-346_vB!t45!t45!ufm_vD!v146687h_vC&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1699281037229.9!ts:1699281044492&mntl=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
content-length
0
server
nginx
30acfac8-5efb-4b51-acf8-f8321afee1e1__qc8yLzRd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/30acfac8-5efb-4b51-acf8-f8321afee1e1__qc8yLzRd.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
11698b459bf78eb31a0997fcea24f956aa1e4d89761021f4509cfb36bffab28a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 06 Nov 2023 14:30:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/30acfac8-5efb-4b51-acf8-f8321afee1e1__qc8yLzRd.jpg
age
2974559
edge-cache-tag
363648267922384833427393371159591559978,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
363648267922384833427393371159591559978,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
80
req-referer
https://hoy.com.do/
content-length
3324
x-request-id
5079c0227399684698bed4d9ee180da4
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000068-IAD, cache-iad-kiad7000068-IAD, cache-sna10730-LGB, cache-iad-kcgs7200077-IAD, cache-fra-eddf8230137-FRA
last-modified
Thu, 07 Sep 2023 07:11:54 GMT
server
nginx
x-timer
S1699281045.607070,VS0,VE1
etag
"156df1c6c58a723e5e4d628bf5637401"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 4, 1
0dd6f730d4a86208c98bf847b1adfea8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0dd6f730d4a86208c98bf847b1adfea8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3d2fca20c72ba0c2803a37dd2c5403844c091b8c0db7cb843d587ef84a434cec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 06 Nov 2023 14:30:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0dd6f730d4a86208c98bf847b1adfea8.jpg
age
1668277
edge-cache-tag
356468927228789546679243517129575006625,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
356468927228789546679243517129575006625,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
185
expiration
expiry-date="Sat, 21 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://viduppu.com/
content-length
4466
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200033-IAD, cache-iad-kiad7000146-IAD, cache-lax10628-LGB, cache-iad-kiad7000146-IAD, cache-fra-eddf8230137-FRA
last-modified
Wed, 20 Sep 2023 02:42:14 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=8415,owidth=1000,oheight=743,obytes=265709
x-timer
S1699281045.606619,VS0,VE1
etag
"3ca73aeeeb25ac3cb0481e37d85f34d5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 74, 1
6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
50fb084e53a8aeffaefffbe1612b995ff22ec168455280aae50f40187263fbeb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 06 Nov 2023 14:30:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age
2576967
edge-cache-tag
356686445197087509435470419559440289029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
356686445197087509435470419559440289029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
35
req-referer
https://kifache.com/%D8%AC%D8%A7%D8%A6%D8%B2%D8%A9-%D8%A3%D9%81%D8%B6%D9%84-%D8%AD%D8%A7%D8%B1%D8%B3-%D9%85%D8%B1%D9%85%D9%89-%D9%81%D9%8A-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-%D9%8A%D8%A7%D8%B3%D9%8A%D9%86-%D8%A8/
content-length
8250
x-request-id
a9345f3c6a017abfd5fd26145d40a354
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200023-IAD, cache-iad-kjyo7100108-IAD, cache-sna10735-LGB, cache-iad-kjyo7100136-IAD, cache-fra-eddf8230137-FRA
last-modified
Thu, 10 Aug 2023 11:47:17 GMT
server
nginx
x-timer
S1699281045.606603,VS0,VE2
etag
"0f290e0e1bf2b6824ad4b0ee1e205321"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 2, 1
impress
ad.vidverto.io/delivery/ 		56 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&referrer=&async=1&uid=7815005851&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7e09530696c1d2d1afed3334bd55d150ea38426cddfcc2d6033b3ec5b6db866f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 06 Nov 2023 14:30:44 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame E6E6 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&cmcv=&pix=undefined&cb=1699281044492&uv=146687325&tms=1699281044492&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!eidc_vA!lvlstst-in2_vA!lvlstst1_vA!pl146687-346_vB!t45!t45!ufm_vD!v146687h_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ad5a851a-afd7-46e7-a0c9-19eba1ddf523&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
server
Kestrel
content-length
70
content-type
image/gif
a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12
pr-bh.ybp.yahoo.com/sync/taboola/ Frame E6E6 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&cmcv=&pix=undefined&cb=1699281044492&uv=146687325&tms=1699281044492&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!eidc_vA!lvlstst-in2_vA!lvlstst1_vA!pl146687-346_vB!t45!t45!ufm_vD!v146687h_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ad5a851a-afd7-46e7-a0c9-19eba1ddf523&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.148.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-148-187.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.html
eus.rubiconproject.com/ Frame 19E5 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&cmcv=&pix=undefined&cb=1699281044492&uv=146687325&tms=1699281044492&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!eidc_vA!lvlstst-in2_vA!lvlstst1_vA!pl146687-346_vB!t45!t45!ufm_vD!v146687h_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ad5a851a-afd7-46e7-a0c9-19eba1ddf523&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Nov 2023 14:30:45 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
container.html
92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4268 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 14:30:44 GMT
expires
Tue, 05 Nov 2024 14:30:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 4268 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Nov 2023 14:30:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 12:49:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Nov 2023 14:30:44 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 02B4 		478 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGNn-0_oBMAE&v=APEucNVWkfaMWrTL7yYsGE_W6nAP8K1VDHGIwN_mr77MGyCOd0sj4zvLpq1B9ig_h-IIDvIhKZk_CJoOA_eCpv-8g1PDH9ngrA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 14:30:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 14EC 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 14:30:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 14EC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 12:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
6856
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 12:36:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 14EC 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
69046
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:20:00 GMT
l
www.google.com/ads/measurement/ Frame 14EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSiSdq6fcTd1zkQHixDp0ajxmDi52nIGVuDHOaxZCyrLfAyM1D3sEcLmrjt168n85YAV8flJ2MsJep1gOeOgNiQbD5JTg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 14EC 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Nov 2023 14:30:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 14EC 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C8nsESZaPi7tjAfIEqdZK3tYVojnoZWT7b4tj_rjnTUTYKB9iZjDVVdbjeRG0tmN8purxH0ZhekGRLDzKosd9SpRfT2XhapihiugJl8btRmIxBdrA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 14EC 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17809070832505177226&x=1&ct=76
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 4268 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:56:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
66855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8796
x-xss-protection
0
server
cafe
etag
1225823381704108053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:56:31 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Mon, 06 Nov 2023 14:30:45 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
15789
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1699281045.042585,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
7
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
14191
/
onetag-sys.com/usync/ Frame 1AE1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
63a24c909284da362fe8abf7550507792ac790f99893bd1c9ef838a06d48464f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1437
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		363 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
2a1d99c91471524a71612ba09aaf2582a5282e85469016bc480c55b9dcff6a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127582
x-xss-protection
0
expires
Mon, 06 Nov 2023 14:30:46 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 06 Nov 2023 15:30:45 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 13:43:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651c1a89-ee50"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 06 Nov 2023 15:30:45 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=b18b4a7ee1d44025bf02f5742d2c1f93
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f121de070aa6d63e0ddef92b4c326e46b64d2436539f434af422af53590f577c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 15:16:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65368e64-16141"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 06 Nov 2023 15:30:45 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		130 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
content-encoding
gzip
last-modified
Wed, 01 Nov 2023 15:40:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65427166-20687"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 06 Nov 2023 15:30:45 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		293 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 15:09:23 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6537de23-49456"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 06 Nov 2023 15:30:45 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=5c28b338-8b80-4d11-9ab7-f81d010b1f0d&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=5c28b338-8b80-4d11-9ab7-f81d010b1f0d&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:53 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=5c28b338-8b80-4d11-9ab7-f81d010b1f0d&p_id=23
date
Mon, 06 Nov 2023 14:30:46 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=5dddf150-824f-492c-9ade-1fe74afe8f80&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=5dddf150-824f-492c-9ade-1fe74afe8f80&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=c45cc90a-3a1d-5236-b63d-3063d375c8f4&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=64815808-0e60-493b-bad5-d2adccca1543&p_id=15
0
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Mon, 13 Nov 2023 14:30:45 GMT
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
821e0944f95937ef-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=9739561175&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 06 Nov 2023 14:30:45 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		53 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
484c056599160cd1328dae9492e4c91279c8e888b2f7ad943ae447ea200668c6

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 06 Nov 2023 14:30:45 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebid-request
onetag-sys.com/ 		23 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
59b7ba00c6170e1a890c797cc9cbc41b56543ce632405f6643272f280e6ea01a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
15709
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
bid-request
a.teads.tv/hb/ 		811 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e47569e7537e1efec41068d03f3a689849fa380767294b1cbcf349961ee822e7

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:45 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
348
expires
Mon, 06 Nov 2023 14:30:45 GMT
adreq
ads.servenobid.com/ 		0
0
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
b7da0db3e657e460fc32d3572c8576f410c0c08c7d6661ad84edb40e2df6a95c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:44 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
103
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Nov 2023 14:30:45 GMT
auction
tlx.3lift.com/header/ 		19 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.160.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-160-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:45 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status
29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.254.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-254-34.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
046fd6da69d65ef5095e39f6b6dcdc1d6466bfc9cf62eebe047f172697827899

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 06 Nov 2023 14:30:45 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
c
prebid.a-mo.net/a/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 06 Nov 2023 14:30:45 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		139 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e814fcebd232b1bd6c01f75c6be920e4d3b674a48a20c937a28df2556a90dd04
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:45 GMT
an-x-request-uuid
b2f0da6c-5e0b-4fc3-9514-1da394796bc5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.219.127.190; 80.219.127.190; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
24
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a7acb1d5e2c7d802f11ad0efd1cf8eb7b724f5737f68575ae61ba0e447021bc6

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.1.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		398 B
904 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=2&alt_size_ids=1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=66b971dc-ffa9-45c0-959d-0325bdcc3f41%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E6%9B%BC%E8%B0%B7%E6%96%B0%E4%BA%BA%E5%8E%BB%E5%93%AA%E3%80%8C%E6%8B%8D%E5%A9%9A%E7%B4%97%E3%80%8D%EF%BC%9F%E5%A4%9A%E5%BD%A9%E6%91%A9%E6%B4%9B%E5%93%A5%E9%A2%A8%E6%97%85%E9%A4%A8%E8%B6%85%E5%A4%AF&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=6e12a43b-c81c-432d-ae04-37e53d4b78e4&l_pb_bid_id=837f9e45bb04d65&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=6e12a43b-c81c-432d-ae04-37e53d4b78e4&rp_maxbids=1&slots=1&rand=0.09697234888977357
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
47abe6b0aebcc3f6c94714081c3808aba09cc53eb4944111956de21be699cb00

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:46 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
398
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dafe7c1f3ad5a6b7b798dd0353fdac10e44f901e0062739cadb4d34b594e3b6d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRn5%2Bc3%2FBADS%2BrNCl6rz85tiYYtqhD7sD7VFLLzVJFYhorL%2F1zRT3nV766O9FnwcKOsY%2BFEVFDgUHSutzgfZzgrincUBvxu%2BqEriUbhmB9JhNPrDfKqWh7ewrOdhG%2B%2BsZ0d%2B4Bsv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
821e0945adbd2355-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dafe7c1f3ad5a6b7b798dd0353fdac10e44f901e0062739cadb4d34b594e3b6d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfnSrLOZpE4P2ioBQdMIS94dL62551M3fq6kQoiVxVzJeAHXf%2BimDoQAx3GqpqrVj72exB6RqTyAcMl9eJYHjinLetuLMA9uQrmwePT9yKzbpeBlL6pX4xDu4yxz85IhYEMKBoPc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
821e0945bdc12355-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dafe7c1f3ad5a6b7b798dd0353fdac10e44f901e0062739cadb4d34b594e3b6d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tVeUEFYYiu4W3SlGFBZ%2B%2BU24Y9lt2dcetLUPqO9MbAWOL1yKQwG%2F%2B6TdnVslN28B%2FEvPc1VX5L3Fb5jkKyhA4XHV6AN4%2FjYVMSc8JX0wmZpatpsuqpRBgOLAjY9Djzx8p0v0%2Fd9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
821e0945bdc32355-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231106-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Mon, 06 Nov 2023 14:30:45 GMT
x-amz-request-id
9T8G4R1J257WC6ZV
age
2441
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1699281045.397722,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
59
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
17083
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231106-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Mon, 06 Nov 2023 14:30:45 GMT
x-amz-request-id
AXB48TVMJDNAM2N4
age
9998
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1699281045.397746,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
43
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
15716
generic
match.adsrvr.org/track/cmf/ Frame 9CB3 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
server
Kestrel
content-length
70
content-type
image/gif
a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 9CB3 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.148.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-148-187.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
truncated
/ Frame B918 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b85adb89209d84977a2cfe15dd912a20cbc996f90a689e5b20bb035e3b3fcd4b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B918 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDVyB_MJH_ljd9pq827Pi-nP_t0N7tZdSN8JzxBmJ-flPmNpzaCrDffLIDPX2YjVxSFkCWB6K2hoHWgGvzlK6_pGFrmt2N-FWzyvanced1TNgKPakBzTwfnjeNuFPWq5RYJ733pRaX-GNyyJyYxi3tvFwI02j65F_opt7Zvao62Mzp9vV363QW1zx4bgcMCobUmJSWkr9AOiY_dFlqBIxZn5-8HCgAIb_fVfOPou-MdAYAPcydoHU52Wv6E2vE7uhAoAG-bBTZ0LR11Y18c-uNiX39sUHvPzYW72X2m6eRuYurgY2oI75UtRm7TY3zIz9Pxhy5&sai=AMfl-YTLnRWtRTDVss0Ojacgyz6bgql1LbyagRkFC72CPOZwiP14UoDHeXIaKL3J0rWQgQJS7BsffVB8Hk2zgycTS7pxpTiYsRj8nEbn0kRZXwpo1-5vKKHIVaNpQAq9WX99rIXSR09TKPa0mhyZRTvj&sig=Cg0ArKJSzLlU2ofKV_JIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Nov 2023 14:30:46 GMT
usync.html
eus.rubiconproject.com/ Frame 6956 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Nov 2023 14:30:45 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
L2EvbWFuLWd1LXhpbi1yZW4tcXUtbmEtcGFpLWh1bi1zaGEtZHVvLWNhaS1tby1sdW8tZ2UtZmVuZy1sdS1ndWFuLWNoYW8taGFuZy5odG1s.json
cdn.adpushup.com/42753/ 		555 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvbWFuLWd1LXhpbi1yZW4tcXUtbmEtcGFpLWh1bi1zaGEtZHVvLWNhaS1tby1sdW8tZ2UtZmVuZy1sdS1ndWFuLWNoYW8taGFuZy5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 05 Nov 2024 14:30:46 GMT
date
Mon, 06 Nov 2023 14:29:58 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=-2&tvi48=12019&tvi50=11103&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231106-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
66
date
Mon, 06 Nov 2023 14:30:45 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
59127
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230137-FRA
pragma
no-cache
server
nginx
x-timer
S1699281046.768583,VS0,VE66
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
pips.taboola.com/ 		4 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230127-FRA
date
Mon, 06 Nov 2023 14:30:45 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
img
sync.mathtag.com/sync/ Frame 1AE1 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master cdg cdg-pixel-x31 config_version:"3168" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:30:46 GMT
Server
MT3 1075 283b7e3 master cdg cdg-pixel-x31 config_version:"3168"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 06 Nov 2023 14:30:45 GMT
/
onetag-sys.com/match/ Frame 1AE1
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LON027IV-10-F96X&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LON027IV-10-F96X&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LON027IV-10-F96X&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
/
onetag-sys.com/match/ Frame 1AE1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7069209738041572370
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7069209738041572370
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:46 GMT
an-x-request-uuid
99a29e24-a21d-4090-a9fd-8abf99fd7328
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7069209738041572370
x-proxy-origin
80.219.127.190; 80.219.127.190; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 1AE1
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=4f188bc43cbff39d850495a97db9b7c&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=4f188bc43cbff39d850495a97db9b7c&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 06 Nov 2023 14:30:47 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=4f188bc43cbff39d850495a97db9b7c&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1699281047132070-333
tap.php
pixel.rubiconproject.com/ Frame 1AE1 		42 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=5cxk81p_D-S1RpjR2OjtC5fsH6V5pN6H_eTxxC_QYNk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 1AE1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi6ULDKWx18OK6iiu7ATlwQ56ZrjmTT8nWg
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi6ULDKWx18OK6iiu7ATlwQ56ZrjmTT8nWg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi6ULDKWx18OK6iiu7ATlwQ56ZrjmTT8nWg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 1AE1
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=3230359227279246928
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=3230359227279246928
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=3230359227279246928
date
Mon, 06 Nov 2023 14:30:46 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 1AE1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 1AE1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=a3NPt_1cEvoyYt2m5KbJVr6ilHZWeH9SqzgFVfLht9E
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=a3NPt_1cEvoyYt2m5KbJVr6ilHZWeH9SqzgFVfLht9E
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Nov 2023 14:30:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZEAD50T7XW17WF1WVZRH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=a3NPt_1cEvoyYt2m5KbJVr6ilHZWeH9SqzgFVfLht9E
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
Pug
image2.pubmatic.com/AdServer/ Frame 1AE1
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUJCRDQxQ0MtMzUxMS00MDg1LTlDOEQtRjY2NUMwQzBFRjYz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0
/
onetag-sys.com/match/ Frame 1AE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgkM9PluzuwbQ_nGWXIs7Q&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgkM9PluzuwbQ_nGWXIs7Q&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgkM9PluzuwbQ_nGWXIs7Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 1AE1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
  • https://onetag-sys.com/match/?int_id=92&uid=y-0Z0avONE2uFU6NGaVxtW02XguzEAQZM5cTznFtY-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-0Z0avONE2uFU6NGaVxtW02XguzEAQZM5cTznFtY-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-0Z0avONE2uFU6NGaVxtW02XguzEAQZM5cTznFtY-~A
date
Mon, 06 Nov 2023 14:30:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 1AE1 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:45 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame 1AE1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://ad.360yield.com/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=64815808-0e60-493b-bad5-d2adccca1543&r=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fd...
  • https://ad.360yield.com/ul_cb/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=64815808-0e60-493b-bad5-d2adccca1543&r=https%3A%2F%2Fx.bidswitch.net%2Fsy...
  • https://x.bidswitch.net/sync?dsp_id=446&user_id=413cd1fe-7134-4f0e-8d15-b24bbe02d580&ssp=onetag&gdpr=0&gdpr_consent=&ssp=onetag&bsw_param=64815808-0e60-493b-bad5-d2adccca1543
  • https://onetag-sys.com/match/?int_id=30&uid=64815808-0e60-493b-bad5-d2adccca1543&gdpr=0&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=64815808-0e60-493b-bad5-d2adccca1543&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=64815808-0e60-493b-bad5-d2adccca1543&gdpr=0&gdpr_consent=&us_privacy=
date
Mon, 06 Nov 2023 14:30:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ad.mox.tv/delivery/v2/ Frame 1AE1
Redirect Chain
  • https://ad.mox.tv/delivery/sync?userid=5cxk81p_D-S1RpjR2OjtC5fsH6V5pN6H_eTxxC_QYNk&p_id=5
  • https://ad.mox.tv/delivery/v2/sync?userid=5cxk81p_D-S1RpjR2OjtC5fsH6V5pN6H_eTxxC_QYNk&p_id=5
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/v2/sync?userid=5cxk81p_D-S1RpjR2OjtC5fsH6V5pN6H_eTxxC_QYNk&p_id=5
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:47 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.mox.tv/delivery/v2/sync?userid=5cxk81p_D-S1RpjR2OjtC5fsH6V5pN6H_eTxxC_QYNk&p_id=5
date
Mon, 06 Nov 2023 14:30:47 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
194
content-type
text/html
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame F60C 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
114cdc8589b924431c59ca966326d3a64d994016bdc1204dd569f6c0b4127f60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10059
x-xss-protection
0
server
cafe
etag
16379848247648883499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 14:30:46 GMT
usync.js
eus.rubiconproject.com/ Frame 19E5 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
43b28e8c3e5b0d5d16164fa7f1157715d24011825c1f47bac04607f975b0f3e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:30:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Nov 2023 13:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84241
Connection
keep-alive
Content-Length
13280
Expires
Tue, 07 Nov 2023 13:54:47 GMT
usync.js
eus.rubiconproject.com/ Frame 6956 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
43b28e8c3e5b0d5d16164fa7f1157715d24011825c1f47bac04607f975b0f3e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:30:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Nov 2023 13:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84241
Connection
keep-alive
Content-Length
13280
Expires
Tue, 07 Nov 2023 13:54:47 GMT
usync.html
eus.rubiconproject.com/ Frame 61D8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Nov 2023 14:30:47 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 06 Nov 2023 14:30:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/cf3e1201-5e91-3d67-9887-923d8d5f7a00?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-reV3YnVE2oXuFeXtIvtawtdQwNjtkXJHHhVSdX0-~A&redirect=
0
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Nov 2023 14:30:47 GMT
cache-control
no-store
server
nginx
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-52.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 13:41:30 GMT
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2958
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
s3YsOryckXsNa5k1DtzkX5QiS-gHRxyU6pVDEoAbutOFvoej9TEUmw==
khaos.json
token.rubiconproject.com/ Frame 19E5 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
khaos.json
token.rubiconproject.com/ Frame 6956 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
js
www.googletagmanager.com/gtag/ 		271 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a79a126bb696d3a191508b191f0bb3891d24803a962f9edc1a25fcbf1ccb5916
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91833
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Nov 2023 14:30:46 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F60C 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e41b7c25142a951f4021e46030b3f1f3e7d675871210d605e9e00103b03dbc0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52238
x-xss-protection
0
server
cafe
etag
7308668726940938258
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 14:30:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 14EC 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1377596303454&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 14EC 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1377596303454&version=m202309260101&ct=76&x=1&cor=17809070832505178000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 14EC 		96 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGkk0UKDk5aqmPVlh07uAyEpSwVy8D6PaEcfkuYdwYDD2xX9fD69U2bL_AkPUtHo0pxMrdeM5g76jKBkXsertxW6FoL1VFLVIbIoFJNfUok6qV26PCS9RCNFkbkCeqZaHPRTTNVav8zgNv3glocxUWfp9SZiUFXcS7lH6BvOeJtrnYiUA&dbm_d=AKAmf-CCRkzu8B68YBfMVw-Abgr7OpuEpkOFRRBwphnhV6tfRBx0uQl5i3DpZ2wTQvfMhH6mEVxULk535IjptcfF3luUFJoEHwyUL85skEqynjBu-DyzVFKPinQNQ2m64kfUmxd8Ft7Ht1lbqicqSisJP_uU0BGpIRybRWVarXR3UAG5iwZBzQpj0dTVPcbTUQX2YZ5I1dbk61LRUZ0B_2avCAwBEi3eog5nvuq3dC5-caCcWfwmAPyTz7CLQX6Ct5CxI9iDFYNfEuQ27L7iUxiFocJnXH9psUeoWVT3VrhJwglAS_aCvVVZez7tWzWtcwNV0yuhP-OY90k579lAfbgn9Z21PJLKxxNDHVVChM2dB0EbwNQnaPGd84Td5yjYNWZ1KXqe7ScvY7bvcfSIZce3jPZqyPqEUv1XJHVj3CcqQeb_2wONWiC0AKao8GihP1Js4Q7bB8Y4wBJU2eu9dUJMMkCH8p09bjLOkUZAQK7I-YFhbKh6RS-yV63YbZKpCymq7pfo-fmwKw-chAxZlHnjNdn-LjR7Qli8o6U5gNzUAS8liQ2Y0b0u13ZYlZ081FEb5VGZTBX5kWElEXKBf3Aj7ct0f6VjY0AxojCDLkU431BWzZdSqED2XQXqPUveo8p3lQa5vjsBJZLbuh0MBtD3rovsYc16RZnX9gTe3DSC0lt89UPhC7sQTh8mKN99NKJ2z2LvGkuX6yD9-QUVmqZXxn_sIgxUD6pn8ZNFdgNchjo3yM_cET-kRJJ1Klp_42n28DCdwVneOigC1kqEet2Bv4oxT1Zguc48OqkmsP32FYj5xd88Tv2EWaHXGDVi6A47b5ftlR0BacdfVtYdnCT6KyJNOLQio3qz_H3kytD6oYkO9XSMVlNRzQPapGk1WsF2CBx4KAi40_DF3Gb2s6OV_Nin2Sy9p9-cYaM5MOP8CQMNPWF9NoiFXKqyX9cynIHTV0ede2D3xujyC3UhVtg8jK6SbZzCHxc69rEnOXfgR8xDcvHFlcIxyeDz-E3ovymixs-KTZsHe9RBGbjb3D9p4IfuYQujrxpRFfEg9IrMw_QUcwnbiJjpf4Wnc-cxtJpLU-Tj0AFl_DcYUcISyQvPAqqOlP27huDWzSNpP-To18nR8cqCA56kV00dbHAnL5KUTIcKdIH6Ycbl__PNWPMNdno2l6M3Qtu4Oyq_1xvT6bQ_GP3foH-Guov-EQDcKI84d8FGs_ZK9NKXrIsT9lbAHvsPloHk-hvMi3_Hl_ABvtF7IsI0RlMHim1L-hMenAhbrWrgH-Jl5QzPc00MiISu0bkDNcFmM0BBW9pLZ81DSpjwl3RJbb86x3SmEIRmKCkFc6v7us4n9biDNk9kzeLteHPsOmDqtcaEiSNMSOL3DC2flE9TgBI0lgg5SsIxt3q4nb1GBPnj6704Yyv1LQvJop83RD5EHnU84dT3ihbOtv-hVicX0Z8MAEEfZ_dbmfylP3sz78X0JMXMA3Bt3QqOlUZm85lfAretzblSTzWpzEcp11sAcoaGYnYoL5iZjlGFUbZ7vZzNAEKtDuHYOLJa29XCAKccvFU9QmqSu17hiWFuaGtbzRkssOwvRcy1gkwB7dsXn6K4JNm92oEo6-9GOcb4LgYsUhzBsLg89FSRMnNW9_9ddHDCaiMsCoBFJfmOTktkd_1sC6xDsOKeK9sztSPJUT02RgcRBQAIxS3RP4Go3mlwAyZXyY8cNxpNm674PubI0KXThE5xt1BH1pXIVbw7gaF40veF4B9swftb0_xyWmPRppLuFBqp7GJnkQYeS9tUTqdPXTlZOczhhldRby8WNUPKbNhjwCiJSZTbLnMIJUEkOjSj7sKA1kzZQd6nDgOXG41WiFjhA7i1WyIyz2bHK2mdvbO_ixXMfaDmBN1Aoxbcbe6XvtuEiBbl5wXg-SCTMSTvpT5qy9edShfNS70KCK3pjjfZJKcCJn7nt1wS4aBkvFwoXal5HTJNbS6-zBpK6-3wiGkI2KlvksoGpSHFy2cEzgBWKklD69AYJxufjGdRGpijZpAH3YcqWiB3bGPgxFlp65uvuLYsVIKaMokzzL_qtRIq0O4HOBE5nG_GlGNMhXmJiOOd-6jabUSAYxenlH2lgkmc7QVVZvt1aAlli-4pC_FVB7SXvQeLd1BHp3EheSkG_FOP9oDuKhvJ6KfQg0kvc4D3O2bIk3vmjsGgyYt6eHm8x9Z5uap5vi0Wh5KDAgLNvVV9UAo2Rj5GT_JBON5h_m69C3ufAZu8g7N4JUN2vjS9ca7Hpet6rK0Qt77E2-99zTHI5ptCjdiajUMb1HRujIKQizGMHUIQHlgDbvl7xo5ab0trbbbNbz_BfAcvkYFlECvTdlF2_uegYsnVU6MepN3U_CUiIt60a8XCKzaEOV8RbVwIiwWmRr2hmUg-bOjowIiUbhGygD-a7Iuaq7EngP6oNbry3FznE3Nf37PIl5IjauqyWXK2hjbsPI8Cqihr8rRSzp3ivmsIycORXC99KYha8zzHnsqOgOj6tKhcaBsytYpTXx-ynideMoWPGP0nf3Qg6MEgL7mLQB5fhPG6cK4RLHQXfOpL0LiOUrhsTnEofMU95tzWT8XsU671J1pV8kCPdt4xth12BRn1Kv25DhovzlgJDaQd8xXokLtnlSDHRlLqobPHBWhMo5c8vkz3sCHiYafVlCKmSmXYjp1kN5ntItxaXMIugLaJTvgwvjXwWt8lG8YXdomWJvO-0je1cqrVqi24rgRUtCZR-P3l6eXzeuF8wLyM3vK2XGY0sDNql8ANC1aACK4MRDopNLad6Cwk8IbqSNY6AZITp6tiXC9xOBEAeFZMCU4ZKVquGnmTtxIL-bessS-pElhU369qbwStJWfhQ8c0qeft4_UFLSopRl3kGEexSLWS51q4afw6G6MX8ulltayFkUZWGyQ2615cNs_by4QzMbaBeHphbSICYYMOEI9HUEHv6kWMHE0ksr6jeQpNsCN0p5tRJmkqe8fUe3HU5Ohrom6j8_1Pp9NBuvEQOOc2bpeHcLVGoTwqBwK2qf8z5mcwaa2cNK3ynzzVyzwq85rznA3DJKJkaMwTTgIWoBGn2WvMI-rJa5VJoS1rvix5bCV07GGEtc9SeSqnn68y-1kGXl_7JkHmEMdbjWLB932aZzjqwikt3muyLTBmuLdtyxCGoGb02LjggEBF_V3NIfxDLTQL9EDmZ5m50TvP9atFHrMjL_nbz0ua4tnhDMJlJ1BaCnrHzIS8Ij4Y9r8c3t6GD8Qt0-kPAtAULuu2ksXIzsQx1UZEmrB3G2RSb2AWWbzcH9h0yG3R0aQmrbMr1s3anoWa4MOd4S1kOp535krizfennCLhtefUrW6bV8UeaYc3dkCjASqegpZ9okjyyHYaN8U4dru8qgzyh3FYyFTZ-ZOFMbLmX4H-e-VteNNlzyyzHIY2ekfAzpXE807B1y6gpVMHylQm1BubabuGlERnMsqHcv9utnmi69q7qL6tlC5Q-PKlNWcvxBl5jw79gpfoeuCLHcGMYLMHEEv32kDdTnTwmE6AHMG88LE-VUeQvjQ0bdF0C-3NNmVgDzlYbzATOzGmsi_m-4ifZ9uoYWCSsyrPQI4nMDgpDxLKZMiyl2AauT-aAbXPlSQNUWyh4pgwVLeu6RWRhGyroQH7BamVYYYmjIWK4Sm4-8Gfz7chyoxA4LIDieuUhU4jvuXYogKk1SESZx-Ay4tEBgkv-7EHa_7DXqF0bp-oPqVmR0I1zGrbVD5zU8YFvUcPpH_Rp_rs4FL11HYqBOTdg0LAJr369SJ3xuR3niLsJDqDDQW6o5HJ4IXKE8j7cp2Ht31uItxIdt8E68xL57aIxD-qf2ISq4AORlMQUIvE1SvdPGP5RPqpthPxT3bpHhNbJiJvFrXNA_cmorNUraRuIZ1RLkQyYOnLpgvGXw&cid=CAQSPADICaaNxS8-ENiP8Cz3PJysb3935WDSimiNPkztZ8mhKV9JwsInYtTqtFnLXqaIQxbeSapN0ivOpWbkbRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=17809070832505178000&adk=1877897943&idt=1804&cac=0&dtd=32
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a852b50993fb4f7c1557594df0d2ace0b25322e34901fe6dca6399833a2df6b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40346
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b11v886690812&_p=1699281041892&gcd=11l1l1l1l1&cid=116137940.1699281043&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699281046&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&dt=%E6%9B%BC%E8%B0%B7%E6%96%B0%E4%BA%BA%E5%8E%BB%E5%93%AA%E3%80%8C%E6%8B%8D%E5%A9%9A%E7%B4%97%E3%80%8D%EF%BC%9F%E5%A4%9A%E5%BD%A9%E6%91%A9%E6%B4%9B%E5%93%A5%E9%A2%A8%E6%97%85%E9%A4%A8%E8%B6%85%E5%A4%AF%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success&tfd=9727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9tYW4tZ3UteGluLXJlbi1xdS1uYS1wYWktaHVuLXNoYS1kdW8tY2FpLW1vLWx1by1nZS1mZW5nLWx1LWd1YW4tY2hhby1oYW5nLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS0xM2YxNjk3NS02M2Q0LTQ2MWItOTEyOS04NjQ2YzBmNDgxODkiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6Ijk5OTE4ZGNkLWVjZWUtNDM0NS1iZDc5LWZjNWRlZTQ2ZjAyYyIsInRpbWVPZkF1Y3Rpb24iOjE2OTkyODEwNDQzNzIsImJpZHMiOlt7ImNwbSI6MC4wNCwiYWRJZCI6Ijg5NDE0Mzc2Yjg0MjM1OCIsIm9yaWdpbmFsQ3BtIjowLjA0LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjc0MywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTkyODEwNDUxMzl9LHsiY3BtIjowLjA0MDM1OTcyODQ3NDk5OTk5NSwiYWRJZCI6IjkwNTNhM2VmMTAzMTIxYyIsIm9yaWdpbmFsQ3BtIjowLjA0MDM1OTcyODQ3NDk5OTk5NSwiYmlkZGVyIjoib25ldGFnIiwicmV2ZW51ZSI6MC4wMDAwNDAzNTk3Mjg0NzQ5OTk5OSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MTI1OSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTkyODEwNDU2OTd9LHsiY3BtIjowLjEsImFkSWQiOiI5MWFlYTczZTMxZjE2ZjQiLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MTI3MiwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTkyODEwNDU3MDZ9LHsiY3BtIjowLjEsImFkSWQiOiI5MjdkNGZjZDAwOTZjNTEiLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MTI3MywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTkyODEwNDU3MDd9LHsiY3BtIjowLjEsImFkSWQiOiI5M2I2OTI0MGNhZjViNDIiLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MTI3MywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTkyODEwNDU3MDd9LHsiY3BtIjowLjEsImFkSWQiOiI5NGE5ODVkYWM0YjA2NTkiLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MTI3NCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTkyODEwNDU3MDh9LHsiY3BtIjowLjEsImFkSWQiOiI5NWY3ZTIyZGQxZWI3MGYiLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MTI3NCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTkyODEwNDU3MDh9LHsiY3BtIjowLjA2MzgwMSwiYWRJZCI6Ijk4ZjE0MTQ5NGJhNDBmNyIsIm9yaWdpbmFsQ3BtIjowLjA3NTA2LCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwNjM4MDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjEyNzIsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk5MjgxMDQ1NzE3fSx7ImNwbSI6MC4wNSwiYWRJZCI6IjEwMGUyOGVlYjY3ODNmMTIiLCJvcmlnaW5hbENwbSI6MC4wNSwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDUsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjE4NDAsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk5MjgxMDQ2MjY4fV0sInRpbWVkT3V0QmlkZGVycyI6WyJjcml0ZW8iXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoidGVhZHMiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6IjkxYWVhNzNlMzFmMTZmNCIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAxfV0sImNvdW50cnkiOiJDSCJ9&c_b=9764.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:47 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		207 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=23128242472952&correlator=1853571447573531&eid=31079466%2C31079419&output=ldjh&gdfp_req=1&vrg=202311010101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&arp=1&abxe=1&dt=1699281047016&lmt=1699281047&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&ga_vid=116137940.1699281043&ga_sid=1699281043&ga_hid=1947783032&ga_fc=true&dlt=1699281041825&idt=1454&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26refresh27Split%3Drefresh_experiment_3_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.10%26hb_ap_adid%3D91aea73e31f16f4%26hb_ap_bidder%3Dteads%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv8_c&adks=2102018513&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
f66a1b38e9b220da5b6a1134785acfc1890a1c94eb0a00b8d0d0bb9ce5647b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53501
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1699281047022&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=146687346&pt=447812496&tz=60&viewable=true&ddast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!dfrc_vB!eidc_vA!lvlstst-in2_vA!lvlstst1_vA!pl146687-346_vB!t45!t45!ufm_vD!v146687h_vC&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Mon, 06 Nov 2023 14:30:47 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1477
x-cache
MISS
x-served-by
cache-fra-eddf8230137-FRA
pragma
no-cache
server
nginx
x-timer
S1699281047.075277,VS0,VE58
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 02B4 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGNn-0_oBMAE&v=APEucNVWkfaMWrTL7yYsGE_W6nAP8K1VDHGIwN_mr77MGyCOd0sj4zvLpq1B9ig_h-IIDvIhKZk_CJoOA_eCpv-8g1PDH9ngrA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 02B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtqCFUSs_T7OaToq6vFbvc&google_cver=1
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtqCFUSs_T7OaToq6vFbvc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGNn-0_oBMAE&v=APEucNVWkfaMWrTL7yYsGE_W6nAP8K1VDHGIwN_mr77MGyCOd0sj4zvLpq1B9ig_h-IIDvIhKZk_CJoOA_eCpv-8g1PDH9ngrA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05MnfCV6Wte0otLamwM%2FrCdbBuZlVQERr9aY37ASzAqnQ8%2FLqnJchYnDuG8xcmhhp4LM4KbStLcD%2FtH5CHriU2OODTJnVvzXhqg5TDzYJ65H%2FnYHMTIikxToQzpkgb%2B3yr3MtuUmRZth1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
821e09519f542355-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtqCFUSs_T7OaToq6vFbvc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 02B4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUj4ly0uyDqVghiSXC.figAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtqCFUSs_T7OaToq6vFbvc&google_cver=1&google_hm=2
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtqCFUSs_T7OaToq6vFbvc&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGNn-0_oBMAE&v=APEucNVWkfaMWrTL7yYsGE_W6nAP8K1VDHGIwN_mr77MGyCOd0sj4zvLpq1B9ig_h-IIDvIhKZk_CJoOA_eCpv-8g1PDH9ngrA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWqWff2RMvbqCUK9Gurt2Yb3nKhLlyDCD8EJ74l56P3XRSqqgtMVfu2W2yc7sMh9e1AlAg2BxlbZ4RNP1CkW7mIYl%2BMUmx4FtIQB5HTsl3U42l%2FYuVaF7jhAk0cgdqvaE9ie%2BjFiyNbwLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
821e09536a4d2355-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtqCFUSs_T7OaToq6vFbvc&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adxprebid.1.2.aspx
inv-nets.admixer.net/ 		0
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxprebid.1.2.aspx
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.171.184.235.167.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 06 Nov 2023 14:30:47 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
x-xss-protection
0
p3p
CP="NID DSP ALL COR"
prebid-request
onetag-sys.com/ 		15 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 14EC 		0
0
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 14EC 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGkk0UKDk5aqmPVlh07uAyEpSwVy8D6PaEcfkuYdwYDD2xX9fD69U2bL_AkPUtHo0pxMrdeM5g76jKBkXsertxW6FoL1VFLVIbIoFJNfUok6qV26PCS9RCNFkbkCeqZaHPRTTNVav8zgNv3glocxUWfp9SZiUFXcS7lH6BvOeJtrnYiUA&dbm_d=AKAmf-CCRkzu8B68YBfMVw-Abgr7OpuEpkOFRRBwphnhV6tfRBx0uQl5i3DpZ2wTQvfMhH6mEVxULk535IjptcfF3luUFJoEHwyUL85skEqynjBu-DyzVFKPinQNQ2m64kfUmxd8Ft7Ht1lbqicqSisJP_uU0BGpIRybRWVarXR3UAG5iwZBzQpj0dTVPcbTUQX2YZ5I1dbk61LRUZ0B_2avCAwBEi3eog5nvuq3dC5-caCcWfwmAPyTz7CLQX6Ct5CxI9iDFYNfEuQ27L7iUxiFocJnXH9psUeoWVT3VrhJwglAS_aCvVVZez7tWzWtcwNV0yuhP-OY90k579lAfbgn9Z21PJLKxxNDHVVChM2dB0EbwNQnaPGd84Td5yjYNWZ1KXqe7ScvY7bvcfSIZce3jPZqyPqEUv1XJHVj3CcqQeb_2wONWiC0AKao8GihP1Js4Q7bB8Y4wBJU2eu9dUJMMkCH8p09bjLOkUZAQK7I-YFhbKh6RS-yV63YbZKpCymq7pfo-fmwKw-chAxZlHnjNdn-LjR7Qli8o6U5gNzUAS8liQ2Y0b0u13ZYlZ081FEb5VGZTBX5kWElEXKBf3Aj7ct0f6VjY0AxojCDLkU431BWzZdSqED2XQXqPUveo8p3lQa5vjsBJZLbuh0MBtD3rovsYc16RZnX9gTe3DSC0lt89UPhC7sQTh8mKN99NKJ2z2LvGkuX6yD9-QUVmqZXxn_sIgxUD6pn8ZNFdgNchjo3yM_cET-kRJJ1Klp_42n28DCdwVneOigC1kqEet2Bv4oxT1Zguc48OqkmsP32FYj5xd88Tv2EWaHXGDVi6A47b5ftlR0BacdfVtYdnCT6KyJNOLQio3qz_H3kytD6oYkO9XSMVlNRzQPapGk1WsF2CBx4KAi40_DF3Gb2s6OV_Nin2Sy9p9-cYaM5MOP8CQMNPWF9NoiFXKqyX9cynIHTV0ede2D3xujyC3UhVtg8jK6SbZzCHxc69rEnOXfgR8xDcvHFlcIxyeDz-E3ovymixs-KTZsHe9RBGbjb3D9p4IfuYQujrxpRFfEg9IrMw_QUcwnbiJjpf4Wnc-cxtJpLU-Tj0AFl_DcYUcISyQvPAqqOlP27huDWzSNpP-To18nR8cqCA56kV00dbHAnL5KUTIcKdIH6Ycbl__PNWPMNdno2l6M3Qtu4Oyq_1xvT6bQ_GP3foH-Guov-EQDcKI84d8FGs_ZK9NKXrIsT9lbAHvsPloHk-hvMi3_Hl_ABvtF7IsI0RlMHim1L-hMenAhbrWrgH-Jl5QzPc00MiISu0bkDNcFmM0BBW9pLZ81DSpjwl3RJbb86x3SmEIRmKCkFc6v7us4n9biDNk9kzeLteHPsOmDqtcaEiSNMSOL3DC2flE9TgBI0lgg5SsIxt3q4nb1GBPnj6704Yyv1LQvJop83RD5EHnU84dT3ihbOtv-hVicX0Z8MAEEfZ_dbmfylP3sz78X0JMXMA3Bt3QqOlUZm85lfAretzblSTzWpzEcp11sAcoaGYnYoL5iZjlGFUbZ7vZzNAEKtDuHYOLJa29XCAKccvFU9QmqSu17hiWFuaGtbzRkssOwvRcy1gkwB7dsXn6K4JNm92oEo6-9GOcb4LgYsUhzBsLg89FSRMnNW9_9ddHDCaiMsCoBFJfmOTktkd_1sC6xDsOKeK9sztSPJUT02RgcRBQAIxS3RP4Go3mlwAyZXyY8cNxpNm674PubI0KXThE5xt1BH1pXIVbw7gaF40veF4B9swftb0_xyWmPRppLuFBqp7GJnkQYeS9tUTqdPXTlZOczhhldRby8WNUPKbNhjwCiJSZTbLnMIJUEkOjSj7sKA1kzZQd6nDgOXG41WiFjhA7i1WyIyz2bHK2mdvbO_ixXMfaDmBN1Aoxbcbe6XvtuEiBbl5wXg-SCTMSTvpT5qy9edShfNS70KCK3pjjfZJKcCJn7nt1wS4aBkvFwoXal5HTJNbS6-zBpK6-3wiGkI2KlvksoGpSHFy2cEzgBWKklD69AYJxufjGdRGpijZpAH3YcqWiB3bGPgxFlp65uvuLYsVIKaMokzzL_qtRIq0O4HOBE5nG_GlGNMhXmJiOOd-6jabUSAYxenlH2lgkmc7QVVZvt1aAlli-4pC_FVB7SXvQeLd1BHp3EheSkG_FOP9oDuKhvJ6KfQg0kvc4D3O2bIk3vmjsGgyYt6eHm8x9Z5uap5vi0Wh5KDAgLNvVV9UAo2Rj5GT_JBON5h_m69C3ufAZu8g7N4JUN2vjS9ca7Hpet6rK0Qt77E2-99zTHI5ptCjdiajUMb1HRujIKQizGMHUIQHlgDbvl7xo5ab0trbbbNbz_BfAcvkYFlECvTdlF2_uegYsnVU6MepN3U_CUiIt60a8XCKzaEOV8RbVwIiwWmRr2hmUg-bOjowIiUbhGygD-a7Iuaq7EngP6oNbry3FznE3Nf37PIl5IjauqyWXK2hjbsPI8Cqihr8rRSzp3ivmsIycORXC99KYha8zzHnsqOgOj6tKhcaBsytYpTXx-ynideMoWPGP0nf3Qg6MEgL7mLQB5fhPG6cK4RLHQXfOpL0LiOUrhsTnEofMU95tzWT8XsU671J1pV8kCPdt4xth12BRn1Kv25DhovzlgJDaQd8xXokLtnlSDHRlLqobPHBWhMo5c8vkz3sCHiYafVlCKmSmXYjp1kN5ntItxaXMIugLaJTvgwvjXwWt8lG8YXdomWJvO-0je1cqrVqi24rgRUtCZR-P3l6eXzeuF8wLyM3vK2XGY0sDNql8ANC1aACK4MRDopNLad6Cwk8IbqSNY6AZITp6tiXC9xOBEAeFZMCU4ZKVquGnmTtxIL-bessS-pElhU369qbwStJWfhQ8c0qeft4_UFLSopRl3kGEexSLWS51q4afw6G6MX8ulltayFkUZWGyQ2615cNs_by4QzMbaBeHphbSICYYMOEI9HUEHv6kWMHE0ksr6jeQpNsCN0p5tRJmkqe8fUe3HU5Ohrom6j8_1Pp9NBuvEQOOc2bpeHcLVGoTwqBwK2qf8z5mcwaa2cNK3ynzzVyzwq85rznA3DJKJkaMwTTgIWoBGn2WvMI-rJa5VJoS1rvix5bCV07GGEtc9SeSqnn68y-1kGXl_7JkHmEMdbjWLB932aZzjqwikt3muyLTBmuLdtyxCGoGb02LjggEBF_V3NIfxDLTQL9EDmZ5m50TvP9atFHrMjL_nbz0ua4tnhDMJlJ1BaCnrHzIS8Ij4Y9r8c3t6GD8Qt0-kPAtAULuu2ksXIzsQx1UZEmrB3G2RSb2AWWbzcH9h0yG3R0aQmrbMr1s3anoWa4MOd4S1kOp535krizfennCLhtefUrW6bV8UeaYc3dkCjASqegpZ9okjyyHYaN8U4dru8qgzyh3FYyFTZ-ZOFMbLmX4H-e-VteNNlzyyzHIY2ekfAzpXE807B1y6gpVMHylQm1BubabuGlERnMsqHcv9utnmi69q7qL6tlC5Q-PKlNWcvxBl5jw79gpfoeuCLHcGMYLMHEEv32kDdTnTwmE6AHMG88LE-VUeQvjQ0bdF0C-3NNmVgDzlYbzATOzGmsi_m-4ifZ9uoYWCSsyrPQI4nMDgpDxLKZMiyl2AauT-aAbXPlSQNUWyh4pgwVLeu6RWRhGyroQH7BamVYYYmjIWK4Sm4-8Gfz7chyoxA4LIDieuUhU4jvuXYogKk1SESZx-Ay4tEBgkv-7EHa_7DXqF0bp-oPqVmR0I1zGrbVD5zU8YFvUcPpH_Rp_rs4FL11HYqBOTdg0LAJr369SJ3xuR3niLsJDqDDQW6o5HJ4IXKE8j7cp2Ht31uItxIdt8E68xL57aIxD-qf2ISq4AORlMQUIvE1SvdPGP5RPqpthPxT3bpHhNbJiJvFrXNA_cmorNUraRuIZ1RLkQyYOnLpgvGXw&cid=CAQSPADICaaNxS8-ENiP8Cz3PJysb3935WDSimiNPkztZ8mhKV9JwsInYtTqtFnLXqaIQxbeSapN0ivOpWbkbRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=17809070832505178000&adk=1877897943&idt=1804&cac=0&dtd=32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:24:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
68786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:24:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 14EC 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGkk0UKDk5aqmPVlh07uAyEpSwVy8D6PaEcfkuYdwYDD2xX9fD69U2bL_AkPUtHo0pxMrdeM5g76jKBkXsertxW6FoL1VFLVIbIoFJNfUok6qV26PCS9RCNFkbkCeqZaHPRTTNVav8zgNv3glocxUWfp9SZiUFXcS7lH6BvOeJtrnYiUA&dbm_d=AKAmf-CCRkzu8B68YBfMVw-Abgr7OpuEpkOFRRBwphnhV6tfRBx0uQl5i3DpZ2wTQvfMhH6mEVxULk535IjptcfF3luUFJoEHwyUL85skEqynjBu-DyzVFKPinQNQ2m64kfUmxd8Ft7Ht1lbqicqSisJP_uU0BGpIRybRWVarXR3UAG5iwZBzQpj0dTVPcbTUQX2YZ5I1dbk61LRUZ0B_2avCAwBEi3eog5nvuq3dC5-caCcWfwmAPyTz7CLQX6Ct5CxI9iDFYNfEuQ27L7iUxiFocJnXH9psUeoWVT3VrhJwglAS_aCvVVZez7tWzWtcwNV0yuhP-OY90k579lAfbgn9Z21PJLKxxNDHVVChM2dB0EbwNQnaPGd84Td5yjYNWZ1KXqe7ScvY7bvcfSIZce3jPZqyPqEUv1XJHVj3CcqQeb_2wONWiC0AKao8GihP1Js4Q7bB8Y4wBJU2eu9dUJMMkCH8p09bjLOkUZAQK7I-YFhbKh6RS-yV63YbZKpCymq7pfo-fmwKw-chAxZlHnjNdn-LjR7Qli8o6U5gNzUAS8liQ2Y0b0u13ZYlZ081FEb5VGZTBX5kWElEXKBf3Aj7ct0f6VjY0AxojCDLkU431BWzZdSqED2XQXqPUveo8p3lQa5vjsBJZLbuh0MBtD3rovsYc16RZnX9gTe3DSC0lt89UPhC7sQTh8mKN99NKJ2z2LvGkuX6yD9-QUVmqZXxn_sIgxUD6pn8ZNFdgNchjo3yM_cET-kRJJ1Klp_42n28DCdwVneOigC1kqEet2Bv4oxT1Zguc48OqkmsP32FYj5xd88Tv2EWaHXGDVi6A47b5ftlR0BacdfVtYdnCT6KyJNOLQio3qz_H3kytD6oYkO9XSMVlNRzQPapGk1WsF2CBx4KAi40_DF3Gb2s6OV_Nin2Sy9p9-cYaM5MOP8CQMNPWF9NoiFXKqyX9cynIHTV0ede2D3xujyC3UhVtg8jK6SbZzCHxc69rEnOXfgR8xDcvHFlcIxyeDz-E3ovymixs-KTZsHe9RBGbjb3D9p4IfuYQujrxpRFfEg9IrMw_QUcwnbiJjpf4Wnc-cxtJpLU-Tj0AFl_DcYUcISyQvPAqqOlP27huDWzSNpP-To18nR8cqCA56kV00dbHAnL5KUTIcKdIH6Ycbl__PNWPMNdno2l6M3Qtu4Oyq_1xvT6bQ_GP3foH-Guov-EQDcKI84d8FGs_ZK9NKXrIsT9lbAHvsPloHk-hvMi3_Hl_ABvtF7IsI0RlMHim1L-hMenAhbrWrgH-Jl5QzPc00MiISu0bkDNcFmM0BBW9pLZ81DSpjwl3RJbb86x3SmEIRmKCkFc6v7us4n9biDNk9kzeLteHPsOmDqtcaEiSNMSOL3DC2flE9TgBI0lgg5SsIxt3q4nb1GBPnj6704Yyv1LQvJop83RD5EHnU84dT3ihbOtv-hVicX0Z8MAEEfZ_dbmfylP3sz78X0JMXMA3Bt3QqOlUZm85lfAretzblSTzWpzEcp11sAcoaGYnYoL5iZjlGFUbZ7vZzNAEKtDuHYOLJa29XCAKccvFU9QmqSu17hiWFuaGtbzRkssOwvRcy1gkwB7dsXn6K4JNm92oEo6-9GOcb4LgYsUhzBsLg89FSRMnNW9_9ddHDCaiMsCoBFJfmOTktkd_1sC6xDsOKeK9sztSPJUT02RgcRBQAIxS3RP4Go3mlwAyZXyY8cNxpNm674PubI0KXThE5xt1BH1pXIVbw7gaF40veF4B9swftb0_xyWmPRppLuFBqp7GJnkQYeS9tUTqdPXTlZOczhhldRby8WNUPKbNhjwCiJSZTbLnMIJUEkOjSj7sKA1kzZQd6nDgOXG41WiFjhA7i1WyIyz2bHK2mdvbO_ixXMfaDmBN1Aoxbcbe6XvtuEiBbl5wXg-SCTMSTvpT5qy9edShfNS70KCK3pjjfZJKcCJn7nt1wS4aBkvFwoXal5HTJNbS6-zBpK6-3wiGkI2KlvksoGpSHFy2cEzgBWKklD69AYJxufjGdRGpijZpAH3YcqWiB3bGPgxFlp65uvuLYsVIKaMokzzL_qtRIq0O4HOBE5nG_GlGNMhXmJiOOd-6jabUSAYxenlH2lgkmc7QVVZvt1aAlli-4pC_FVB7SXvQeLd1BHp3EheSkG_FOP9oDuKhvJ6KfQg0kvc4D3O2bIk3vmjsGgyYt6eHm8x9Z5uap5vi0Wh5KDAgLNvVV9UAo2Rj5GT_JBON5h_m69C3ufAZu8g7N4JUN2vjS9ca7Hpet6rK0Qt77E2-99zTHI5ptCjdiajUMb1HRujIKQizGMHUIQHlgDbvl7xo5ab0trbbbNbz_BfAcvkYFlECvTdlF2_uegYsnVU6MepN3U_CUiIt60a8XCKzaEOV8RbVwIiwWmRr2hmUg-bOjowIiUbhGygD-a7Iuaq7EngP6oNbry3FznE3Nf37PIl5IjauqyWXK2hjbsPI8Cqihr8rRSzp3ivmsIycORXC99KYha8zzHnsqOgOj6tKhcaBsytYpTXx-ynideMoWPGP0nf3Qg6MEgL7mLQB5fhPG6cK4RLHQXfOpL0LiOUrhsTnEofMU95tzWT8XsU671J1pV8kCPdt4xth12BRn1Kv25DhovzlgJDaQd8xXokLtnlSDHRlLqobPHBWhMo5c8vkz3sCHiYafVlCKmSmXYjp1kN5ntItxaXMIugLaJTvgwvjXwWt8lG8YXdomWJvO-0je1cqrVqi24rgRUtCZR-P3l6eXzeuF8wLyM3vK2XGY0sDNql8ANC1aACK4MRDopNLad6Cwk8IbqSNY6AZITp6tiXC9xOBEAeFZMCU4ZKVquGnmTtxIL-bessS-pElhU369qbwStJWfhQ8c0qeft4_UFLSopRl3kGEexSLWS51q4afw6G6MX8ulltayFkUZWGyQ2615cNs_by4QzMbaBeHphbSICYYMOEI9HUEHv6kWMHE0ksr6jeQpNsCN0p5tRJmkqe8fUe3HU5Ohrom6j8_1Pp9NBuvEQOOc2bpeHcLVGoTwqBwK2qf8z5mcwaa2cNK3ynzzVyzwq85rznA3DJKJkaMwTTgIWoBGn2WvMI-rJa5VJoS1rvix5bCV07GGEtc9SeSqnn68y-1kGXl_7JkHmEMdbjWLB932aZzjqwikt3muyLTBmuLdtyxCGoGb02LjggEBF_V3NIfxDLTQL9EDmZ5m50TvP9atFHrMjL_nbz0ua4tnhDMJlJ1BaCnrHzIS8Ij4Y9r8c3t6GD8Qt0-kPAtAULuu2ksXIzsQx1UZEmrB3G2RSb2AWWbzcH9h0yG3R0aQmrbMr1s3anoWa4MOd4S1kOp535krizfennCLhtefUrW6bV8UeaYc3dkCjASqegpZ9okjyyHYaN8U4dru8qgzyh3FYyFTZ-ZOFMbLmX4H-e-VteNNlzyyzHIY2ekfAzpXE807B1y6gpVMHylQm1BubabuGlERnMsqHcv9utnmi69q7qL6tlC5Q-PKlNWcvxBl5jw79gpfoeuCLHcGMYLMHEEv32kDdTnTwmE6AHMG88LE-VUeQvjQ0bdF0C-3NNmVgDzlYbzATOzGmsi_m-4ifZ9uoYWCSsyrPQI4nMDgpDxLKZMiyl2AauT-aAbXPlSQNUWyh4pgwVLeu6RWRhGyroQH7BamVYYYmjIWK4Sm4-8Gfz7chyoxA4LIDieuUhU4jvuXYogKk1SESZx-Ay4tEBgkv-7EHa_7DXqF0bp-oPqVmR0I1zGrbVD5zU8YFvUcPpH_Rp_rs4FL11HYqBOTdg0LAJr369SJ3xuR3niLsJDqDDQW6o5HJ4IXKE8j7cp2Ht31uItxIdt8E68xL57aIxD-qf2ISq4AORlMQUIvE1SvdPGP5RPqpthPxT3bpHhNbJiJvFrXNA_cmorNUraRuIZ1RLkQyYOnLpgvGXw&cid=CAQSPADICaaNxS8-ENiP8Cz3PJysb3935WDSimiNPkztZ8mhKV9JwsInYtTqtFnLXqaIQxbeSapN0ivOpWbkbRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=17809070832505178000&adk=1877897943&idt=1804&cac=0&dtd=32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:26:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
29065
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11960
x-xss-protection
0
server
cafe
etag
17132697034905592634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 06:26:22 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 14EC 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 02:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
389301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 02:22:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 955E 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
29022
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 06:27:05 GMT
etag
48472445140208031
expires
Tue, 07 Nov 2023 06:27:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 61D8 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
43b28e8c3e5b0d5d16164fa7f1157715d24011825c1f47bac04607f975b0f3e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:30:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Nov 2023 13:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84240
Connection
keep-alive
Content-Length
13280
Expires
Tue, 07 Nov 2023 13:54:47 GMT
pixel;r=1194806254;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1194806254;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-2071036473-1699281046191;pbc=66b971dc-ffa9-45c0-959d-0325bdcc3f41;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1699281047360;tzo=-60;ogl=;ses=039f667a-7915-4b4e-82d0-e7242495e51d;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 672B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
281787
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 08:14:20 GMT
expires
Sat, 02 Nov 2024 08:14:20 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 955E 		0
0
adxcookie
match.adsby.bidtheatre.com/ Frame 955E 		0
0
/
c1.adform.net/serving/cookie/match/ Frame 955E 		0
0
pixel
cm.g.doubleclick.net/ Frame 955E
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEDmLmu1msX7kWHitymUEEB4&google_cver=1&google_push=AXcoOmQKiIVYAjPytuQsSjIPjjKG1dc8WI_ZsiHyiSKvO9Wf_7fqw3Bhh-3uL9AgUT1t6xD-PwuHH24udfvBbQoL_pihGf89cxEYpg
  • https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEDmLmu1msX7kWHitymUEEB4&google_push=AXcoOmQKiIVYAjPytuQsSjIPjjKG1dc8WI_ZsiHyiSKvO9Wf_7fqw3Bhh-3uL9AgUT1t6xD-PwuHH24udfvBbQoL_pihGf89cxEYp...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQKiIVYAjPytuQsSjIPjjKG1dc8WI_ZsiHyiSKvO9Wf_7fqw3Bhh-3uL9AgUT1t6xD-PwuHH24udfvBbQoL_pihGf89cxEYpg&google_hm=g8U5aOZqz8svN7gM-Ac0Pg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQKiIVYAjPytuQsSjIPjjKG1dc8WI_ZsiHyiSKvO9Wf_7fqw3Bhh-3uL9AgUT1t6xD-PwuHH24udfvBbQoL_pihGf89cxEYpg&google_hm=g8U5aOZqz8svN7gM-Ac0Pg==
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:47 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQKiIVYAjPytuQsSjIPjjKG1dc8WI_ZsiHyiSKvO9Wf_7fqw3Bhh-3uL9AgUT1t6xD-PwuHH24udfvBbQoL_pihGf89cxEYpg&google_hm=g8U5aOZqz8svN7gM-Ac0Pg==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
cksync
cs.media.net/ Frame 955E 		0
0
v1
match.sharethrough.com/E4rooAtA/ Frame 955E 		0
0
gob
sync.inmobi.com/ Frame 955E 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 955E 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbGilxMPQLP8_2mLytTRne4d8Gexb9-rDnaDQwFuNzZkjia8SVKBKoJM9kheuGOz5TwB5iD28
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
khaos.json
token.rubiconproject.com/ Frame 61D8 		7 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
idsync
sync.aralego.com/ Frame 61D8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LON027IV-10-F96X
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LON027IV-10-F96X
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/cf3e1201-5e91-3d67-9887-923d8d5f7a00?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-reV3YnVE2oXuFeXtIvtawtdQwNjtkXJHHhVSdX0-~A&redirect=
0
0
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 672B 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 09:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
19007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Nov 2024 09:14:00 GMT
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		112 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:53 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 17:37:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"653fe9e1-1bee3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 06 Nov 2023 15:30:53 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:53 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.600.0_en.html
imasdk.googleapis.com/js/core/ Frame D088 		754 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
0e7bf5514e66181229677ebc30bc00ceec297229f58021ab622021b54cbbc1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
595063
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247634
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 17:13:04 GMT
expires
Tue, 29 Oct 2024 17:13:04 GMT
last-modified
Mon, 30 Oct 2023 17:07:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		0
0
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7442 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 06 Nov 2023 15:12:44 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=YzjhPlFAp52OoC%2Bnwk0Sngav8t3mlhLwc%2Frlyn4AoewtAyKGWl48JfyBPAm0khS1VZ4JvuJGMR1zCalaoFSEI2EHVmk%2BylzeLEpakY%2B8e%2BWMcXyvRcLLzJd96clnisYALr2Q8AP5%2FItv7ZFjjrfK8goFzTAdTQWwdhNi4P1y78m%2F8xDxf5iL7C5zst2TUSeYN67G653m26%2FLH1%2FYtFOj9dF26S7sHCbHu1cHZh6HwcF7mVDjpI6m%2BxtJcb30PpwWeF474eHW0IvK8tmtBBohwrNWeYkIE51oT56R9liT3ucZLZxiXQ55Uz57DaGJAwPOGj%2FdgcSWTAbcv4QiEVhhE6JMYBM7xCDrNrEJqmG283kYUS5G7nPH264QXDm8e%2FPpdysUwlPu5hejtEv4r6v4UEt%2B%2F9GZp316p%2FrEV6d6Yk4PuU6%2Bx69nC0rR9e6KBp4QQLRoUXThf9k6IjYee82zLnREwYNeFFtuQf0%2FtBk6WgSfb9%2FmMk3Lqaxm3dsYNRvckz3jD%2FGyng0f%2FLwwfHbxmJifVCpfq9v9%2B0samPfxl1k0aCHDXWGnWl0Wk3IBfzvui0My4R%2Fo%2F7l3M6LTabHAhQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
480_650.mp4
cdn.vidverto.io/secured2/vb_8UML1NpHIdmLfBOM8oA:1699284644/1327/video/1811/ 		0
0
pixel
cm.g.doubleclick.net/ Frame 61D8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzgwODU3NGUyNDIwYjQxZTExYzhkNDcyNWZhNDRiZDM3ZTViMWEwNA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzgwODU3NGUyNDIwYjQxZTExYzhkNDcyNWZhNDRiZDM3ZTViMWEwNA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzgwODU3NGUyNDIwYjQxZTExYzhkNDcyNWZhNDRiZDM3ZTViMWEwNA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 61D8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vaS4RANlSv2BxLXqZlJQmQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vaS4RANlSv2BxLXqZlJQmQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vaS4RANlSv2BxLXqZlJQmQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Nov 2023 14:30:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0A6TG6EZ8AQG2CK1JSEQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vaS4RANlSv2BxLXqZlJQmQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 61D8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LON027IV-10-F96X
0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 61D8 		0
0
token
token.rubiconproject.com/ Frame 61D8 		0
0
rubicon
match.adsrvr.org/track/cmf/ Frame 61D8 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:47 GMT
server
Kestrel
content-length
70
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame 61D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG7HId0WOJiXNYWZQcM2VQ0&google_cver=1
42 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG7HId0WOJiXNYWZQcM2VQ0&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG7HId0WOJiXNYWZQcM2VQ0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 61D8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/pLldN_VR0jUbhH_lbHDfY8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-QmojKuZE2oJ9wXYL.LiYN2BmdmTtjeNl.0KYBA--~A
0
0
rp
match.prod.bidr.io/cookie-sync/ Frame 61D8 		0
0
merge
ce.lijit.com/ Frame 61D8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LON027IV-10-F96X
0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 61D8 		0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame 61D8 		0
0
setuid
ib.adnxs.com/prebid/ Frame 61D8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LON027IV-10-F96X
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LON027IV-10-F96X
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:48 GMT
an-x-request-uuid
87751a99-9de0-4f63-8eb0-abf882a30f0e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.219.127.190; 80.219.127.190; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LON027IV-10-F96X
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 61D8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LON027IV-10-F96X
0
0
cksync
hb.yahoo.net/ Frame 61D8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LON027IV-10-F96X&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LON027IV-10-F96X&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1wZ0w5ZWU5RTJ1SC5hd3EybEcwQW1zNWJQUnZHZEhxX35B&ovsid=LON027IV-10-F96X&dpid=58160
0
0
liveCS.php
live.primis.tech/live/ Frame 61D8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LON027IV-10-F96X
0
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LON027IV-10-F96X
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Server
13.32.99.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-81.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:48 GMT
content-encoding
gzip
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
yUsIRK1ARf-m8nsEktGvsHJTUB9MsliQAM_VbZxwOCkVkDPJGHNKMg==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LON027IV-10-F96X
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9tYW4tZ3UteGluLXJlbi1xdS1uYS1wYWktaHVuLXNoYS1kdW8tY2FpLW1vLWx1by1nZS1mZW5nLWx1LWd1YW4tY2hhby1oYW5nLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS0xM2YxNjk3NS02M2Q0LTQ2MWItOTEyOS04NjQ2YzBmNDgxODkiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiYjU2N2Y4NGItZTlmMi00ZGJhLWI1NzgtYWM2NTgyMjZhMjAwIiwidGltZU9mQXVjdGlvbiI6MTY5OTI4MTA0NDQ2MSwiYmlkcyI6W3siY3BtIjowLjEsImFkSWQiOiI5NmJlZWY5MWMxMTA5M2IiLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NTkzLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5OTI4MTA0NTcxMn0seyJjcG0iOjAuMSwiYWRJZCI6Ijk3ZWE3Y2Y1NDZlMmRiZiIsIm9yaWdpbmFsQ3BtIjowLjEsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo1OTMsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk5MjgxMDQ1NzEyfSx7ImNwbSI6MC4wMzk2ODg3OTE1OTk5OTk5OTUsImFkSWQiOiI5OTgxYWE5OTM1MmU1MTMiLCJvcmlnaW5hbENwbSI6MC4wMzk2ODg3OTE1OTk5OTk5OTUsImJpZGRlciI6Im9uZXRhZyIsInJldmVudWUiOjAuMDAwMDM5Njg4NzkxNiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NjA2LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5OTI4MTA0NTcyNH1dLCJ0aW1lZE91dEJpZGRlcnMiOlsibm9iaWQiXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoidGVhZHMiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijk2YmVlZjkxYzExMDkzYiIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAxfV0sImNvdW50cnkiOiJDSCJ9&c_b=10475.299995422363
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:48 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
container.html
92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FF4C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 14:30:44 GMT
expires
Tue, 05 Nov 2024 14:30:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-247.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 06 Nov 2023 14:30:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
script.js
d2q8xv8xf7whrd.cloudfront.net/ Frame 7BE1 		0
0
c96e098f-972c-4465-964c-23024354e961
a5174.casalemedia.com/impression/v2/693656/85/cl4fh50vntloohvoo7qg/ Frame 7BE1 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BE1 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bvzw2QAE03yatK93FGylepSh5XLL7e43x76hdanoKDDUhuuQlvbnr_isWEO8Tx9MJBnMKjhn7Fp8HL34un1UMs8IndrVK9TOAD3YJrZuDn9_0CbfQ
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BE1 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9284110634755767455&x=13&ct=76
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7BE1 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 14:30:47 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-247.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 06 Nov 2023 14:30:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9tYW4tZ3UteGluLXJlbi1xdS1uYS1wYWktaHVuLXNoYS1kdW8tY2FpLW1vLWx1by1nZS1mZW5nLWx1LWd1YW4tY2hhby1oYW5nLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS0xM2YxNjk3NS02M2Q0LTQ2MWItOTEyOS04NjQ2YzBmNDgxODkiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDQsInJlc3BvbnNlVGltZSI6NzQzLCJuZXR3b3JrUmVsYXRpb24iOjF9XSwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJ3aW5uZXIiOiJpeCIsIndpbm5lck5ldHdvcmtSZWxhdGlvbiI6MSwid2lubmluZ1JldmVudWUiOjAuMDAwMDQsIndpbm5lckFkVW5pdElkIjoiODk0MTQzNzZiODQyMzU4IiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiMzAweDI1MCIsInByZWJpZEF1Y3Rpb25JZCI6Ijk5OTE4ZGNkLWVjZWUtNDM0NS1iZDc5LWZjNWRlZTQ2ZjAyYyIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=10583.199996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:49 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=23128242472952&correlator=4030318935626892&eid=31079466%2C31079419&output=ldjh&gdfp_req=1&vrg=202311010101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&arp=1&abxe=1&dt=1699281047882&lmt=1699281047&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=116137940.1699281043&ga_sid=1699281043&ga_hid=1947783032&ga_fc=true&dlt=1699281041825&idt=1454&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.10%26hb_ap_adid%3D96beef91c11093b%26hb_ap_bidder%3Dteads%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv8_c&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
51aa07837ba92ab9a6da0289bbc8cf0d5c54106290231bce6750faa6bb57f6e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:48 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12302
x-xss-protection
0
google-lineitem-id
5221339621
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138294149007
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
8a6c58a25e971cfbc194f00dd2aa8ad4.js
www.gstatic.com/mysidia/ Frame FF4C 		0
0
d14ff5ba081e0737c484ab1a43575bd7.js
www.gstatic.com/mysidia/ Frame FF4C 		0
0
css
fonts.googleapis.com/ Frame FF4C 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Nov 2023 14:30:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 13:56:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Nov 2023 14:30:48 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame FF4C 		2 KB
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
69048
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:20:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame FF4C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:09:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
40884
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9345
x-xss-protection
0
server
cafe
etag
15168757854195530193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 03:09:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame FF4C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 12:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
6858
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 12:36:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame FF4C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
69048
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:20:00 GMT
l
www.google.com/ads/measurement/ Frame FF4C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOSGtT5MlYPkdt8APzN9Dmbpt1QeqGGwMzIMY9JytDhhDDW_BXrDi0e7FTEygYeFn3KCI5zwHEJpreJhHcp-EdsZQJGA
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FF4C 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Nov 2023 14:30:48 GMT
ac1dbca482530a26bafc7a8c1241173a.js
www.gstatic.com/mysidia/ Frame FF4C 		0
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ Frame F60C 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
37412b30b641c63ffcbc775b5fc2a497f2f2d99a5eb74dcc3adf02ef76cdfa0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138448
x-xss-protection
0
server
cafe
etag
17144310600965543905
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 14:30:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame C386 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
77270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:02:58 GMT
etag
251720774729838433
expires
Sun, 19 Nov 2023 17:02:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame E068 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFRSiuMAgPt9p4q-OfQdxgVPjnGNSYI42xtF-W_2bw_PxRyH12Bk5O4VkchLtObTt9ZMYKvLSToGU4OgX284gQzTfBThm_O2pHjGLvtE7hBVlOJe-eYrIcA7RrrgXhwuODB67VLTDEj061TUoOp3P_a3CoRGDxqPH0jXGWeNz0DDD_pzYcJE-HIPI9WthABNkCvbGa2l7g_nbCrhYGdVvqqYhZ7saK2eCyrTQ9Ybaf4d4u0Wg7Vqu3qRkwARxOFgl_ZDop-FWa97YNZpYGKHqNiAimtIUfEO8xC01ulMn5B7X8FaFLR9a2dOcSxzAd6p0550XWwDzUCGqHM8Nt_S-i5Vriz17V&sai=AMfl-YQw6cLN-QZ3_kAkF1K3owv5-polfKYhO8m7ny5c54mDb12jmcCZ7b0xMuwJZrPLSy8NO5YRH_vCG36eGDDKnBA8eMjRAsD30Lzkx23YYBSIwl7r7UuZbNrdodbcjU8&sig=Cg0ArKJSzBBdz2FYEZmCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-247.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 06 Nov 2023 14:30:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178
a.teads.tv/hb/ad/ Frame E068 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/ad/6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
563b5cebb070505baced6cb9a1649f20c1d59e3f49ac9b7f669ab0bfa01916e1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:49 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2546
expires
Mon, 06 Nov 2023 14:30:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E068 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Nov 2023 14:30:48 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9tYW4tZ3UteGluLXJlbi1xdS1uYS1wYWktaHVuLXNoYS1kdW8tY2FpLW1vLWx1by1nZS1mZW5nLWx1LWd1YW4tY2hhby1oYW5nLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS0xM2YxNjk3NS02M2Q0LTQ2MWItOTEyOS04NjQ2YzBmNDgxODkiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwicmVzcG9uc2VUaW1lIjo1OTMsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6InRlYWRzIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAxLCJ3aW5uZXJBZFVuaXRJZCI6Ijk2YmVlZjkxYzExMDkzYiIsInRpbWVkT3V0QmlkZGVycyI6W10sInNlcnZpY2VzIjpbNSwzXSwic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiNzI4eDkwIiwicHJlYmlkQXVjdGlvbklkIjoiYjU2N2Y4NGItZTlmMi00ZGJhLWI1NzgtYWM2NTgyMjZhMjAwIiwiaGVhZGVyQmlkZGluZ1R5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=11160.899993896484
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:49 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
aHTLd9FQPhWEkcxcN3GAKyQrLTRrW07qSAkxN9dWPnkRRYlq3CE843O1y8Eej4G%2FjYT17W1eNQJyDtGgMV7VB3CEA2wY%2FmBQVNNi3IiCTyepHuGlov0WdZxQyaZHr7lCWlQyigFO3jpQyznT0SWq6sKQJ8%2BxSqwViLcVNUeibV2nxbvifT2BfnhWBIudi22...
ad.vidverto.io/delivery/video/pod/ Frame D088 		0
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame E0BA 		273 B
121 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGNn-0_oBMAE&v=APEucNV2Y4DJ5BSmlxOyLMdG1pA_4clvop8mJGqza5d1t9d4J4YCDxI4a9tngFKepPLw34H9O7FRak0IU-6uXueQX4TdwbKD0Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f9069e765fbe398f997add12a68cb2a29757379a4419198ef6fc3f627a06011f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
101
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 14:30:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BE1 		0
68 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5297109992609&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BE1 		0
68 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5297109992609&version=m202309260101&ct=76&x=13&cor=9284110634755768000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7BE1 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqR4EzTGQkPOxuFbnExPqMMGqyOnj_oDxfWPilY4jFgBkJNsFcjI3L_Zq9SMQ5WHP1xvJ_Ge_HsbBDRAYfEOth8OhrfoDm6yOu1jpx45krBj2q23QVBnqZzXhFKy1Azu-L5h1e2wz4eYK0Vsln7ti3ExGgFPnNkgojLw7vqv4bFuU9nbk&dbm_d=AKAmf-Ag11Kv7KwB4ExSGRSmPJOGF5FeCZWLL9UdgfbXmuNaj1LElK_KTJWWQzUjbwxFnbn4CfU-vt71c5aRIGwMgE0kC8QKS7L_Gfdafaik8OSIzYz5S5pGXkQI63H0U3jO9uuT30CsicWUHEhY7CHnUiKE-lrKN1MlKdXhNYrhTeEfJlE8JBHoF4l38lcMvfs1g3Lcb5rL8GQRiwdgTyscvrj-YJMf3gB2r6u0olWqOEMZc8fntxirstk00Qy2hToybDuOE88cf4fzLgEk_5t4Ew5Os__7DgnOsD6gze_S3n4TAeq0ZNsxdEle90TFdksCRRyrZAVnNtQhQ9RmsPm0sc8Jag3mlGAI81XTY64UIxYGRnkFaBFmGL8hgVTBCT53r78nZixTY-_LhBcwsvH4vfeZQlJ2TJQlLmgpRf4CERcgZSBJQ0yYSfHG5FPoI_vuaGvoBjGbh5XAm3PX0RvqlSE_5n9LObR7eft7-Tha2lPQc27CpPe6_v1RmzXcdHVE6c38I7srF0Z9zY2yaVAwvu8yD4GR9-obWll8XYlvYElgXct5gO6j5L7MN61Rou_N0dsLqg27ArFspnjI7xhDu8bo8gGO0cDnYqn_pa7gk8JkL_kL7vrBXp9PgJoGzpgESqqoy-GtTgQWVJIJhExfLYhuqLBtTACMqiDg3VOdstBItmRISA-aPZb_s9LsTaZXzlL4aMQeX_8DgrfL5Bqg06nvJY9XiVNd_tb1KcRUlbtRKvezvo7O36s0YtOROVyqjrhIyB-QdLtPnoRxnjNTS9N5UVOxKOlZLDiYbDhAJ3G9agQ-RVAj3H29UkBFZD6mwaKu3rp52A98HMcZ7yrH0Z8g3K-Cc4m97BOv6CTLJNQ6r8aa_ribzS_bpQA2ZETVzCiWhnPi-4-Ro4JzYNWonSlZAeIoe5PRpAuJGGM5X0f5wlojtFfxzAmns0tniF0vswU99irizxfHlprhFHNYY0MWVNcJGcWOuDUYHWzk977jbjH9e2GHB5mNi-BaBi0thIAOGvsf8HJwFGy7W1gF7BpMHWwU_8664Uc3aoM4Xb8Wdt0k_1-10BUmIcsJuLq_g195Bn0ok-bmJs2zWKxqtxngophAw3kh5MV_UGWMRphJ_WV7OTphLaGzQXhTiTbJCUual35MMkoBmavwDO5ogjiOcpJ_Eyll_JFQqGOzCrskirX3tRZ4sfbYHEETZ_9Nt29hRDqL5JsBO8aRRxXWa-AOlrc0DJc7AiCK62ZXE2oafRYAZK9QqwpzqiFrGUF-tCYnkH4WeATLDZd_ItWfuiDv8MiKJb-oaKykgQEwSnYV9Fxjo-UcaWUn3oPGyzFiwBZ5EXQV-rzskOKKr0heCt6-8TnOijIN51mECKPAGpw_mOc3BagoNIeEIhWgT8rkJFrB5TGmPeAduCNOzHbd0Q1b0y3tb6mqHdFSiCtSFzSAuI1WNR6Asb6O61QOgu3wpF1dunHiBU3YyvVEcN--4iVaNMIqYkd2L1dlW2T0XpFXyntvnc9efs11GO8WAjsA4COa1DjCfu-LlKkFGGCeF2YBmaefPRPW2I20fHi1C7j5nYFnKTWjqKbOIabwvWAWCaEzHn1y6oELc6hlfrBRY1uGJDovb-IYdBousLs2n1ReUoiW7IQ8HJDJhZzy7pFWEaxuFfRlhezpgRNlzSfUF1LOiuijiLhXWUV2pNG2bFbDSKLu3jJis1gBKhR5Q5CSXLsEx0XyHlaj0E_eqoPChaptNKbwDeU3ZepB5pOaVd7zvkea7U5EBDvQku0I8IADsZybExbo0T2eMQaIa9AB7mzE67WoF8zw1bFp4hE_UfQl8ciiKQtCqGakq-XnfXq6By6NlA4Qz0TwJwJSnmLtN7JakEQihEcncb5gE59FwjFtzmp5Ytb1qIAWZclB-oxkO7j5gwgn36xnXN_4Ntw9ZtvlLb1Lnq6oWAxUmYy7z5-qvsz6Tlfpv1RrMc1DHgcP5RtZqQdFu1MYFk2nD17f-i5Bt1EzAIYCscxea9rGOVWKgOeYBoeXxD2XS5y0_mZgPNPBeRxjheWgDYD87N_Fb4mHbBlyLXNlNIPbtutYhGf-ZuMrYLbGU6ImMLpXUggrB3LVSSG1GQqBgPmzv9ijnjJrwykOtFy91T5WHRHM86kmMhE1nC2KYYAIeDJ3Je12XY9GXzD8WXUui_Ev8wABQG0NlIGQvFsnjOUpKpV6-xKNYpZyVPYLgu8JeRegUb4xBKYSJHA3Wxvpkox8RyyKjXRUJ_lGVNeUF4H9U2zC5S4F2Wi4JYBjsa_fnsJsUCO7Kd6Ye65BNfchFa1OW8T5hXvSV5S73MF-Ryd8K9Un7rj54_U-9Y4v1H8No0Yv2DfZKvZK-F8OrEigVJQembOA_cQ2DkPPTT5FTg_J3JR5fRQ99MMm3tB5c_ag2suW9wwC7lNSvCnGYerA0wFjuaP2PPtK_QDo-L7j9rFI2lvuB3NRxET5yt6nBxHAMy4SG3EVGhbKidAjfHlDb9VnhWCRF2Mx5VtpZ20TWFa_V_R7fe4WWMZQWI4-8mI2vS3J6lnzX8tHWN3F7W9z3n8_2pRg0jnyVxchFCU6ZsulgamkicIyjTnRayhjZo4PGLULpnWztzU4eD-OSvwBrphrv7Oi8thmuO4CjHa1scwcf72PYLQXSNKosomfFP3uw5NCyjSRp1mezv9HAAl-w9I-FoCRASw2au6PJ8eZp3aFlUvHoKmDiPH4q-P0nxLFimls5EQHcmv5GQLB0CAfI4w1t31cb0zFq0geyknAZRkSOpYNpszVOl2x3EWJJjwsKxr3Bq9gBGQ_LncGTu7--7ucCMc9f4Px2TPoSzfS8PI_8OaDQEaYHJV9sW5CgKSpL83ve7dlqYD0o5VZWIF9fxmwOPt4QQAeHT1cLYnfP8svxa1wWIcXu94l7juj8czsSnWe4pvO4DufDujgRmxamSp2UCRNRQevtfvhsd2q_NF4X6mfgx4eNm_SzuraBPxOItpeUE_X0wq_t3KJ2WfgZu_kud-h7vs1UmEuulGv-uzHI9fdRwEzMtSbtmWCb4DKvZwyPd3eOu0fCMeivXFid9q3Hr0fI08e92NNCryztjze0JISux2YU8zMcOm4iWmz-LOu61EFEbbgqL3dxJHBJ3pIMlwF1dXh-7Gdf2iLEpKEUqXGOLue3L8lp1MljuQvWov7bdlQMcBXAWZiJpFatnegh3jhT6aRXvbyUci4DEwKSU5SX_bOph8XBcx128U_talpqIKC0lmZ6iuDfrai3Yl1Klt8wBIuiruqpFElXx7zD454XAhcNJAAzzw-G6uPQCodCTcJhnGU1vr73NOc68Nj5r6FvMnNOv-7x6ukf2JoXa0AWgmFXSkhG4dJk3Yf_LXw261y-0lCnlUn_KHm1gdBnnr76SHcsUkFwEqIdd7GxnRVyqQ6Ht4lcTAOJcq-KCZlDuwlSq9_nOUN3l3A7ozoRsbE5_4p9y9TPQOnPeHbNmgUIAHDWw5IMSnY-sg1buxSqfU4VXbHodOTQ-HMP4o7xotmNGJ87LR2m5ndavEIBI1paRC9oitX_zKBoBs1nlkdLwUy69qqaog3z5D-Pi0F20nlOttN9tXy-K2--KD0_c6YafBGtWQZG5c9VR033L5bUYLrSh1iWZh7Vx8kdVQQbxRtkKQ-6VLENh0OIvtRyQokNq4h2DSEej6mb_wu0Air4C2Ol3hTl4lL2-dKXV8F2RKCmY0VjEqI_NbNV0I7oXPCEfnwywrGOxD5Q0v6b6M49LYCnj5v2yZS76c5eOCskCshpRItupIBng&pr=13%3AZUj4lAAAAACHYlbkIXmfYvj5CA3sjyxoNARzbg&cid=CAQSMgDICaaNZdcgiTMMMoFAg8Rm5lDOxS1hY4DxwWBdwHt4N-pWuSPh2xGTsuUc6XiqGiqJGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ds=l&xdt=0&iif=1&cor=9284110634755768000&adk=3727671471&idt=181&cac=0&dtd=29
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
d4381aff52057c55df11fa459a0257d6f7524a3c4e8cb749908e1814583d5175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39587
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame E068 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09909577463f5aa08978e66bcac1a6a939f2c86433ff92f47a8582f089e75698

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
ads.smartstream.tv/cm/ Frame E0BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEAI4_aMwYnE34eheWEGcSAo&google_cver=1
0
0
sync
ad.sxp.smartclip.net/ Frame E0BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEPniufZfbQneTLy34HOoyzk&google_cver=1
0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 672B 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BsyKilvhIZeyZLsPpx_AP67uaqAgAAAAAOAHgBAI&bg=!x8SlxIvNAAb4oU7C2KE7ADQBe5WfOIHh061kithYcY3wL1fyfP7JLJFjNgUVOG4D23su77MWjO6H2AiG3MM5sR4RzzyDAgAAAXVSAAAALmgBB5kDRZUPs02NBlFyni_u4zbCL3x-S9MELjt-e3Uz1QzPQY7vKAPdmUU2Jd2nTMgIJe6lqDInhiyoTb_KeCh1DoseLXHtBfnLYB0uJxrJfGUvKko2o3BASSrUXoOjMM8dw-0U-hofJyKRqbfWNgplFU8vAWdgKP-ooyVu4BdbX-J7N9bBQzB7P1fgD6XHFB2_NnprIM1ctYGHEfESgQyrYEEog4frwRelsnHJl7-jGeqcl3pbz1jI4yfDIz3rMsdY776teBG8G_kdNe5DS3H9nmJ1GaMGhGgGAvWMi2T9aHjvqF4k5_5I5WPG7FykpWofszXSfAGw1D4ECNe2QGyuJgq6t8e7vhyiI_0ylncBdUAZw3kWPZ1LxY2ou4W3VWpEu4zAOdTb5J9hl1uAhb8yi1ONNRYGbHbnpWVJhg7tpxpBq_dQ76KWxZf1BWhPlJ-og4Qq90yk_Uqn5ccjU7JjR_LOqYz5Gqy89c_0pk4oXwJXo3YZhW7s1Rhysnn7wTzTA2ROEKPxsNEnzrJkHmvjEY74gSHTb2l0HjpB7oJdWNMQDq_1KAGrSDXbeiX3t63B7AiNV66vlB0gdeXlf9pcF6shybIg-BVvc0NXiT-HtPZRD0NeZXTt3tVtYJw6HE1OH4wxugyaZPKdIjgXRIc4uyPiy3ABzy_IN5Ys15r3C1dlj-5FYHyVJHJoJ-tCu1T8gMR_T8Iw_SLTFo8y-VJTZHb7-5ZwRQFO2uGMd_oZs9VXHTbE_XUQ67qfpWLE1ASrM8x_xkI8jLCwQ4QG9OtaLRE5_R1X7yTDqnA-UfL17Fwf7k_G48WLJ4nWfdwO1l3OS_gWtAnjBYsdYE60g5KjI4bMrF9lgFOCnA8me-1jhN2yufVC3pflwm85Dg40Ymqc4iv-LwNXdtdD4e2qmc37h-ibZflZd1N0hugsQlfuY0qyv-iCw6XZKwfI8ahjbjJbndgYnSYjxQcNAdkwU3rFXz-ZKefjRoECmbB6FtlgY-H3L4TiUpQ2eMdjfPAo9k8CVlGFiYoEZ60bouo0uxrmdhk2Ay-1InprR7TfMt1yyVftJ-LbsXb1Q1ao5SMAAVWK8F7Y2aCvD8cR8i4MVDuB2mUazq-NpzMlbA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 7BE1 		0
0
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 7BE1 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqR4EzTGQkPOxuFbnExPqMMGqyOnj_oDxfWPilY4jFgBkJNsFcjI3L_Zq9SMQ5WHP1xvJ_Ge_HsbBDRAYfEOth8OhrfoDm6yOu1jpx45krBj2q23QVBnqZzXhFKy1Azu-L5h1e2wz4eYK0Vsln7ti3ExGgFPnNkgojLw7vqv4bFuU9nbk&dbm_d=AKAmf-Ag11Kv7KwB4ExSGRSmPJOGF5FeCZWLL9UdgfbXmuNaj1LElK_KTJWWQzUjbwxFnbn4CfU-vt71c5aRIGwMgE0kC8QKS7L_Gfdafaik8OSIzYz5S5pGXkQI63H0U3jO9uuT30CsicWUHEhY7CHnUiKE-lrKN1MlKdXhNYrhTeEfJlE8JBHoF4l38lcMvfs1g3Lcb5rL8GQRiwdgTyscvrj-YJMf3gB2r6u0olWqOEMZc8fntxirstk00Qy2hToybDuOE88cf4fzLgEk_5t4Ew5Os__7DgnOsD6gze_S3n4TAeq0ZNsxdEle90TFdksCRRyrZAVnNtQhQ9RmsPm0sc8Jag3mlGAI81XTY64UIxYGRnkFaBFmGL8hgVTBCT53r78nZixTY-_LhBcwsvH4vfeZQlJ2TJQlLmgpRf4CERcgZSBJQ0yYSfHG5FPoI_vuaGvoBjGbh5XAm3PX0RvqlSE_5n9LObR7eft7-Tha2lPQc27CpPe6_v1RmzXcdHVE6c38I7srF0Z9zY2yaVAwvu8yD4GR9-obWll8XYlvYElgXct5gO6j5L7MN61Rou_N0dsLqg27ArFspnjI7xhDu8bo8gGO0cDnYqn_pa7gk8JkL_kL7vrBXp9PgJoGzpgESqqoy-GtTgQWVJIJhExfLYhuqLBtTACMqiDg3VOdstBItmRISA-aPZb_s9LsTaZXzlL4aMQeX_8DgrfL5Bqg06nvJY9XiVNd_tb1KcRUlbtRKvezvo7O36s0YtOROVyqjrhIyB-QdLtPnoRxnjNTS9N5UVOxKOlZLDiYbDhAJ3G9agQ-RVAj3H29UkBFZD6mwaKu3rp52A98HMcZ7yrH0Z8g3K-Cc4m97BOv6CTLJNQ6r8aa_ribzS_bpQA2ZETVzCiWhnPi-4-Ro4JzYNWonSlZAeIoe5PRpAuJGGM5X0f5wlojtFfxzAmns0tniF0vswU99irizxfHlprhFHNYY0MWVNcJGcWOuDUYHWzk977jbjH9e2GHB5mNi-BaBi0thIAOGvsf8HJwFGy7W1gF7BpMHWwU_8664Uc3aoM4Xb8Wdt0k_1-10BUmIcsJuLq_g195Bn0ok-bmJs2zWKxqtxngophAw3kh5MV_UGWMRphJ_WV7OTphLaGzQXhTiTbJCUual35MMkoBmavwDO5ogjiOcpJ_Eyll_JFQqGOzCrskirX3tRZ4sfbYHEETZ_9Nt29hRDqL5JsBO8aRRxXWa-AOlrc0DJc7AiCK62ZXE2oafRYAZK9QqwpzqiFrGUF-tCYnkH4WeATLDZd_ItWfuiDv8MiKJb-oaKykgQEwSnYV9Fxjo-UcaWUn3oPGyzFiwBZ5EXQV-rzskOKKr0heCt6-8TnOijIN51mECKPAGpw_mOc3BagoNIeEIhWgT8rkJFrB5TGmPeAduCNOzHbd0Q1b0y3tb6mqHdFSiCtSFzSAuI1WNR6Asb6O61QOgu3wpF1dunHiBU3YyvVEcN--4iVaNMIqYkd2L1dlW2T0XpFXyntvnc9efs11GO8WAjsA4COa1DjCfu-LlKkFGGCeF2YBmaefPRPW2I20fHi1C7j5nYFnKTWjqKbOIabwvWAWCaEzHn1y6oELc6hlfrBRY1uGJDovb-IYdBousLs2n1ReUoiW7IQ8HJDJhZzy7pFWEaxuFfRlhezpgRNlzSfUF1LOiuijiLhXWUV2pNG2bFbDSKLu3jJis1gBKhR5Q5CSXLsEx0XyHlaj0E_eqoPChaptNKbwDeU3ZepB5pOaVd7zvkea7U5EBDvQku0I8IADsZybExbo0T2eMQaIa9AB7mzE67WoF8zw1bFp4hE_UfQl8ciiKQtCqGakq-XnfXq6By6NlA4Qz0TwJwJSnmLtN7JakEQihEcncb5gE59FwjFtzmp5Ytb1qIAWZclB-oxkO7j5gwgn36xnXN_4Ntw9ZtvlLb1Lnq6oWAxUmYy7z5-qvsz6Tlfpv1RrMc1DHgcP5RtZqQdFu1MYFk2nD17f-i5Bt1EzAIYCscxea9rGOVWKgOeYBoeXxD2XS5y0_mZgPNPBeRxjheWgDYD87N_Fb4mHbBlyLXNlNIPbtutYhGf-ZuMrYLbGU6ImMLpXUggrB3LVSSG1GQqBgPmzv9ijnjJrwykOtFy91T5WHRHM86kmMhE1nC2KYYAIeDJ3Je12XY9GXzD8WXUui_Ev8wABQG0NlIGQvFsnjOUpKpV6-xKNYpZyVPYLgu8JeRegUb4xBKYSJHA3Wxvpkox8RyyKjXRUJ_lGVNeUF4H9U2zC5S4F2Wi4JYBjsa_fnsJsUCO7Kd6Ye65BNfchFa1OW8T5hXvSV5S73MF-Ryd8K9Un7rj54_U-9Y4v1H8No0Yv2DfZKvZK-F8OrEigVJQembOA_cQ2DkPPTT5FTg_J3JR5fRQ99MMm3tB5c_ag2suW9wwC7lNSvCnGYerA0wFjuaP2PPtK_QDo-L7j9rFI2lvuB3NRxET5yt6nBxHAMy4SG3EVGhbKidAjfHlDb9VnhWCRF2Mx5VtpZ20TWFa_V_R7fe4WWMZQWI4-8mI2vS3J6lnzX8tHWN3F7W9z3n8_2pRg0jnyVxchFCU6ZsulgamkicIyjTnRayhjZo4PGLULpnWztzU4eD-OSvwBrphrv7Oi8thmuO4CjHa1scwcf72PYLQXSNKosomfFP3uw5NCyjSRp1mezv9HAAl-w9I-FoCRASw2au6PJ8eZp3aFlUvHoKmDiPH4q-P0nxLFimls5EQHcmv5GQLB0CAfI4w1t31cb0zFq0geyknAZRkSOpYNpszVOl2x3EWJJjwsKxr3Bq9gBGQ_LncGTu7--7ucCMc9f4Px2TPoSzfS8PI_8OaDQEaYHJV9sW5CgKSpL83ve7dlqYD0o5VZWIF9fxmwOPt4QQAeHT1cLYnfP8svxa1wWIcXu94l7juj8czsSnWe4pvO4DufDujgRmxamSp2UCRNRQevtfvhsd2q_NF4X6mfgx4eNm_SzuraBPxOItpeUE_X0wq_t3KJ2WfgZu_kud-h7vs1UmEuulGv-uzHI9fdRwEzMtSbtmWCb4DKvZwyPd3eOu0fCMeivXFid9q3Hr0fI08e92NNCryztjze0JISux2YU8zMcOm4iWmz-LOu61EFEbbgqL3dxJHBJ3pIMlwF1dXh-7Gdf2iLEpKEUqXGOLue3L8lp1MljuQvWov7bdlQMcBXAWZiJpFatnegh3jhT6aRXvbyUci4DEwKSU5SX_bOph8XBcx128U_talpqIKC0lmZ6iuDfrai3Yl1Klt8wBIuiruqpFElXx7zD454XAhcNJAAzzw-G6uPQCodCTcJhnGU1vr73NOc68Nj5r6FvMnNOv-7x6ukf2JoXa0AWgmFXSkhG4dJk3Yf_LXw261y-0lCnlUn_KHm1gdBnnr76SHcsUkFwEqIdd7GxnRVyqQ6Ht4lcTAOJcq-KCZlDuwlSq9_nOUN3l3A7ozoRsbE5_4p9y9TPQOnPeHbNmgUIAHDWw5IMSnY-sg1buxSqfU4VXbHodOTQ-HMP4o7xotmNGJ87LR2m5ndavEIBI1paRC9oitX_zKBoBs1nlkdLwUy69qqaog3z5D-Pi0F20nlOttN9tXy-K2--KD0_c6YafBGtWQZG5c9VR033L5bUYLrSh1iWZh7Vx8kdVQQbxRtkKQ-6VLENh0OIvtRyQokNq4h2DSEej6mb_wu0Air4C2Ol3hTl4lL2-dKXV8F2RKCmY0VjEqI_NbNV0I7oXPCEfnwywrGOxD5Q0v6b6M49LYCnj5v2yZS76c5eOCskCshpRItupIBng&pr=13%3AZUj4lAAAAACHYlbkIXmfYvj5CA3sjyxoNARzbg&cid=CAQSMgDICaaNZdcgiTMMMoFAg8Rm5lDOxS1hY4DxwWBdwHt4N-pWuSPh2xGTsuUc6XiqGiqJGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ds=l&xdt=0&iif=1&cor=9284110634755768000&adk=3727671471&idt=181&cac=0&dtd=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:24:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
68789
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:24:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 7BE1 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqR4EzTGQkPOxuFbnExPqMMGqyOnj_oDxfWPilY4jFgBkJNsFcjI3L_Zq9SMQ5WHP1xvJ_Ge_HsbBDRAYfEOth8OhrfoDm6yOu1jpx45krBj2q23QVBnqZzXhFKy1Azu-L5h1e2wz4eYK0Vsln7ti3ExGgFPnNkgojLw7vqv4bFuU9nbk&dbm_d=AKAmf-Ag11Kv7KwB4ExSGRSmPJOGF5FeCZWLL9UdgfbXmuNaj1LElK_KTJWWQzUjbwxFnbn4CfU-vt71c5aRIGwMgE0kC8QKS7L_Gfdafaik8OSIzYz5S5pGXkQI63H0U3jO9uuT30CsicWUHEhY7CHnUiKE-lrKN1MlKdXhNYrhTeEfJlE8JBHoF4l38lcMvfs1g3Lcb5rL8GQRiwdgTyscvrj-YJMf3gB2r6u0olWqOEMZc8fntxirstk00Qy2hToybDuOE88cf4fzLgEk_5t4Ew5Os__7DgnOsD6gze_S3n4TAeq0ZNsxdEle90TFdksCRRyrZAVnNtQhQ9RmsPm0sc8Jag3mlGAI81XTY64UIxYGRnkFaBFmGL8hgVTBCT53r78nZixTY-_LhBcwsvH4vfeZQlJ2TJQlLmgpRf4CERcgZSBJQ0yYSfHG5FPoI_vuaGvoBjGbh5XAm3PX0RvqlSE_5n9LObR7eft7-Tha2lPQc27CpPe6_v1RmzXcdHVE6c38I7srF0Z9zY2yaVAwvu8yD4GR9-obWll8XYlvYElgXct5gO6j5L7MN61Rou_N0dsLqg27ArFspnjI7xhDu8bo8gGO0cDnYqn_pa7gk8JkL_kL7vrBXp9PgJoGzpgESqqoy-GtTgQWVJIJhExfLYhuqLBtTACMqiDg3VOdstBItmRISA-aPZb_s9LsTaZXzlL4aMQeX_8DgrfL5Bqg06nvJY9XiVNd_tb1KcRUlbtRKvezvo7O36s0YtOROVyqjrhIyB-QdLtPnoRxnjNTS9N5UVOxKOlZLDiYbDhAJ3G9agQ-RVAj3H29UkBFZD6mwaKu3rp52A98HMcZ7yrH0Z8g3K-Cc4m97BOv6CTLJNQ6r8aa_ribzS_bpQA2ZETVzCiWhnPi-4-Ro4JzYNWonSlZAeIoe5PRpAuJGGM5X0f5wlojtFfxzAmns0tniF0vswU99irizxfHlprhFHNYY0MWVNcJGcWOuDUYHWzk977jbjH9e2GHB5mNi-BaBi0thIAOGvsf8HJwFGy7W1gF7BpMHWwU_8664Uc3aoM4Xb8Wdt0k_1-10BUmIcsJuLq_g195Bn0ok-bmJs2zWKxqtxngophAw3kh5MV_UGWMRphJ_WV7OTphLaGzQXhTiTbJCUual35MMkoBmavwDO5ogjiOcpJ_Eyll_JFQqGOzCrskirX3tRZ4sfbYHEETZ_9Nt29hRDqL5JsBO8aRRxXWa-AOlrc0DJc7AiCK62ZXE2oafRYAZK9QqwpzqiFrGUF-tCYnkH4WeATLDZd_ItWfuiDv8MiKJb-oaKykgQEwSnYV9Fxjo-UcaWUn3oPGyzFiwBZ5EXQV-rzskOKKr0heCt6-8TnOijIN51mECKPAGpw_mOc3BagoNIeEIhWgT8rkJFrB5TGmPeAduCNOzHbd0Q1b0y3tb6mqHdFSiCtSFzSAuI1WNR6Asb6O61QOgu3wpF1dunHiBU3YyvVEcN--4iVaNMIqYkd2L1dlW2T0XpFXyntvnc9efs11GO8WAjsA4COa1DjCfu-LlKkFGGCeF2YBmaefPRPW2I20fHi1C7j5nYFnKTWjqKbOIabwvWAWCaEzHn1y6oELc6hlfrBRY1uGJDovb-IYdBousLs2n1ReUoiW7IQ8HJDJhZzy7pFWEaxuFfRlhezpgRNlzSfUF1LOiuijiLhXWUV2pNG2bFbDSKLu3jJis1gBKhR5Q5CSXLsEx0XyHlaj0E_eqoPChaptNKbwDeU3ZepB5pOaVd7zvkea7U5EBDvQku0I8IADsZybExbo0T2eMQaIa9AB7mzE67WoF8zw1bFp4hE_UfQl8ciiKQtCqGakq-XnfXq6By6NlA4Qz0TwJwJSnmLtN7JakEQihEcncb5gE59FwjFtzmp5Ytb1qIAWZclB-oxkO7j5gwgn36xnXN_4Ntw9ZtvlLb1Lnq6oWAxUmYy7z5-qvsz6Tlfpv1RrMc1DHgcP5RtZqQdFu1MYFk2nD17f-i5Bt1EzAIYCscxea9rGOVWKgOeYBoeXxD2XS5y0_mZgPNPBeRxjheWgDYD87N_Fb4mHbBlyLXNlNIPbtutYhGf-ZuMrYLbGU6ImMLpXUggrB3LVSSG1GQqBgPmzv9ijnjJrwykOtFy91T5WHRHM86kmMhE1nC2KYYAIeDJ3Je12XY9GXzD8WXUui_Ev8wABQG0NlIGQvFsnjOUpKpV6-xKNYpZyVPYLgu8JeRegUb4xBKYSJHA3Wxvpkox8RyyKjXRUJ_lGVNeUF4H9U2zC5S4F2Wi4JYBjsa_fnsJsUCO7Kd6Ye65BNfchFa1OW8T5hXvSV5S73MF-Ryd8K9Un7rj54_U-9Y4v1H8No0Yv2DfZKvZK-F8OrEigVJQembOA_cQ2DkPPTT5FTg_J3JR5fRQ99MMm3tB5c_ag2suW9wwC7lNSvCnGYerA0wFjuaP2PPtK_QDo-L7j9rFI2lvuB3NRxET5yt6nBxHAMy4SG3EVGhbKidAjfHlDb9VnhWCRF2Mx5VtpZ20TWFa_V_R7fe4WWMZQWI4-8mI2vS3J6lnzX8tHWN3F7W9z3n8_2pRg0jnyVxchFCU6ZsulgamkicIyjTnRayhjZo4PGLULpnWztzU4eD-OSvwBrphrv7Oi8thmuO4CjHa1scwcf72PYLQXSNKosomfFP3uw5NCyjSRp1mezv9HAAl-w9I-FoCRASw2au6PJ8eZp3aFlUvHoKmDiPH4q-P0nxLFimls5EQHcmv5GQLB0CAfI4w1t31cb0zFq0geyknAZRkSOpYNpszVOl2x3EWJJjwsKxr3Bq9gBGQ_LncGTu7--7ucCMc9f4Px2TPoSzfS8PI_8OaDQEaYHJV9sW5CgKSpL83ve7dlqYD0o5VZWIF9fxmwOPt4QQAeHT1cLYnfP8svxa1wWIcXu94l7juj8czsSnWe4pvO4DufDujgRmxamSp2UCRNRQevtfvhsd2q_NF4X6mfgx4eNm_SzuraBPxOItpeUE_X0wq_t3KJ2WfgZu_kud-h7vs1UmEuulGv-uzHI9fdRwEzMtSbtmWCb4DKvZwyPd3eOu0fCMeivXFid9q3Hr0fI08e92NNCryztjze0JISux2YU8zMcOm4iWmz-LOu61EFEbbgqL3dxJHBJ3pIMlwF1dXh-7Gdf2iLEpKEUqXGOLue3L8lp1MljuQvWov7bdlQMcBXAWZiJpFatnegh3jhT6aRXvbyUci4DEwKSU5SX_bOph8XBcx128U_talpqIKC0lmZ6iuDfrai3Yl1Klt8wBIuiruqpFElXx7zD454XAhcNJAAzzw-G6uPQCodCTcJhnGU1vr73NOc68Nj5r6FvMnNOv-7x6ukf2JoXa0AWgmFXSkhG4dJk3Yf_LXw261y-0lCnlUn_KHm1gdBnnr76SHcsUkFwEqIdd7GxnRVyqQ6Ht4lcTAOJcq-KCZlDuwlSq9_nOUN3l3A7ozoRsbE5_4p9y9TPQOnPeHbNmgUIAHDWw5IMSnY-sg1buxSqfU4VXbHodOTQ-HMP4o7xotmNGJ87LR2m5ndavEIBI1paRC9oitX_zKBoBs1nlkdLwUy69qqaog3z5D-Pi0F20nlOttN9tXy-K2--KD0_c6YafBGtWQZG5c9VR033L5bUYLrSh1iWZh7Vx8kdVQQbxRtkKQ-6VLENh0OIvtRyQokNq4h2DSEej6mb_wu0Air4C2Ol3hTl4lL2-dKXV8F2RKCmY0VjEqI_NbNV0I7oXPCEfnwywrGOxD5Q0v6b6M49LYCnj5v2yZS76c5eOCskCshpRItupIBng&pr=13%3AZUj4lAAAAACHYlbkIXmfYvj5CA3sjyxoNARzbg&cid=CAQSMgDICaaNZdcgiTMMMoFAg8Rm5lDOxS1hY4DxwWBdwHt4N-pWuSPh2xGTsuUc6XiqGiqJGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ds=l&xdt=0&iif=1&cor=9284110634755768000&adk=3727671471&idt=181&cac=0&dtd=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:26:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
29068
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11960
x-xss-protection
0
server
cafe
etag
17132697034905592634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 06:26:22 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 7BE1 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 02:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
389304
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 02:22:26 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3A03 		2 KB
993 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6225201ce81d29bfcd33554f37e843f4f4311e7714aae33d483ef144aac569c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
821e095acdbd2355-ZRH
content-encoding
br
content-type
text/html
date
Mon, 06 Nov 2023 14:30:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAAfZuLbK2Vka%2BuC1aBy%2BfB%2FLbnYsAoaduVc0T5ZJSy%2FFpKbVPiBmyrNOsTnVRUloxnAkzIbqTOElSGmEFYLyCwmIVnXhVuDBAJqLuFZAsRM3rVFW3b%2FPzrkOn4EhygB66jhlfNn0Z%2BWUw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
casale
match.adsrvr.org/track/cmf/ Frame 3A03 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:48 GMT
server
Kestrel
content-length
70
content-type
image/gif
31327
i.liadm.com/s/ Frame 3A03 		0
0
dcm
s.amazon-adsystem.com/ Frame 3A03 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUj4ly0uyDqVghiSXC-figAAFDoAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Nov 2023 14:30:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9H8S9PS5D9R97N47G8RH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 3A03
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUj4ly0uyDqVghiSXC-figAAFDoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECGSC446qNIlIdxCJ3Og8AA&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECGSC446qNIlIdxCJ3Og8AA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkJFA%2Brir6c4sDl%2BR1MrWMZnQH4dc0uhKr3I8%2BeeYKPZycEk6GijEqa11S65pSK9BaXjPZ%2Bo0VjgyRFY094%2BPhms8MkYo3dJ4JI7MN8uuLPvZ%2BEkmMcdxIS6Qhgba6A1Lw3wzeQZo3W%2Bdw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
821e095cf9b32355-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECGSC446qNIlIdxCJ3Og8AA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame 3A03 		0
0
rum
dsum-sec.casalemedia.com/ Frame 3A03
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=tXLAOOV_zTeuJJU55nDZN-UhwmGuJsVj4HaDE3kB
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=tXLAOOV_zTeuJJU55nDZN-UhwmGuJsVj4HaDE3kB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBQg7%2BiVM3IWiy%2BTpBTu1VhDPdQaUcN1akd0iBIxfz%2FDxKN7txrk2P7CxMCJMoNg%2F9rR8AL1cf9XbW5Z0sLMrM28%2BwvuQUtIsgk2lvCaV1agQ6efVdw%2FOZoZ%2FI6zarO4YX3Nq2Gc8CVCZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
821e095c68ba2355-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=tXLAOOV_zTeuJJU55nDZN-UhwmGuJsVj4HaDE3kB
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 3A03 		0
0
/
b1sync.zemanta.com/usersync/index/ Frame 3A03 		0
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3A03 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AE0E 		1 KB
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
29023
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 06:27:05 GMT
etag
48472445140208031
expires
Tue, 07 Nov 2023 06:27:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
9444811138517275035
tpc.googlesyndication.com/simgad/ Frame FF4C 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9444811138517275035
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
66ac1baf13c1e2a705b1faa04c4fcb5a729628f12eb8e1106224a321b75b354e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 08:51:52 GMT
x-content-type-options
nosniff
age
193136
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61532
x-xss-protection
0
last-modified
Sat, 28 Jan 2023 08:28:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 03 Nov 2024 08:51:52 GMT
18172527475020661335
tpc.googlesyndication.com/simgad/ Frame FF4C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18172527475020661335?w=100&h=100&tw=1&q=75
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
cb6be1aab2e03f12317c0cfbae3cf593ee7bf8ba0262c4784692ae9286712423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:00:09 GMT
x-content-type-options
nosniff
age
520239
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2977
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 12:25:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Oct 2024 14:00:09 GMT
data=HUsYhtFzwYAPOfk_FhuUdaQcSO751tuJDTzyfD8g16WOsi2mzzep4iO0TI0H4ronibRBgQWCFIKhjOw-
mts0.google.com/vt/ Frame FF4C 		0
0
truncated
/ Frame FF4C 		301 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FF4C 		418 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FF4C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
718cf01ee14fce07ddb7d51e4e80fbb32c5fb62b2ea6f36dd9cd968efda861c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame AE0E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECGSC446qNIlIdxCJ3Og8AA&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECGSC446qNIlIdxCJ3Og8AA&google_hm=ZUj4ly0uyDqVghiSXC-figAAFDoAAAIB&google_nid=index&google_push=AXcoOmQjPUUky4tDEDGkReK5CR_V8WPnY06S3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECGSC446qNIlIdxCJ3Og8AA&google_hm=ZUj4ly0uyDqVghiSXC-figAAFDoAAAIB&google_nid=index&google_push=AXcoOmQjPUUky4tDEDGkReK5CR_V8WPnY06S3bTfBRJ8EH-9U9ezvAVyMRRaUqGRFCI3qMDAzm7KmG0JbyDCCf4GN-JOHVDh2J4
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmNgGroBaMyb8hSrVH5x6B%2BDzU02Rnr357Y16HClrZQb8ospmZUl4O6OPebdlyMGdPeFyMRFS0utajl3ceBYyDNWuB6vY4wUk5iYfto8OjR3qotZJzdRRHf9SIwK%2FWQoLwAeFxSESH%2BHpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECGSC446qNIlIdxCJ3Og8AA&google_hm=ZUj4ly0uyDqVghiSXC-figAAFDoAAAIB&google_nid=index&google_push=AXcoOmQjPUUky4tDEDGkReK5CR_V8WPnY06S3bTfBRJ8EH-9U9ezvAVyMRRaUqGRFCI3qMDAzm7KmG0JbyDCCf4GN-JOHVDh2J4
cache-control
no-cache
cf-ray
821e095d4a4c2355-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
us
sync.go.sonobi.com/ Frame AE0E 		0
0
sync
google.partners.tremorhub.com/ Frame AE0E 		0
0
pixel
cm.g.doubleclick.net/ Frame AE0E
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEB1jvEFXJjD7Rpk2oS5LMTQ&google_cver=1&google_push=AXcoOmQfoT8cN_MvJRc99r9una4Z4Zt0T1L6G3O0CJpQyeOmTiTTslO0B-X8p73Ym2OUBKlCMX782eD899Hh1tYvcZoLOVwmPlE
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQfoT8cN_MvJRc99r9una4Z4Zt0T1L6G3O0CJpQyeOmTiTTslO0B-X8p73Ym2OUBKlCMX782eD899Hh1tYvcZoLOVwmPlE...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkxNTg0NjM4MzA1ODI4MDA5MjI2Ng%3D%3D&google_push=AXcoOmQfoT8cN_MvJRc99r9una4Z4Zt0T1L6G3O0CJpQyeOmTiTTslO0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkxNTg0NjM4MzA1ODI4MDA5MjI2Ng%3D%3D&google_push=AXcoOmQfoT8cN_MvJRc99r9una4Z4Zt0T1L6G3O0CJpQyeOmTiTTslO0B-X8p73Ym2OUBKlCMX782eD899Hh1tYvcZoLOVwmPlE
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkxNTg0NjM4MzA1ODI4MDA5MjI2Ng%3D%3D&google_push=AXcoOmQfoT8cN_MvJRc99r9una4Z4Zt0T1L6G3O0CJpQyeOmTiTTslO0B-X8p73Ym2OUBKlCMX782eD899Hh1tYvcZoLOVwmPlE
date
Mon, 06 Nov 2023 14:30:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cm
a.rfihub.com/ Frame AE0E 		0
0
google
trace.mediago.io/cs/ Frame AE0E 		0
0
pixel
cm.g.doubleclick.net/ Frame AE0E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJs_N4QsUswf90XUFWyiqHQ&google_cver=1&google_push=AXcoOmTsL61ZwVkQr...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzA2OTIwOTczODA0MTU3MjM3MA%3D%3D&google_gid=CAESEJs_N4QsUswf90XUFWyiqHQ&google_cver=1&google_push=AXcoOmTsL61ZwVkQrZPupnsPVS5Nwangne...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzA2OTIwOTczODA0MTU3MjM3MA%3D%3D&google_gid=CAESEJs_N4QsUswf90XUFWyiqHQ&google_cver=1&google_push=AXcoOmTsL61ZwVkQrZPupnsPVS5NwangneGjmRe0KMSyBeKA8JUVteFMFdmng62kMnwBCOvF5ijvG07Gp7JEe_gVcykr4ubDQu6n
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:49 GMT
an-x-request-uuid
d843fde4-e939-4995-93bf-405719e1137f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzA2OTIwOTczODA0MTU3MjM3MA%3D%3D&google_gid=CAESEJs_N4QsUswf90XUFWyiqHQ&google_cver=1&google_push=AXcoOmTsL61ZwVkQrZPupnsPVS5NwangneGjmRe0KMSyBeKA8JUVteFMFdmng62kMnwBCOvF5ijvG07Gp7JEe_gVcykr4ubDQu6n
x-proxy-origin
80.219.127.190; 80.219.127.190; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame AE0E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J2Oc1edzo0X8devI5Jf-CYL7knkIf5mDx4bfen_9eYDuklEnxMLzGbC25WEUEm0_irCQZCSHmh
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame FF4C 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 05:04:01 GMT
x-content-type-options
nosniff
age
206808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Nov 2024 05:04:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 14EC 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1377596303454&version=m202309260101&ct=76&x=1&cor=17809070832505178000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1699281049506&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=146687346&pt=447812496&tz=60&viewable=true&ddast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!dfrc_vB!eidc_vA!lvlstst-in2_vA!lvlstst1_vA!pl146687-346_vB!t45!t45!ufm_vD!v146687h_vC&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
d26ae523edbd258d6f649f6cef6e79b453dd38400e8fb58aae62422d3e324ef1

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:49 GMT
content-encoding
gzip
server
nginx
machineid
1479
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame F60C 		0
0
ads
googleads.g.doubleclick.net/pagead/ Frame A495 		29 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
06a3d98a3905a256bd8f4aaa9ceb93b4c5d5ec0bbdef21a24271f5d8835fdc6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12765
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 14:30:50 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C6pl_l_hIZYy4B9WSjuwP8s2noAeCiYyGdMjc0LL6EWQQASC6hMAzYPXtzIHgBKAByNma_QPIAQmpAp83uxywuLI-4AIAqAMByAPLBKoE6QJP0O-rGyKumMXUOnrleYBHOMTpuu3VBKzQ1L8jlWTgDJ1T4bd5Yf0ZJ85kTN0ISCDBw1um0HrU9Hhne1Cbi0m33wE2REVKpDwDe8VTgUdF3Dh8VX9-Ss0ukaf0EHAYaM6Sb9ONhYMltCY09PkihhmmHla43d_JMLW3UxaQrjq1BhPxPATKazvLmO7OenLC0xy3ZbRUGbgiIefLAgROFE6iF9G8EQRS-yGvf_8xFywplFGYADT5TAEpMbK96D9F4Km70fHJykb7fNu1LCy0NC8Tw1FpTim9-6aSYRJj1AcSAz_G40xTAFdx9etQf5FtXHN2SCPu7TlYU2BM8Wb1zeLjmbO6GoZ4pTse8WzcjhDI0nCuVxj4WAyj99-tnP3Rt_4e0v-MXKByRefExWnfDpoq_fA-QA_XY0FxGMCiZBPxdbR-AJLMsKhRJ-IZJigX3Tj8J2FJXN7rT-6nj1Wd7CHMu6IBu2eS814wwATJ-fCNwATgBAGIBYCzw-hLkgUECAQYAZIFBAgFGASgBi6AB6Cm5QKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC6kQjSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MJoJRWh0dHBzOi8vd3d3LmZyYW5rZW5zcGFsdGVyLmNoL2RlL2t1ZWNoZS1nYXN0cm8va3VlaGxlbi1nZWZyaWVyZW4uaHRtbIAKA8gLAZgM48Dix7UEogwMKgoKCOS0sQLutbEC2gwQCgoQ4IaQlMGZ9oIcEgIBA-INEwip8r2Zy6-CAxVViYMHHfLmCXS4E6EE2BMO0BUBmBYBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=6t1SAPRDNdw&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNNuRXPGsdo_q-JUje_F1GXdDN4Jcuz53cLhFL8cH62Scr_WfJIEtr0uzO42-Pf_IJzj0sSaT69xgB&template_id=545&cbvp=2&vis=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 06 Nov 2023 14:30:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame FF4C
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C6pl_l_hIZYy4B9WSjuwP8s2noAeCiYyGdMjc0LL6EWQQASC6hMAzYPXtzIHgBKAByNma_QPIAQmpAp83uxywuLI-4AIAqAMByAPLBKoE6QJP0O-rGyKumMXUOnrleYBHOMTpuu3VBKzQ...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6c982058dafdb70f0000000000000000%22,%222%22:%220x1eb9bd88a64d897f0000000000000000%22,%223%22:%220x1bfa19...
0
0
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/146687_325/infra/ 		813 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/146687_325/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
8edc832c4c233e8e48f9cbffeac3d0deb56f3f0a3c5c2df7aec6cb73987549bc

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1699267049
date
Mon, 06 Nov 2023 14:30:50 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HT1BWMFTMGDS94M0
age
13891
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1699267049
x-amz-meta-mode
33188
content-length
134908
x-amz-id-2
m28IaBC5HvU06UzJnGrLNPnC9jXhF0RS0xkAJFXOTgblDDp9kOZ2S1HJy49xMU6665j4Wp9aBFc=
x-served-by
cache-fra-eddf8230127-FRA
last-modified
Mon, 06 Nov 2023 10:37:30 GMT
server
AmazonS3-br
x-timer
S1699281051.886778,VS0,VE0
etag
"a45e4a58e767493aaa7d7618204bff46"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
6319
cmOsUnit.css
vidstat.taboola.com/vpaid/units/146687_325/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/146687_325/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1699267067
date
Mon, 06 Nov 2023 14:30:49 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
S8T4KPZGHG5XZNS9
age
13890
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1699267068
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
IuxUNbCpBKOSmIXAk0oYB7uwULBCppCdWu2GD4pEXvivF1jdz+3aDexGShpGNgcLI5AA37USBD8=
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Mon, 06 Nov 2023 10:37:49 GMT
server
AmazonS3-br
x-timer
S1699281050.767923,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
8732
Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js
pagead2.googlesyndication.com/bg/ Frame 5E29 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js
Requested by
Host: 92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
URL: https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
0eaed749931e3a7cbfcecd1c0ecfff06e953caebf0d3fb3850cc6b0857308c14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 19:38:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
413554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19631
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 19:38:15 GMT
native.js
a.teads.tv/media/flavors/ Frame E068 		98 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/flavors/native.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
13e09b52a44105efebec83dd243ee6fd0354b2446ca7f0c2bb3414fdc4143fbc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:51 GMT
content-encoding
gzip
last-modified
Fri, 03 Nov 2023 09:28:53 GMT
x-amz-request-id
MDTZBPHE6MCZGGSA
etag
"8360294f5ae3b3ac6ba5cc5a0910ac93"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
f
accept-ranges
bytes
content-length
24536
x-amz-id-2
4A7DolQDw4Op+Lu97mEXjzdQ1+rKU+7LkGagZoAnTMLkcfkp9Ci9Mj+Vw8BlEeKeMEX7SqZfDRo=
expires
Mon, 06 Nov 2023 15:00:51 GMT
json
gum.criteo.com/sid/ Frame 		0
0
json
gum.criteo.com/sid/ 		0
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
566460b09094730561e79bb8304e48f097dbc06fff016b2c055673c1e77a9839

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Nov 2023 14:30:50 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Wed, 06 Dec 2023 14:30:50 GMT
pd
adpushup-d.openx.net/w/1.0/ Frame 89AD 		0
0
ixmatch.html
js-sec.indexww.com/um/ Frame 2C9F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
757
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
821e09647ce72373-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Nov 2023 14:30:50 GMT
expires
Mon, 06 Nov 2023 18:30:50 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame 86D5 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
821e09634dd637ef-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Nov 2023 14:30:50 GMT
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 8818 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 06 Nov 2023 14:30:50 GMT
sync.html
public.servenobid.com/ Frame 75B7 		0
0
/
onetag-sys.com/usync/ Frame 5F5F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1699281045701
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
a1ef24e0c8a4295538fdbbcf62bb6bd72b24a60c9588c7178be5c54b6ac17b93
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1222
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame B233 		0
0
isyn
prebid.a-mo.net/ Frame 7C6D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 06 Nov 2023 14:30:49 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
usync.html
eus.rubiconproject.com/ Frame 5C48 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Nov 2023 14:30:50 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 7A19 		0
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0
img
sync.mathtag.com/sync/ Frame 5F5F 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1699281045701
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master cdg cdg-pixel-x31 config_version:"3168" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:30:50 GMT
Server
MT3 1075 283b7e3 master cdg cdg-pixel-x31 config_version:"3168"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 06 Nov 2023 14:30:49 GMT
/
onetag-sys.com/match/ Frame 5F5F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7069209738041572370
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7069209738041572370
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1699281045701
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:50 GMT
an-x-request-uuid
56a237f4-f216-4d2d-b240-8dc5f0640403
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7069209738041572370
x-proxy-origin
80.219.127.190; 80.219.127.190; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 5F5F
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=4f188bc43cbff39d850495a97db9b7c&gdpr_consent=&gdpr=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=4f188bc43cbff39d850495a97db9b7c&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1699281045701
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 06 Nov 2023 14:30:50 GMT
Server
nginx
nnCoection
close
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=3&uid=4f188bc43cbff39d850495a97db9b7c&gdpr_consent=&gdpr=1
Content-Length
0
x-sticky-vk
1699281050252037-353
tap.php
pixel.rubiconproject.com/ Frame 5F5F 		42 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=a3NPt_1cEvoyYt2m5KbJVr6ilHZWeH9SqzgFVfLht9E
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1699281045701
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame 5F5F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1699281045701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ImgSync
image8.pubmatic.com/AdServer/ Frame 5F5F 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1699281045701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:50 GMT
content-length
0
/
onetag-sys.com/match/ Frame 5F5F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgkM9PluzuwbQ_nGWXIs7Q&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgkM9PluzuwbQ_nGWXIs7Q&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1699281045701
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgkM9PluzuwbQ_nGWXIs7Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 5F5F 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1699281045701
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 5F5F 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1699281045701
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:50 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 5F5F 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1699281045701
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.247.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-247-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 5C48 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
43b28e8c3e5b0d5d16164fa7f1157715d24011825c1f47bac04607f975b0f3e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:30:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Nov 2023 13:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84237
Connection
keep-alive
Content-Length
13280
Expires
Tue, 07 Nov 2023 13:54:47 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FD72 		611 B
263 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjdWBCR3NjJBRin3dP7ATAB&v=APEucNWmYuIj3N4on-2wJMLdIHDBkgzbnM5NLi2ZAAAJ46m4G3dDsyc450qOekK0WBP72ftjrKKv69Kc2Dx8TwHSgaBO4bnWXQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
243
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 14:30:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3F4D 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 14:30:50 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 3F4D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 12:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
6860
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 12:36:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 3F4D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
69050
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:20:00 GMT
l
www.google.com/ads/measurement/ Frame 3F4D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmRmGmkrI7F0knz9XX12hueyRzJzAzjzZ8_zSfFwNHyG1ficV1Gblfiff_B_hP9WdgydGag8U_yfjAQ8RKsJiVS41fjA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F4D 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Nov 2023 14:30:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F4D 		42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CQtQIN-OcW856ZLpnlbzuI6UsnFzKLbtOGNK21CTMEdVLM_5lkphSzyx8aPbQniyS_K7QB38G7u75kmCozARzx5oMQ8n_yKVB-JsJ1qVfaWfyVpOc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F4D 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8935055057630551750&x=1&ct=119
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame BDCB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b93a4a5f86c5d4a805ebb9f4a776ae5d5237bc22355fd8eaa10eb3393e60a06b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
821e09657f352355-ZRH
content-encoding
br
content-type
text/html
date
Mon, 06 Nov 2023 14:30:50 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5%2FyniaxDCqAHWgALFwDEspX6JORQVQ10vxufJO%2BsnwNw61zNluZoLB41iSn%2FSG9e9Dbv7pkUxlRHNIXGUJQj8fjwtsv9ZUNsh9VOMdTu1%2BUtz1pxiTHg3WXwziHZJLvAlI%2FG1PU48wG5w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 86D5 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
2099367
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
821e0965990237ef-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
setuid
ib.adnxs.com/ Frame FD72
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFl8egr0Au_VKgcaPESPyR0&google_cver=1
43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFl8egr0Au_VKgcaPESPyR0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjdWBCR3NjJBRin3dP7ATAB&v=APEucNWmYuIj3N4on-2wJMLdIHDBkgzbnM5NLi2ZAAAJ46m4G3dDsyc450qOekK0WBP72ftjrKKv69Kc2Dx8TwHSgaBO4bnWXQ
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:50 GMT
an-x-request-uuid
3ae52bc6-6163-49c8-89d7-b35da8ff5976
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.219.127.190; 80.219.127.190; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFl8egr0Au_VKgcaPESPyR0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FD72
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA2OTIwOTczODA0MTU3MjM3MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA2OTIwOTczODA0MTU3MjM3MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjdWBCR3NjJBRin3dP7ATAB&v=APEucNWmYuIj3N4on-2wJMLdIHDBkgzbnM5NLi2ZAAAJ46m4G3dDsyc450qOekK0WBP72ftjrKKv69Kc2Dx8TwHSgaBO4bnWXQ
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:50 GMT
an-x-request-uuid
fe4a4239-75f7-4c87-bf4a-1af4da00bfe2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA2OTIwOTczODA0MTU3MjM3MA%3D%3D
x-proxy-origin
80.219.127.190; 80.219.127.190; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FD72
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL1qRgOXWrwSAjRJBI5Fz4U&google_cver=1
0
0
cm
us-u.openx.net/w/1.0/ Frame FD72 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F4D 		0
65 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5805615987646&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F4D 		0
65 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5805615987646&version=m202309260101&ct=119&x=1&cor=8935055057630552000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3F4D 		90 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ChQQybFogMx3Aw2FpN7lZPyr8OOxlGahmPb76zEfublyKl2YuVuPyHn3bSbrAWbOFqslgL6T_7y0lwNvhWLA5z4z-YeK1zbow7FOTbtt3M-pF8xqaQu23xiUv7E_SWg5UeoPnqChgHGuYXApCgEAF1r4ZJwoOaCx4nB5RmQFn6nQ8YXgrg3TUmBBfcPIII-0fQwO9u&cry=1&dbm_d=AKAmf-DXVoYOJh-pIQ9EGG0cBiXX0SUfTlHZaMigfcrY86G5amPHAOSWABm4DFqH9-Nb8I4MT_zryqsTYMzu9LcxaYbY4u2opak8ZRHjLIgT_dD11lAH6WUcA6dZWKrzZA8xiv46Vqe-z7j7iUp3VD-a7xIiBTFNgwZoAqpVZhlm56n-3cVz5cXqQzYCDXeoQmCQod28YD2g48shckRKoY_PigPqk-KXU3CuiZGuPv0ruijGVvNNup7yOzn_NR1x_GbCMziKR9SSbzPKi6Ize7zRaxN1h80zhvVBzIR-sHHb3AkR-cVtb0Sf3iDtWOQoC2dyeAqqxqz7oXeqmRdfjapCT2fhrRZY7b4-gRuv-L_rCS8-gmh9CBsrhBV18gAbKQwXjUTviLU1YgLIiizhDy8CltTgdNb3SGXMIlPX93R8Iyp62-1L2Z1X3QYdGjGqYNstAr0iZPX_OXc4RCeDfER7eEqoIYRxB29MSt1ZgAaLiUkmQn6YqGr3oFsSpZsdlFYmSOxAjGRjlG9SyhIW4gaeRflsNzqYJIypIbPnVfXFzJDnDsdcMqwCgOgpBclPUd4sxK8EcyO2D5Ye77fYmk-tio9K2ggioLL0CjkjcOYTzBRa1uoJ9-p_NOpbKfUHbzlTQRBlKBCXeeyu4gtHlpE4LLyJ9lMvq40_ijP3tDPctd5HIgD1nLclq5MUZ1DY_Z_0ARew3IJaIYbKvrD-he6q6Ugv8Lup94e285pWcfwisEOVOJke_xyiPHCdLxpFjfWEfz7Twyi2I0Ls1h4GMs6thHhCm-UG0D66ZSXztB61EAksBpIlmj3IUxJLh-jJ79G5WrXg8QEZtbR4xSeEktuvn0orJyHHpD9_K8Ib0CiwqbOTGfWPdd8HrmBaK5UObbw1m538Gm1RslLhwhH8I9GegEfApjiePFCLim_aI1sRS9UP5l6z3YYimzVljvptxzto-5J7QvGA5hBfQ6mmZ-G8MMKyJnpE9ozAoG3Hx72V9G1oy0SFgVlyrOJ8_srgumPV8RDW6FM8bQr8LUaIqnWhRmhpZYAoI1PB9QlrUOILSWbMH1n0ATKxlrevAbXBUA6zVRfTZS8tDVvbIwqfLB_sip8VdsMk-5vg-8Ycl0CCbcnnC12mR1impjyblM1h37zNHFbwWrrWuRflDUwmZoFXttDdz3_4ZoDnoyqOp3P8Z7KMPRmV4TGmkYOtBCNu12QJ65Sqz2ul_rn75aaqdmiXkZlZYwsrpTpPgskpEpKGKRnZwC69uvv4kF7Ze0FtsRgWWu1oaeC3hu8ztGPMxC9AiGno2sbsYxD4Zk0vSRn7rIujcRZJXcD5r_pPNd1L2P9BysdXaNyiA4hjfjYEDERHqKfkmA2EHsGpXqwZjPt4MlFuUwEyKWhHV1v5ijg_Ot2AAm_j036dUOJKhp-B93Y2PsC3APqmURTg20Jxt8wKshkXl2-mCvwgIvJe7ShXzgsgOqVRhyBz7hyH3swPNeyKJB1_ybOlOBRj-IGJIjCx78ABeNc-lp33SBhqKRW1X2dOZLiUHq8zr0PQKhhEGwpdJlHz6HNmqbf8b21flSWm_bGjy2nkm4Z_Us85CtOMDBSCAa8zXyx3dGne72caUFX2E1Q8tNgbpnx7RiZuleqrh3hqiTFDuzDpXQfyD32z3Jmh4aLb4H18TIZ_xmTPffFq0zV_ehj1pJkQpPT6xM-T3kMIj_Jdg4q0AyOOmLdOZ60PjFssSselLf7JBV4Kr8j_66VnR2r5PbcpeuXWHKEE6QrEJtBK4Ss7gqbASw81mhPOMHXKupgT1MQpWk1Y2snIqAYOutl5c2JGghRmyKz5tlt9zx4YDQ_5L7EayzbRt3X1D1cOpBAYDEf7hr4rgE8BOMdAZCDfinlRtdlxMzMKvTCPCEHnL_nl32kgRV8DhWYbnBp0hn92piZv90tN_44b3v04E0aLXsWdZZ2QyFur62mJCEH_y0fEka2HQXWnsOA0uSfB-vY3v6j-jCsWQ-MRUKw16F3syO6S9T6PLbcYhHmsfgSxJxMvz0wbYYesfLb8f4AKoFfCqLNlZNOkzEXDycf5DWH_FswPBRCdxaBrz31S5wfUJ3VQff0LNRxkP0MgBz2sHamF14W5zObei-s-Oj6E_09-lPsXKG02ELOR8xG6kxztXy3B2GaYxmlzaqBy1rt4zJEESeBJzH56hRpVlaSgO8SSx7ohc97mx19lMbzyeE0ibvxbbc5zePnkF_cgXg8LkEmR4uLL18VmJdI9_t07hw_xoiaGHyBBb_pImWsgSJE8cTqpLP79w-jGiMbHORxT2Aenr4hnrb5OYB0lLVWLk_EHlMr_LWQxjr87BUVHRflRlDre_Focc86gUSzJYuoJb43Mb4FQCsEXE3zdGy0_LDOR8W-rIzjXV_WQVxWSyHqmo5V3QnMKEg8MUr6aFf4i1mpTALdl2nM8U19PUBu_igi-XBLbHS9lSZWydnhb-1NQaxQfvkQS68DidH8_upj_kxuaZspZ00Bl_30EDcJYyMvSSDUKiXZ27F1l8bQyNglYTjrDN4BBDsUUz7GhkKdIyy3oD9IF7QCqxKzwBEq8cFX25m3LaQNYlsFHeFf-EYs95DqFTnwmH60h7QWfFuOnsR-TUeJy7joGRwDLQINpkSTewrXVAyAASaGX2K2Lh_m0OXbJHAC53Ua9tZ3XuvqxCAhAxq62zE0Xu1a0_Q5T95tN_r5lya-8MYCouh5XyJDYaKG4xXgXRHzTjseGx_4NW0z0DsITMAjhDtbLDBpg6-l3OpAACn_bkEEHNvKV8nT4oAZaEc_I56N7Zvr03th3FecevzpUBZP1XfWpuLT8YEn9447Ocx-c5vz8janGcNBLdQ3XM6Nx3g7fl53fjtJYoNfksS7UXi_kHXMzBJx3yRtTr1WErW3TPydvq-Vb0CxffDdqeNqnqsbgWJy4W46wXhFsCMs5ZWYal0kLtuNXHOAD4xaj2GZ35B3m544A-kB8fNCGhcPkEEiI9Kz9kNr2xLao4_Nv-0x8cbU1o_a4rnEqMdtTcUZ4uRSvNzky_TabZ_hRDGIaZZOCDfjTqXFRSwVLb94KEaNgfCRsZ3O1Rn-VAT6ArDLBZ6HM_7mR2nlMXdYhiJ-wxb207C626jZLNXlcR33o6n7bsL2tnQc9Xny8XzhqgmmwrXIPj9dYGJu7uipXASgGsJ8c0jsptaEr8Zv-pjNAjAz_rxFOSCthobZpg0uPgJtaZZDibaQ2A3dViLNq4_nm1wBRGniCy7JYjvj685bXgPFcayCVoi8NkRUk5qUQFpIE4496d7vGJJXcy89WFut3hXPaI9q0J1roIXmEnGhMLbgS5BBkfbfEuZS8RaMOWMVYH4x5_69hYps-0D4wrbTrR8ppaPBAg-euIciAf4bPav8o-nk7puLygnihZ6S121Vi_3pEqrhsRJMFFJUxJrcOezbpH2Xh5pmz_nbaCNeMxdMR-s2Amy9KaAI1_bIagcZRQKuRu26-y72YRI0_0-D-V3Dn3fQ2hGfSGttxJ9UXE3uKVRa8iBFyY_etkpJlTsYQHhpbWl9LrKveR2_858U4kxBjlvKzS5voITULT3YWWBsseCfMeMnqgkTpYZGJ_kUoPlR51xhvZvJU5CdRenaMzHyMkJGtKXD0FjxidmuGiwEqFF6Rkwel5VGvn9OF6TE2IQx7mheHCbIuCeaNe_5DaN6L2D1mHt_sNIm7XpnEMKv6IpCQ1hbeXJZeeouVnDqBISny-gtU5mXj8lNAAaGO14mgcQ170Emd2tmfSaOJ-fr0q2r8qR6yLiMYTVfe580E_y9FYbqNxpjX1Zu2Bga7ms-GWoAz3Sf_04eCahksOW1GnZx89z_HQjyMJlSxKjkBo8IoyTSf9XexVBkO6VpvAbyW1q33eycYhqVyxl4edfYvw0-1UDvXwKavG5ip3FTBNaox83Gy7aL-j-KSfMFAoIorvCej3MrKnDomOX8pRZOVHNOHfnOXYut3jYqIFtGNan5z96YfEIv2Z5w&cid=CAQSPADICaaN5uXlMEe8UpDK1l1EH8r-VUqGNfGa0kb7UiimPrJw-l18R7AzhkpYrxRLbRMnkbFCCkAsp9Bh9xgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=8935055057630552000&adk=1411225166&idt=247&cac=0&dtd=110
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e85a7b370672e0815dab5d27fff70027b94b760abc1c43bfe4a4f3ae074f98b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38468
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
31327
i.liadm.com/s/ Frame BDCB 		0
0
ZUj4ly0uyDqVghiSXC-figAAFDoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BDCB 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZUj4ly0uyDqVghiSXC-figAAFDoAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.148.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-148-187.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame BDCB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7069209738041572370
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7069209738041572370
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grPpQP5s7iY5Scp9T6O3QmIzDoa1w%2BJjbupBMFMbFeh44u5JnPrSUBM14yaJ8GTeUZL7SPwatok56SVybkiqElSE8bURnfZIo42iS0XZ26CbDxMckn2tf3koRessBEa%2FUzK6JZl189HGOg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
821e09695d862355-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:50 GMT
an-x-request-uuid
3b8d14d7-9b35-4272-887e-946daf09c5b3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7069209738041572370
x-proxy-origin
80.219.127.190; 80.219.127.190; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZUj4ly0uyDqVghiSXC-figAAFDoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BDCB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZUj4ly0uyDqVghiSXC-figAAFDoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZUj4ly0uyDqVghiSXC-figAAFDoAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZUj4ly0uyDqVghiSXC-figAAFDoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
54.228.148.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-148-187.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZUj4ly0uyDqVghiSXC-figAAFDoAAAIB
date
Mon, 06 Nov 2023 14:30:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame BDCB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5812912161428483942&expiration=1700490652
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5812912161428483942&expiration=1700490652
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GBluPiPc%2BaZo965eypOkZTRl4ntrLcTEKXEO%2BcMQQZjuKPFvgbFc9UCqnOckKTekyBW1XEpgUy9uKb%2BijrAVXff%2FsmYzGrPdJmpbnnjUpMkn7UNIFlgJhBmIGoaNAZ%2FbmdY%2BFfWUI0yAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
821e09724bde2355-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5812912161428483942&expiration=1700490652
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
casale
match.adsrvr.org/track/cmf/ Frame BDCB 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:50 GMT
server
Kestrel
content-length
70
content-type
image/gif
ping_match.gif
pm.w55c.net/ Frame BDCB 		0
0
indexexchange
sync.adotmob.com/cookie/ Frame BDCB 		0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame BDCB 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZUj4ly0uyDqVghiSXC.figAA%265178
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:50 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
42332
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
821e09686b262373-ZRH
content-length
43
expires
Tue, 07 Nov 2023 14:30:50 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 9EC7 		0
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
821e09680c9c37ef-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Nov 2023 14:30:50 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/match/
Redirect Chain
  • https://onetag-sys.com/usync/?tag=img
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7783354667394345830&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=64815808-0e60-493b-bad5-d2adccca1543&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=64815808-0e60-493b-bad5-d2adccca1543&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=64815808-0e60-493b-bad5-d2adccca1543&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 06 Nov 2023 14:30:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FF4C 		0
0
/
onetag-sys.com/usync/ Frame B52D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
45da17b10801949d96d632772eb2936456daca7c8791778cdfc7b183a00d9a04
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1267
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E9ED 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
281790
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 08:14:20 GMT
expires
Sat, 02 Nov 2024 08:14:20 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
5b060c263d2ad79bebbe993f68225b05.jpg
static.bg3.co/imgs/202105/ 		0
0
0d3df55f64d9b364cbf0a3a9b92280e8.jpg
static.bg3.co/imgs/202105/ 		0
0
pixel
ap.lijit.com/ Frame 5780 		0
0
/
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame 5A09 		0
0
rmpssp
sync.1rx.io/usersync2/ Frame 5F59 		0
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 3F4D 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 12:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Nov 2023 12:29:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 3F4D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ChQQybFogMx3Aw2FpN7lZPyr8OOxlGahmPb76zEfublyKl2YuVuPyHn3bSbrAWbOFqslgL6T_7y0lwNvhWLA5z4z-YeK1zbow7FOTbtt3M-pF8xqaQu23xiUv7E_SWg5UeoPnqChgHGuYXApCgEAF1r4ZJwoOaCx4nB5RmQFn6nQ8YXgrg3TUmBBfcPIII-0fQwO9u&cry=1&dbm_d=AKAmf-DXVoYOJh-pIQ9EGG0cBiXX0SUfTlHZaMigfcrY86G5amPHAOSWABm4DFqH9-Nb8I4MT_zryqsTYMzu9LcxaYbY4u2opak8ZRHjLIgT_dD11lAH6WUcA6dZWKrzZA8xiv46Vqe-z7j7iUp3VD-a7xIiBTFNgwZoAqpVZhlm56n-3cVz5cXqQzYCDXeoQmCQod28YD2g48shckRKoY_PigPqk-KXU3CuiZGuPv0ruijGVvNNup7yOzn_NR1x_GbCMziKR9SSbzPKi6Ize7zRaxN1h80zhvVBzIR-sHHb3AkR-cVtb0Sf3iDtWOQoC2dyeAqqxqz7oXeqmRdfjapCT2fhrRZY7b4-gRuv-L_rCS8-gmh9CBsrhBV18gAbKQwXjUTviLU1YgLIiizhDy8CltTgdNb3SGXMIlPX93R8Iyp62-1L2Z1X3QYdGjGqYNstAr0iZPX_OXc4RCeDfER7eEqoIYRxB29MSt1ZgAaLiUkmQn6YqGr3oFsSpZsdlFYmSOxAjGRjlG9SyhIW4gaeRflsNzqYJIypIbPnVfXFzJDnDsdcMqwCgOgpBclPUd4sxK8EcyO2D5Ye77fYmk-tio9K2ggioLL0CjkjcOYTzBRa1uoJ9-p_NOpbKfUHbzlTQRBlKBCXeeyu4gtHlpE4LLyJ9lMvq40_ijP3tDPctd5HIgD1nLclq5MUZ1DY_Z_0ARew3IJaIYbKvrD-he6q6Ugv8Lup94e285pWcfwisEOVOJke_xyiPHCdLxpFjfWEfz7Twyi2I0Ls1h4GMs6thHhCm-UG0D66ZSXztB61EAksBpIlmj3IUxJLh-jJ79G5WrXg8QEZtbR4xSeEktuvn0orJyHHpD9_K8Ib0CiwqbOTGfWPdd8HrmBaK5UObbw1m538Gm1RslLhwhH8I9GegEfApjiePFCLim_aI1sRS9UP5l6z3YYimzVljvptxzto-5J7QvGA5hBfQ6mmZ-G8MMKyJnpE9ozAoG3Hx72V9G1oy0SFgVlyrOJ8_srgumPV8RDW6FM8bQr8LUaIqnWhRmhpZYAoI1PB9QlrUOILSWbMH1n0ATKxlrevAbXBUA6zVRfTZS8tDVvbIwqfLB_sip8VdsMk-5vg-8Ycl0CCbcnnC12mR1impjyblM1h37zNHFbwWrrWuRflDUwmZoFXttDdz3_4ZoDnoyqOp3P8Z7KMPRmV4TGmkYOtBCNu12QJ65Sqz2ul_rn75aaqdmiXkZlZYwsrpTpPgskpEpKGKRnZwC69uvv4kF7Ze0FtsRgWWu1oaeC3hu8ztGPMxC9AiGno2sbsYxD4Zk0vSRn7rIujcRZJXcD5r_pPNd1L2P9BysdXaNyiA4hjfjYEDERHqKfkmA2EHsGpXqwZjPt4MlFuUwEyKWhHV1v5ijg_Ot2AAm_j036dUOJKhp-B93Y2PsC3APqmURTg20Jxt8wKshkXl2-mCvwgIvJe7ShXzgsgOqVRhyBz7hyH3swPNeyKJB1_ybOlOBRj-IGJIjCx78ABeNc-lp33SBhqKRW1X2dOZLiUHq8zr0PQKhhEGwpdJlHz6HNmqbf8b21flSWm_bGjy2nkm4Z_Us85CtOMDBSCAa8zXyx3dGne72caUFX2E1Q8tNgbpnx7RiZuleqrh3hqiTFDuzDpXQfyD32z3Jmh4aLb4H18TIZ_xmTPffFq0zV_ehj1pJkQpPT6xM-T3kMIj_Jdg4q0AyOOmLdOZ60PjFssSselLf7JBV4Kr8j_66VnR2r5PbcpeuXWHKEE6QrEJtBK4Ss7gqbASw81mhPOMHXKupgT1MQpWk1Y2snIqAYOutl5c2JGghRmyKz5tlt9zx4YDQ_5L7EayzbRt3X1D1cOpBAYDEf7hr4rgE8BOMdAZCDfinlRtdlxMzMKvTCPCEHnL_nl32kgRV8DhWYbnBp0hn92piZv90tN_44b3v04E0aLXsWdZZ2QyFur62mJCEH_y0fEka2HQXWnsOA0uSfB-vY3v6j-jCsWQ-MRUKw16F3syO6S9T6PLbcYhHmsfgSxJxMvz0wbYYesfLb8f4AKoFfCqLNlZNOkzEXDycf5DWH_FswPBRCdxaBrz31S5wfUJ3VQff0LNRxkP0MgBz2sHamF14W5zObei-s-Oj6E_09-lPsXKG02ELOR8xG6kxztXy3B2GaYxmlzaqBy1rt4zJEESeBJzH56hRpVlaSgO8SSx7ohc97mx19lMbzyeE0ibvxbbc5zePnkF_cgXg8LkEmR4uLL18VmJdI9_t07hw_xoiaGHyBBb_pImWsgSJE8cTqpLP79w-jGiMbHORxT2Aenr4hnrb5OYB0lLVWLk_EHlMr_LWQxjr87BUVHRflRlDre_Focc86gUSzJYuoJb43Mb4FQCsEXE3zdGy0_LDOR8W-rIzjXV_WQVxWSyHqmo5V3QnMKEg8MUr6aFf4i1mpTALdl2nM8U19PUBu_igi-XBLbHS9lSZWydnhb-1NQaxQfvkQS68DidH8_upj_kxuaZspZ00Bl_30EDcJYyMvSSDUKiXZ27F1l8bQyNglYTjrDN4BBDsUUz7GhkKdIyy3oD9IF7QCqxKzwBEq8cFX25m3LaQNYlsFHeFf-EYs95DqFTnwmH60h7QWfFuOnsR-TUeJy7joGRwDLQINpkSTewrXVAyAASaGX2K2Lh_m0OXbJHAC53Ua9tZ3XuvqxCAhAxq62zE0Xu1a0_Q5T95tN_r5lya-8MYCouh5XyJDYaKG4xXgXRHzTjseGx_4NW0z0DsITMAjhDtbLDBpg6-l3OpAACn_bkEEHNvKV8nT4oAZaEc_I56N7Zvr03th3FecevzpUBZP1XfWpuLT8YEn9447Ocx-c5vz8janGcNBLdQ3XM6Nx3g7fl53fjtJYoNfksS7UXi_kHXMzBJx3yRtTr1WErW3TPydvq-Vb0CxffDdqeNqnqsbgWJy4W46wXhFsCMs5ZWYal0kLtuNXHOAD4xaj2GZ35B3m544A-kB8fNCGhcPkEEiI9Kz9kNr2xLao4_Nv-0x8cbU1o_a4rnEqMdtTcUZ4uRSvNzky_TabZ_hRDGIaZZOCDfjTqXFRSwVLb94KEaNgfCRsZ3O1Rn-VAT6ArDLBZ6HM_7mR2nlMXdYhiJ-wxb207C626jZLNXlcR33o6n7bsL2tnQc9Xny8XzhqgmmwrXIPj9dYGJu7uipXASgGsJ8c0jsptaEr8Zv-pjNAjAz_rxFOSCthobZpg0uPgJtaZZDibaQ2A3dViLNq4_nm1wBRGniCy7JYjvj685bXgPFcayCVoi8NkRUk5qUQFpIE4496d7vGJJXcy89WFut3hXPaI9q0J1roIXmEnGhMLbgS5BBkfbfEuZS8RaMOWMVYH4x5_69hYps-0D4wrbTrR8ppaPBAg-euIciAf4bPav8o-nk7puLygnihZ6S121Vi_3pEqrhsRJMFFJUxJrcOezbpH2Xh5pmz_nbaCNeMxdMR-s2Amy9KaAI1_bIagcZRQKuRu26-y72YRI0_0-D-V3Dn3fQ2hGfSGttxJ9UXE3uKVRa8iBFyY_etkpJlTsYQHhpbWl9LrKveR2_858U4kxBjlvKzS5voITULT3YWWBsseCfMeMnqgkTpYZGJ_kUoPlR51xhvZvJU5CdRenaMzHyMkJGtKXD0FjxidmuGiwEqFF6Rkwel5VGvn9OF6TE2IQx7mheHCbIuCeaNe_5DaN6L2D1mHt_sNIm7XpnEMKv6IpCQ1hbeXJZeeouVnDqBISny-gtU5mXj8lNAAaGO14mgcQ170Emd2tmfSaOJ-fr0q2r8qR6yLiMYTVfe580E_y9FYbqNxpjX1Zu2Bga7ms-GWoAz3Sf_04eCahksOW1GnZx89z_HQjyMJlSxKjkBo8IoyTSf9XexVBkO6VpvAbyW1q33eycYhqVyxl4edfYvw0-1UDvXwKavG5ip3FTBNaox83Gy7aL-j-KSfMFAoIorvCej3MrKnDomOX8pRZOVHNOHfnOXYut3jYqIFtGNan5z96YfEIv2Z5w&cid=CAQSPADICaaN5uXlMEe8UpDK1l1EH8r-VUqGNfGa0kb7UiimPrJw-l18R7AzhkpYrxRLbRMnkbFCCkAsp9Bh9xgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=8935055057630552000&adk=1411225166&idt=247&cac=0&dtd=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:24:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
68790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:24:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 3F4D 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ChQQybFogMx3Aw2FpN7lZPyr8OOxlGahmPb76zEfublyKl2YuVuPyHn3bSbrAWbOFqslgL6T_7y0lwNvhWLA5z4z-YeK1zbow7FOTbtt3M-pF8xqaQu23xiUv7E_SWg5UeoPnqChgHGuYXApCgEAF1r4ZJwoOaCx4nB5RmQFn6nQ8YXgrg3TUmBBfcPIII-0fQwO9u&cry=1&dbm_d=AKAmf-DXVoYOJh-pIQ9EGG0cBiXX0SUfTlHZaMigfcrY86G5amPHAOSWABm4DFqH9-Nb8I4MT_zryqsTYMzu9LcxaYbY4u2opak8ZRHjLIgT_dD11lAH6WUcA6dZWKrzZA8xiv46Vqe-z7j7iUp3VD-a7xIiBTFNgwZoAqpVZhlm56n-3cVz5cXqQzYCDXeoQmCQod28YD2g48shckRKoY_PigPqk-KXU3CuiZGuPv0ruijGVvNNup7yOzn_NR1x_GbCMziKR9SSbzPKi6Ize7zRaxN1h80zhvVBzIR-sHHb3AkR-cVtb0Sf3iDtWOQoC2dyeAqqxqz7oXeqmRdfjapCT2fhrRZY7b4-gRuv-L_rCS8-gmh9CBsrhBV18gAbKQwXjUTviLU1YgLIiizhDy8CltTgdNb3SGXMIlPX93R8Iyp62-1L2Z1X3QYdGjGqYNstAr0iZPX_OXc4RCeDfER7eEqoIYRxB29MSt1ZgAaLiUkmQn6YqGr3oFsSpZsdlFYmSOxAjGRjlG9SyhIW4gaeRflsNzqYJIypIbPnVfXFzJDnDsdcMqwCgOgpBclPUd4sxK8EcyO2D5Ye77fYmk-tio9K2ggioLL0CjkjcOYTzBRa1uoJ9-p_NOpbKfUHbzlTQRBlKBCXeeyu4gtHlpE4LLyJ9lMvq40_ijP3tDPctd5HIgD1nLclq5MUZ1DY_Z_0ARew3IJaIYbKvrD-he6q6Ugv8Lup94e285pWcfwisEOVOJke_xyiPHCdLxpFjfWEfz7Twyi2I0Ls1h4GMs6thHhCm-UG0D66ZSXztB61EAksBpIlmj3IUxJLh-jJ79G5WrXg8QEZtbR4xSeEktuvn0orJyHHpD9_K8Ib0CiwqbOTGfWPdd8HrmBaK5UObbw1m538Gm1RslLhwhH8I9GegEfApjiePFCLim_aI1sRS9UP5l6z3YYimzVljvptxzto-5J7QvGA5hBfQ6mmZ-G8MMKyJnpE9ozAoG3Hx72V9G1oy0SFgVlyrOJ8_srgumPV8RDW6FM8bQr8LUaIqnWhRmhpZYAoI1PB9QlrUOILSWbMH1n0ATKxlrevAbXBUA6zVRfTZS8tDVvbIwqfLB_sip8VdsMk-5vg-8Ycl0CCbcnnC12mR1impjyblM1h37zNHFbwWrrWuRflDUwmZoFXttDdz3_4ZoDnoyqOp3P8Z7KMPRmV4TGmkYOtBCNu12QJ65Sqz2ul_rn75aaqdmiXkZlZYwsrpTpPgskpEpKGKRnZwC69uvv4kF7Ze0FtsRgWWu1oaeC3hu8ztGPMxC9AiGno2sbsYxD4Zk0vSRn7rIujcRZJXcD5r_pPNd1L2P9BysdXaNyiA4hjfjYEDERHqKfkmA2EHsGpXqwZjPt4MlFuUwEyKWhHV1v5ijg_Ot2AAm_j036dUOJKhp-B93Y2PsC3APqmURTg20Jxt8wKshkXl2-mCvwgIvJe7ShXzgsgOqVRhyBz7hyH3swPNeyKJB1_ybOlOBRj-IGJIjCx78ABeNc-lp33SBhqKRW1X2dOZLiUHq8zr0PQKhhEGwpdJlHz6HNmqbf8b21flSWm_bGjy2nkm4Z_Us85CtOMDBSCAa8zXyx3dGne72caUFX2E1Q8tNgbpnx7RiZuleqrh3hqiTFDuzDpXQfyD32z3Jmh4aLb4H18TIZ_xmTPffFq0zV_ehj1pJkQpPT6xM-T3kMIj_Jdg4q0AyOOmLdOZ60PjFssSselLf7JBV4Kr8j_66VnR2r5PbcpeuXWHKEE6QrEJtBK4Ss7gqbASw81mhPOMHXKupgT1MQpWk1Y2snIqAYOutl5c2JGghRmyKz5tlt9zx4YDQ_5L7EayzbRt3X1D1cOpBAYDEf7hr4rgE8BOMdAZCDfinlRtdlxMzMKvTCPCEHnL_nl32kgRV8DhWYbnBp0hn92piZv90tN_44b3v04E0aLXsWdZZ2QyFur62mJCEH_y0fEka2HQXWnsOA0uSfB-vY3v6j-jCsWQ-MRUKw16F3syO6S9T6PLbcYhHmsfgSxJxMvz0wbYYesfLb8f4AKoFfCqLNlZNOkzEXDycf5DWH_FswPBRCdxaBrz31S5wfUJ3VQff0LNRxkP0MgBz2sHamF14W5zObei-s-Oj6E_09-lPsXKG02ELOR8xG6kxztXy3B2GaYxmlzaqBy1rt4zJEESeBJzH56hRpVlaSgO8SSx7ohc97mx19lMbzyeE0ibvxbbc5zePnkF_cgXg8LkEmR4uLL18VmJdI9_t07hw_xoiaGHyBBb_pImWsgSJE8cTqpLP79w-jGiMbHORxT2Aenr4hnrb5OYB0lLVWLk_EHlMr_LWQxjr87BUVHRflRlDre_Focc86gUSzJYuoJb43Mb4FQCsEXE3zdGy0_LDOR8W-rIzjXV_WQVxWSyHqmo5V3QnMKEg8MUr6aFf4i1mpTALdl2nM8U19PUBu_igi-XBLbHS9lSZWydnhb-1NQaxQfvkQS68DidH8_upj_kxuaZspZ00Bl_30EDcJYyMvSSDUKiXZ27F1l8bQyNglYTjrDN4BBDsUUz7GhkKdIyy3oD9IF7QCqxKzwBEq8cFX25m3LaQNYlsFHeFf-EYs95DqFTnwmH60h7QWfFuOnsR-TUeJy7joGRwDLQINpkSTewrXVAyAASaGX2K2Lh_m0OXbJHAC53Ua9tZ3XuvqxCAhAxq62zE0Xu1a0_Q5T95tN_r5lya-8MYCouh5XyJDYaKG4xXgXRHzTjseGx_4NW0z0DsITMAjhDtbLDBpg6-l3OpAACn_bkEEHNvKV8nT4oAZaEc_I56N7Zvr03th3FecevzpUBZP1XfWpuLT8YEn9447Ocx-c5vz8janGcNBLdQ3XM6Nx3g7fl53fjtJYoNfksS7UXi_kHXMzBJx3yRtTr1WErW3TPydvq-Vb0CxffDdqeNqnqsbgWJy4W46wXhFsCMs5ZWYal0kLtuNXHOAD4xaj2GZ35B3m544A-kB8fNCGhcPkEEiI9Kz9kNr2xLao4_Nv-0x8cbU1o_a4rnEqMdtTcUZ4uRSvNzky_TabZ_hRDGIaZZOCDfjTqXFRSwVLb94KEaNgfCRsZ3O1Rn-VAT6ArDLBZ6HM_7mR2nlMXdYhiJ-wxb207C626jZLNXlcR33o6n7bsL2tnQc9Xny8XzhqgmmwrXIPj9dYGJu7uipXASgGsJ8c0jsptaEr8Zv-pjNAjAz_rxFOSCthobZpg0uPgJtaZZDibaQ2A3dViLNq4_nm1wBRGniCy7JYjvj685bXgPFcayCVoi8NkRUk5qUQFpIE4496d7vGJJXcy89WFut3hXPaI9q0J1roIXmEnGhMLbgS5BBkfbfEuZS8RaMOWMVYH4x5_69hYps-0D4wrbTrR8ppaPBAg-euIciAf4bPav8o-nk7puLygnihZ6S121Vi_3pEqrhsRJMFFJUxJrcOezbpH2Xh5pmz_nbaCNeMxdMR-s2Amy9KaAI1_bIagcZRQKuRu26-y72YRI0_0-D-V3Dn3fQ2hGfSGttxJ9UXE3uKVRa8iBFyY_etkpJlTsYQHhpbWl9LrKveR2_858U4kxBjlvKzS5voITULT3YWWBsseCfMeMnqgkTpYZGJ_kUoPlR51xhvZvJU5CdRenaMzHyMkJGtKXD0FjxidmuGiwEqFF6Rkwel5VGvn9OF6TE2IQx7mheHCbIuCeaNe_5DaN6L2D1mHt_sNIm7XpnEMKv6IpCQ1hbeXJZeeouVnDqBISny-gtU5mXj8lNAAaGO14mgcQ170Emd2tmfSaOJ-fr0q2r8qR6yLiMYTVfe580E_y9FYbqNxpjX1Zu2Bga7ms-GWoAz3Sf_04eCahksOW1GnZx89z_HQjyMJlSxKjkBo8IoyTSf9XexVBkO6VpvAbyW1q33eycYhqVyxl4edfYvw0-1UDvXwKavG5ip3FTBNaox83Gy7aL-j-KSfMFAoIorvCej3MrKnDomOX8pRZOVHNOHfnOXYut3jYqIFtGNan5z96YfEIv2Z5w&cid=CAQSPADICaaN5uXlMEe8UpDK1l1EH8r-VUqGNfGa0kb7UiimPrJw-l18R7AzhkpYrxRLbRMnkbFCCkAsp9Bh9xgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=8935055057630552000&adk=1411225166&idt=247&cac=0&dtd=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:26:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
29069
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11960
x-xss-protection
0
server
cafe
etag
17132697034905592634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 06:26:22 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3F4D 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 02:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
389305
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 02:22:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EC3A 		1 KB
689 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
29027
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 06:27:05 GMT
etag
48472445140208031
expires
Tue, 07 Nov 2023 06:27:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3F4D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5734d5e67c9230622730f3d1bd6531170f5ccfb92dff2e299617a0bb0f917f8

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame E9ED 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 09:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
19011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Nov 2024 09:14:00 GMT
c45cc90a-3a1d-5236-b63d-3063d375c8f4
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame DF6D
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/c45cc90a-3a1d-5236-b63d-3063d375c8f4
0
470 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/c45cc90a-3a1d-5236-b63d-3063d375c8f4
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
821e097069cb37ef-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Nov 2023 14:30:52 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/c45cc90a-3a1d-5236-b63d-3063d375c8f4
446dcf91fd5ac2d8e2e0794fcdf2a3a4f916f892a4a6a08acfc5e1fe451264a4
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame D8A5
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/446dcf91fd5ac2d8e2e0794fcdf2a3a4f916f892a4a6a08acfc5e1fe451264a4
0
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/446dcf91fd5ac2d8e2e0794fcdf2a3a4f916f892a4a6a08acfc5e1fe451264a4
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
821e0975fa0137ef-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Nov 2023 14:30:53 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 06 Nov 2023 14:30:52 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/446dcf91fd5ac2d8e2e0794fcdf2a3a4f916f892a4a6a08acfc5e1fe451264a4
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
cookie
cm.adform.net/ Frame 7804 		0
0
img
sync.mathtag.com/sync/ Frame B52D 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master cdg cdg-pixel-x25 config_version:"3168" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:30:51 GMT
Server
MT3 1075 283b7e3 master cdg cdg-pixel-x25 config_version:"3168"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 06 Nov 2023 14:30:50 GMT
/
onetag-sys.com/match/ Frame B52D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7069209738041572370
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7069209738041572370
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:51 GMT
an-x-request-uuid
4ee8c179-a393-4389-8a72-1229aa42ff31
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7069209738041572370
x-proxy-origin
80.219.127.190; 80.219.127.190; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame B52D
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=4f188bc43cbff39d850495a97db9b7c&gdpr_consent=&gdpr=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=4f188bc43cbff39d850495a97db9b7c&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 06 Nov 2023 14:30:51 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=4f188bc43cbff39d850495a97db9b7c&gdpr_consent=&gdpr=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1699281051143049-375
tap.php
pixel.rubiconproject.com/ Frame B52D 		42 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=14F0m5xFz5nefYx2y2ZQ6TC3380TYXzX6T5dOqMjpGU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame B52D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ImgSync
image8.pubmatic.com/AdServer/ Frame B52D 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:51 GMT
content-length
0
/
onetag-sys.com/match/ Frame B52D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgkM9PluzuwbQ_nGWXIs7Q&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgkM9PluzuwbQ_nGWXIs7Q&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgkM9PluzuwbQ_nGWXIs7Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame B52D 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame B52D 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:51 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame B52D 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.247.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-247-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
14F0m5xFz5nefYx2y2ZQ6TC3380TYXzX6T5dOqMjpGU&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame B52D 		0
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/onetag/14F0m5xFz5nefYx2y2ZQ6TC3380TYXzX6T5dOqMjpGU&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
821e096a781137ef-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
redirect
ssp-sync.criteo.com/user-sync/ Frame B88C 		0
0
getuid
cookiesync.api.bliink.io/ Frame DB7C 		24 B
174 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.205.65.172 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
172.65.205.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
80bd9f4f42e2a8fc72c3c71dbe5d2ae87241ec44d78689b5210018be6d3717cd

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-length
48
content-type
application/json
date
Mon, 06 Nov 2023 14:30:52 GMT
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
2
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/146687_325/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:51 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
484434
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1699281052.775744,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
64026
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v146687.346/ 		426 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v146687.346/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/146687_325/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
453549f96dfe36d7613d358a5af8f6d3d5cb543eccf49e174fbdb9ec59ed121e

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1699280277
date
Mon, 06 Nov 2023 14:30:51 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
JYD02JJT29TMY74F
age
705
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1699280290
x-amz-meta-mode
33188
content-length
82196
x-amz-id-2
LULfRgLKkADGsG6xspuY3sm/v9JDWK9zs4+qvR5AnpaVjN6hUS3hCm5PIHNYy4gvuNI8kCpt9ek=
x-served-by
cache-fra-eddf8230127-FRA
last-modified
Mon, 06 Nov 2023 14:18:11 GMT
server
AmazonS3-br
x-timer
S1699281052.853587,VS0,VE0
etag
"c36296ddd06432da5c3ef0dd8c3758c8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
456
sync
am-match.taboola.com/ Frame 9372 		422 B
516 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/146687_325/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
7df67e7a88c4579786e376d1f316cb714e4b7c3bb5434a7fdb66cf3282aaed0a

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 06 Nov 2023 14:30:52 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&cmcv=&pix=31579697&cb=1699281051487&uv=146687325&tms=1699281051487&su=3&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!eidc_vA!lvlstst-in2_vA!lvlstst1_vA!pl146687-346_vB!t45!t45!ufm_vG!v146687h_vC&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:51 GMT
content-length
0
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Mon, 06 Nov 2023 14:30:52 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
3732397
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230137-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1699281052.017158,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
413018
4f188bc43cbff39d850495a97db9b7c
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 4FC3
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/4f188bc43cbff39d850495a97db9b7c?gdpr_consent=&gdpr=0
0
471 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/4f188bc43cbff39d850495a97db9b7c?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
821e097069ce37ef-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Nov 2023 14:30:52 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Mon, 06 Nov 2023 14:30:52 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/4f188bc43cbff39d850495a97db9b7c?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1699281052092055-390
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi2=-2&tvi48=12019&tvi50=11103&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231106-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
62
date
Mon, 06 Nov 2023 14:30:51 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
59090
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230137-FRA
pragma
no-cache
server
nginx
x-timer
S1699281052.561691,VS0,VE62
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
track
t2.teads.tv/ Frame E068 		0
0
track
t.teads.tv/ Frame E068 		0
0
nurl
a.teads.tv/be-ms/ Frame E068 		10 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/be-ms/nurl?payload=GISpCiDUn0Yor7FCMkoJAAAAAIAAPj8hmpmZmZmZ6T8oytHnuw8yGyoZChUI7eoIEgNVU0QaCmltcHJlc3Npb24YATjAsxtYBWDAsxtwhuJveMWBdJgBADgBQgNDSEZIAVAAWAByBmpzLXdlYngAgAFEkgFcCAUQ9AUYzE8gtL0CKgQ4MTA1MP___________wE6BHdpZmlCEHN1bnJpc2UgdXBjIGdtYmhKAT9SDWV1cm9wZS96dXJpY2haCnJlZ2Vuc2RvcmZiB3NjaHdlaXqaAQp3d3cuYmczLmNvoAECqAEDuAHPN8IBBnByZWJpZOABAfoBMxIvChUIrYbxwLyHqYluEOTxrerT_I2CrgESFgiti6XdkKjE38MBEPjCz-qzuN-qpgEYAIACjI-sqLoxigIHV2luZG93c5ICBDEwLjCYAgCqAjxTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWWyAhoKFgi8iqG0z8HY2O8BEJns1JKFzMTmjAEgANgCAOACAPEC3eN3V_-q7T_4AgGAAwCiA2NodHRwczovL3d3dy5iZzMuY28vYS9tYW4tZ3UteGluLXJlbi1xdS1uYS1wYWktaHVuLXNoYS1kdW8tY2FpLW1vLWx1by1nZS1mZW5nLWx1LWd1YW4tY2hhby1oYW5nLmh0bWyoAwCyAwJjaLoDBkNocm9tZcADWcgDANADAOoDJwoHCAAQARj_ARIECAIQARoECAQQACIECAMQACoECAUQADIECAEQAPIDDjgwLjIxOS4xMjcuMTkw-AMCgAQA&auction_currency=USD&pscid=20204&scid=7024&sid=174681&auction_price=OvRhr01cEmgoIpWfkLDX1vmm2wn4A-yr5im_ZSIalz6Zgw&psid=415253&checksum=1101230810
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1f9f0f14bcdae60c13c8dd9144ad85f418db56ba1c057d3c7a5c2b0e8399d524

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:52 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
content-length
10162
expires
Mon, 06 Nov 2023 14:30:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BE1 		0
68 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5297109992609&version=m202309260101&ct=76&x=13&cor=9284110634755768000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b11v886690812&_p=1699281041892&gcd=11l1l1l1l1&cid=116137940.1699281043&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1699281046&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&dt=%E6%9B%BC%E8%B0%B7%E6%96%B0%E4%BA%BA%E5%8E%BB%E5%93%AA%E3%80%8C%E6%8B%8D%E5%A9%9A%E7%B4%97%E3%80%8D%EF%BC%9F%E5%A4%9A%E5%BD%A9%E6%91%A9%E6%B4%9B%E5%93%A5%E9%A2%A8%E6%97%85%E9%A4%A8%E8%B6%85%E5%A4%AF%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=16&tfd=14918
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
t.teads.tv/ Frame E068 		0
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame B2C8 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
281792
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 08:14:20 GMT
expires
Sat, 02 Nov 2024 08:14:20 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1699281052265&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=146687346&pt=-1485078690&tz=60&viewable=true&ddast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!dfrc_vB!eidc_vA!lvlstst-in2_vA!lvlstst1_vA!pl146687-346_vB!t45!t45!ufm_vG!v146687h_vC&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5caee3aaa1a04aac55e465614f4329486f5f2a3626706f000b61cc434ad92838

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:52 GMT
content-encoding
gzip
server
nginx
machineid
1406
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 9372 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:52 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 9372
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/a555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-v.sHSxtE2oR6DKlMayH5m6MulR.8bZU8Gz7Btw--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-v.sHSxtE2oR6DKlMayH5m6MulR.8bZU8Gz7Btw--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40519

Redirect headers

date
Mon, 06 Nov 2023 14:30:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-v.sHSxtE2oR6DKlMayH5m6MulR.8bZU8Gz7Btw--~A
content-length
0
sync
x.bidswitch.net/ Frame 9372 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.247.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-247-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame EC3A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEK3ltD2PIKwtGiFhABMgtw8&google_cver=1&google_push=AXcoOmQ12LG4lf0WZsq1oEjlChUGmyD8CzLIzkabf17jNXmHt8ZTHtTD8-FyJNR4ngbwLI-MBo9HTND195vlNCFyPsk2JwJC3GIM84...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C9CFE0BE7F9E4F48B40D715BF90B7699&google_push=AXcoOmQ12LG4lf0WZsq1oEjlChUGmyD8CzLIzkabf17jNXmHt8ZTHtTD8-FyJNR4ngbwLI-MBo9HTND195vlNCF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C9CFE0BE7F9E4F48B40D715BF90B7699&google_push=AXcoOmQ12LG4lf0WZsq1oEjlChUGmyD8CzLIzkabf17jNXmHt8ZTHtTD8-FyJNR4ngbwLI-MBo9HTND195vlNCFyPsk2JwJC3GIM84w7m0G6JI0bJfEXmcNNi2a4-ve4Z4dGtVxiyn26V-xnZAgHDVemY3mv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 06 Nov 2023 14:30:52 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C9CFE0BE7F9E4F48B40D715BF90B7699&google_push=AXcoOmQ12LG4lf0WZsq1oEjlChUGmyD8CzLIzkabf17jNXmHt8ZTHtTD8-FyJNR4ngbwLI-MBo9HTND195vlNCFyPsk2JwJC3GIM84w7m0G6JI0bJfEXmcNNi2a4-ve4Z4dGtVxiyn26V-xnZAgHDVemY3mv
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 05 Nov 2023 14:30:52 GMT
sync
a.sportradarserving.com/ Frame EC3A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMJhjXNqa-XBScQOSFLznzY&google_cver=1&google_push=AXcoOmR-nCPzTmGb2FTDAsjAgU7sAQQpJZVnTF3fayme_IPSE2DRejldicSHQud7fdm6i3UDT4g_KidjUz8uzXqOAy-N...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
0
0
pixel
cm.g.doubleclick.net/ Frame EC3A
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEDmLmu1msX7kWHitymUEEB4&google_cver=1&google_push=AXcoOmQ14rtnGRU0JBEufxMCHZJ-caR-Kdu5a3o2FEtHkwkJXygA4qqag6p2DVA7w5ss6oIUfYHYe5ycbIxFMjZq939424j23b-r9...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQ14rtnGRU0JBEufxMCHZJ-caR-Kdu5a3o2FEtHkwkJXygA4qqag6p2DVA7w5ss6oIUfYHYe5ycbIxFMjZq939424j23b-r9HXFkh6y2OD52k8iIit4gcAOctO6TPpY5N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQ14rtnGRU0JBEufxMCHZJ-caR-Kdu5a3o2FEtHkwkJXygA4qqag6p2DVA7w5ss6oIUfYHYe5ycbIxFMjZq939424j23b-r9HXFkh6y2OD52k8iIit4gcAOctO6TPpY5NckaFu9UbAwIFSGDmNK3TE9&google_hm=g8U5aOZqz8svN7gM-Ac0Pg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:52 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQ14rtnGRU0JBEufxMCHZJ-caR-Kdu5a3o2FEtHkwkJXygA4qqag6p2DVA7w5ss6oIUfYHYe5ycbIxFMjZq939424j23b-r9HXFkh6y2OD52k8iIit4gcAOctO6TPpY5NckaFu9UbAwIFSGDmNK3TE9&google_hm=g8U5aOZqz8svN7gM-Ac0Pg==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame EC3A 		0
0
pixel
cm.g.doubleclick.net/ Frame EC3A
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEF28D33y9zXxLsOpv8eXr1E&google_cver=1&google_push=AXcoOmQTdRUHGW3jG2SscgGh2tWh1Y9EqFjSAw0_hrJFhAsd_JJU8oqd585tGfMksI0T7iqbS2LD4W3GgZJx1OPko4_foc...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QTzR_nE0Tw6NFbJLvgLVgA&google_push=AXcoOmQTdRUHGW3jG2SscgGh2tWh1Y9EqFjSAw0_hrJFhAsd_JJU8oqd585tGfMksI0T7iqbS2LD4W3GgZJx1OP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QTzR_nE0Tw6NFbJLvgLVgA&google_push=AXcoOmQTdRUHGW3jG2SscgGh2tWh1Y9EqFjSAw0_hrJFhAsd_JJU8oqd585tGfMksI0T7iqbS2LD4W3GgZJx1OPko4_foc36bUxcDPsz-KgNx47Qp5g0kdWdFJMBiW6srBvIiPYBvmMfkWnlieqP5BmZ-rqi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QTzR_nE0Tw6NFbJLvgLVgA&google_push=AXcoOmQTdRUHGW3jG2SscgGh2tWh1Y9EqFjSAw0_hrJFhAsd_JJU8oqd585tGfMksI0T7iqbS2LD4W3GgZJx1OPko4_foc36bUxcDPsz-KgNx47Qp5g0kdWdFJMBiW6srBvIiPYBvmMfkWnlieqP5BmZ-rqi
access-control-allow-origin
*
date
Mon, 06 Nov 2023 14:30:52 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cksync
cs.media.net/ Frame EC3A 		0
0
/
onetag-sys.com/match/ Frame EC3A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECgkM9PluzuwbQ_nGWXIs7Q&google_cver=1&google_push=AXcoOmQvjN8h-jHjPh9JOzQB9xl-OWbIfGIbme_p85rTjoYUlFQdpUbXDTW_7PsO5yasaci4OJQZSiRzQqU...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi6ULIu1ezwC8fMIb6412rQCBHcASKd8aeQ&google_push=AXcoOmQvjN8h-jHjPh9JOzQB9xl-OWbIfGIbme_p85rTjoYUlFQdpUbXDTW_7PsO5yasaci4OJQZSiRzQq...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame EC3A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K4Sbvc6IbQAarMzyo23XWvlxoLARGKa85SIoHuxzrax6ur4IdxK3a5F-sw76o_E7ksEkZs7w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
iframe
sync.teads.tv/ Frame D60B 		0
0
track
t.teads.tv/ Frame E068 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adAvailable-success&gid=1087663&sid=174681&env=js-web&auctid=6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178&pageId=154680&pid=169092&hb_provider=prebid&vid=efb1620c-f688-453c-8ccd-126052553619&pfid=68&f=1&slot=native&fv=1283&ts=1699281052393&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 06 Nov 2023 14:30:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
performance-image-dco-912cca70-53eb-4fbe-85eb-fa99e362fbce.jpg
s8t.teads.tv/creative-2c300e30-5c50-11ee-9d56-c50e1e5624e6/ Frame 1243 		0
0
dvtp_src.js
cdn.doubleverify.com/ Frame E068 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-19.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
d71f15e40a332b01a051d53e8b0bbb334f02456038d71e42ca042a109f85089e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:30:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Oct 2023 16:20:00 GMT
Server
UploadServer
ETag
"a79c3d2317a69a2d393fe775760ee349"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3640
Expires
Mon, 06 Nov 2023 14:45:53 GMT
track
t2.teads.tv/ Frame E068 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=impression&vid=efb1620c-f688-453c-8ccd-126052553619&gid=1087663&studio_cid=2c300e30-5c50-11ee-9d56-c50e1e5624e6&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178&pscid=20204&scid=7024&pfid=68&mediaFileType=js&sid=174681&env=js-web&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&cts=1699281052219&cid=1150932&pid=169092&erevenue=-TAwI4HoicvFoC3qAt8I2Q6N&erevenue_curr=CHF&fms=9&p=J6ws9pXWD8h2FhUw0mkKXih1lW_hWmf71ritDlAmadXpIAOMnkeLEir4FNqlC9axSbVPKbkmchSYIb1L5TdSbpUcaTjs8T1Q7E1mqN9qXoIg6G6pTFtm3nTkylpx5C4Btd2C8EY3h4aIOfRyf4N-Xjr0_1ySTR5DnjzI8IjmglpU9ZSelcf1ipWNYvLbeULs1iUndTUwgNUn0kFPViFsvkcMmpZ3LD-rNvQVvAqM_KR_3ZpaRDuNIs9aUIjNnClzg4v2nlACB9rsuZrJU4UriVbqT9cIF2SfFVD1p-1oKgEHLPozwnEaf1xwFkQINLppxfpXGg03hTrTGoViDT_AYL3f-rFQAgNwfzdLjQvNMryl_RPVRMWMNyhfQQhXMoUdOM4&cs=-69287151702572932405&slot=native&fv=1283&ts=1699281052472&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 06 Nov 2023 14:30:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
B30725832.376914470;dc_trk_aid=568155215;dc_trk_cid=200199319;ord=1699281052218;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;d...
ad.doubleclick.net/ddm/trackimp/N1003055.2065319TEADS/ Frame E068 		0
0
truncated
/ Frame 1243 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
index.html
s0.2mdn.net/sadbundle/7782998610513530828/ Frame 86B7 		0
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3F4D 		0
0
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame B2C8 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 09:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
19012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Nov 2024 09:14:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E9ED 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B39iOmPhIZa2mIpm99u8PupiJyAMAAAAAOAHgBAI&bg=!l5SllNvNAAb4oU7C2KE7ADQBe5WfOO6yoVH_AjJtLLy91KioM1UKLttq6G6g0AfkgipLure6XwbuuDNqxmXRlH2k4ry5AgAAAk5SAAAAEGgBB5kCz-8qJmJaJfO6x_0XXTD-HQn0Wb9ZIqdkTB03d1D-TIesqJ3mbKn3QfoIXa1mpn9Quuws640RtUUhLwNS4ZUGSzGZSs0bVn5iWjnqy10_8fIib0opUBmKsfa_3ewmc-sjYO5NhyoyIz-_6BbOr5_Ph-Xj8t1e86FF15U47U0plLjpYL1pRlR-WktznaZAU8EYUkslEKBEmKG-pxg69qhOFZLypVc-DTUJGes2b6x0o1UB5wOG6YoecJ0Lo2lf9ja3XWatIsNJHsxUm3YJZA8pQvyotO0z0LVXeozwudyh7BlOUT1iuwMlNhsSILjLyvcbVy7x8qL11FHoSo33nPk1pF3uEXcbG3uAuKWa5C7U2EoM-ggsKNOyJIj6inTYebsDtZw6QaqGMsyih32EWcEkhKVRzLN3Qwq8Wyo6fe17g2Jnywuq3RMNP_9gjI-6A5pfrpcwub0B3gFOiKVivID_60Ag4TpuR5dKDUFJ3q--D1rgSLBhw71s-lDaoNKKIRnJ0_q9zNgDHWaIfmbfCFaCfsOiXWjlWLTh2OJDy39WtGqnl1U_UPOwuQJKwgWt-UsrF2CgGOCznyK3DxO15vwfOZgjtM0OsBEky6e9HZ4zdbr6uLp-ZpYTVoPcRk-KZv8C9HlmVlFvu0p-0pim6FmevPTBAxFt7suJ2wWWzRxN3JuTlCKqWjMrrnKQYL8auA7S3uHAfxIMqT-uT4dPoIk9vUttgqhDA05zjV0jcawz7tEWHcDbqznGbSd9kv2_MV2iFDDNSqRKCNDmNqp8Ur6qvZKAim5Xt_upW0YHhxGJa902KWasq8Ugxk0RCOXRD5S6dmAauuE4-R3cjnSQFAWd6M5ESCOIitKphzoAt14pLwp2DlzS0BEg5MRe_mVa2sVlWkJRQOnBrFxpD_LJEtxrYTyiFNqFPejI8tHOboOJzqzPw2Ij8ZkssV7eeOBoYlj8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2C8 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BuOODmvhIZYOgL_nHjuwPyba72AIAAAAAOAHgBAI&bg=!cHOlczzNAAb4oU7C2KE7ADQBe5WfOLfGkJHzJ0ctZiRqcaq3Go65H_6-YatImn5DePQ-SRgwDKZ8lFd77etSylXxPDdsAgAAASlSAAAAJGgBBwoAZrftHvIvHtWDPBdKiX6yD9u77VQfSHNmetvztmYd0Nm2pBe2IF0nq4DW2_V2Keg6r12b84wENs93HAO_0M1vPmo1Pnh_RKFokAExpQxrWNJfqb4oB0n2nTmYN7n8a-PQ4l-tjatVdJkDHaN2O_RVt3zXxTlQwS1BxkxPrwuVGBkYYmoWDrC7dN7iNRhhcUIlv0X01xwkhHo1MlGylUjJpgxr0V0modSVGYe8mz2-WTf__GyaVe-uyytPWMRLmijMjJP0i6VUBFe7C_hzNJFE1sX74zYTB_IL6-XL1BYT7o0GTC_xzNUBUNygORJHgp6CmxEV7EhzkXiI9xmMxbDSBMBa6pi-1rv_OKrJxitAK3hNG56WoTpwEiHzi05bwXSrGYZbjYvX2ynN0cf0r-GvORs28ULfEg_Tt5SW6HUBDsXnxODcdfjxjOvaaKXRrMdddBrC46Sad7DTUW3_dXvDvWaVvNSbP6xhk0lGvpz7NSVOwnbdjUMmdCJ_HpNeu1KzMs3F3ekViK7eW8NZRUBF55kWnctgKWtepBKZFmTHRYtZ-qOAUPZfWDF8b4P5oq7UZiOaRpEYygwxx8tMhYowCvil7yEj2DuB355RUio67RQsPyj2NWAQW3s0-m0tMPw4_tg0LrMtfobvcKD-ozlWgU6Be7Mdnrhg_ahc-pUL2TG2_NfzPpBdaVUAtsaZVIv2v-fzpWSzRXG5L31438N5A3fV1dBrn3ul8KEYWIHRlyRcuwUEGLI4_ckN-tw-lw5lNGWyj4OhFKMPz6DQ6-9deH2b7bK_BjhqHZaaaeUcPq14Gnf1cTHXfxj7bG0eBZTjzwHwJc0H3uxUxxcGbTH_S8sFR-t7L0RbCskZZzY0lVT_70UweEONb1Pd17tgs6VfPJWrNHWG3XPFH3_Umk-STtfVUxO9Xc56dd5cwveWNeCXqBqX1xf58RmCSxUBROfMdGs9_y7J5WuG16RTNFyJCswKbBrb7ZSQuSKIuHrNJ4kQcgEQLiy07wAVr8KHB1zVvMMfMeDo3AcBR5H5XahtHum7ry5IGItndlZa0uNQCU0DBdWsVWaMxU7IG-Ev-Rw8YepSlWZyjPzYYIEYsb8UOP1unJG0teqwmUjIuw6udta2iPQ65aR8BlBsr4QLbMSbzSAPTIoIe4D3WSDMnJKN85GvxGl-9U0uv0THDKaUhT0xI5w04r4S
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699281049&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699281046638&bpp=1646&bdt=2398&idt=2958&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&correlator=5073878376414&frm=23&ife=1&pv=2&ga_vid=116137940.1699281043&ga_sid=1699281050&ga_hid=2069732316&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7683&biw=1600&bih=1200&isw=336&ish=280&ifk=4048784779&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44802209%2C31079297%2C31079405%2C44807048%2C44807337%2C44807455%2C44807463%2C44807763%2C31078301%2C31079424%2C31079382%2C44807753%2C44806140&oid=2&pvsid=836891138854802&tmod=2056826364&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2jp5lcnkmb0&btvi=1&fsb=1&dtd=2984
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.600.0_en.html
imasdk.googleapis.com/js/core/ Frame 130C 		754 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
0e7bf5514e66181229677ebc30bc00ceec297229f58021ab622021b54cbbc1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
595069
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247634
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 17:13:04 GMT
expires
Tue, 29 Oct 2024 17:13:04 GMT
last-modified
Mon, 30 Oct 2023 17:07:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		0
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1E88 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 06 Nov 2023 15:12:44 GMT
480_650.mp4
cdn.vidverto.io/secured2/vb_8UML1NpHIdmLfBOM8oA:1699284644/1327/video/1811/ 		0
0
track
t2.teads.tv/ Frame E068 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-1&vid=efb1620c-f688-453c-8ccd-126052553619&gid=1087663&studio_cid=2c300e30-5c50-11ee-9d56-c50e1e5624e6&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&cts=1699281052218&cid=1150932&pid=169092&p=2_O9oXN0_KvVU8oUkGAAXY3MsXIuGO8R3I7LbBzOoxm9DKOYSdfgAB57JeDM7xKvloXOWohTQkMzIZ__na9aJKdMdp2qSo-U0NcdpAqoxV2FjdHeDwQXWKoFyZwCvOkTRzxLzHTP2mTU43XQD8rsB9eoWpWDyj484uxiYD1bZjawUHxkl017jDEDeIyFytl6sqtt_i1V1SvMAol3Q14bqqHvJAHSGSjetP_FlLeLvPwiOmCC5nKhT_wLFlSDitA0drf53gWHHyMyTcfTlOtmYQmR_j-m7wj4K90EIBBqbz-7a8nzjzeJZMuxvnJRjWByO8kV2WVScRzpOY8SzI3noHwUD5kW04ly4UqweZRAkWJ6-2dyjEv130DtFgY52p-fcC0&cs=688803228349666902805&slot=native&fv=1283&ts=1699281053617&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 06 Nov 2023 14:30:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
dv-measurements4866.js
cdn.doubleverify.com/ Frame EFF3 		421 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements4866.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-19.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
0a1e8eedc94c0cedc3c62afbd806bbc36b5863094f2fb961d4855cd53a7ec407

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:30:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Oct 2023 09:58:47 GMT
Server
UploadServer
ETag
"710a3afbd65b017c09a3291207341050"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101293
Expires
Tue, 05 Nov 2024 14:30:54 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 23:29:51 GMT
x-content-type-options
nosniff
age
226863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 23:29:51 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 21:11:12 GMT
x-content-type-options
nosniff
age
321582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 21:11:12 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:54 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		363 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
2a1d99c91471524a71612ba09aaf2582a5282e85469016bc480c55b9dcff6a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127582
x-xss-protection
0
expires
Mon, 06 Nov 2023 14:30:54 GMT
480_650.mp4
cdn.vidverto.io/secured2/vb_8UML1NpHIdmLfBOM8oA:1699284644/1327/video/1811/ 		0
0
ads
pubads.g.doubleclick.net/gampad/live/ Frame 130C 		0
0
visit.js
tps.doubleverify.com/ Frame EFF3 		978 B
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=208&ttfrms=70&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau2Tau%3E2%3F%5C8F%5CI%3A%3F%5CC6%3F%5CBF%5C%3F2%5CA2%3A%5C9F%3F%5CD92%5C5F%40%5C42%3A%5C%3E%40%5C%3DF%40%5C86%5C76%3F8%5C%3DF%5C8F2%3F%5C492%40%5C92%3F8%5D9E%3E%3DU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTauHHH%5D38b%5D4%40U42%3FFC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau2Tau%3E2%3F%5C8F%5CI%3A%3F%5CC6%3F%5CBF%5C%3F2%5CA2%3A%5C9F%3F%5CD92%5C5F%40%5C42%3A%5C%3E%40%5C%3DF%40%5C86%5C76%3F8%5C%3DF%5C8F2%3F%5C492%40%5C92%3F8%5D9E%3E%3D&srcurlD=0&aUrlD=0&ssl=https:&dfs=4095&ddur=1400&uid=1699281054284158&jsCallback=dvCallback_1699281054284288&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4866&tgjsver=4866&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&fwc=8&fcl=807&flt=0&fec=1310&fcifrms=29&brh=3&dvp_epl=490&noc=4&nav_pltfrm=Win32&ctx=19019192&cmp=30725832&sid=5561739&plc=376914470&adsrv=1&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=2616012177.1897483&ee_dp_sukv=2616012177.1897483&dvp_tukv=11677213546.868286&ee_dp_tukv=11677213546.868286&dvp_tuid=1517330073950&jurtd=1524672728
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4866.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5e211413f65ee1c76b82bc984d801c2c04307772e9da17ab7660a28b6f1e74aa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Nov 2023 14:30:54 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
11/05/2023 14:30:54
bridge3.600.0_en.html
imasdk.googleapis.com/js/core/ Frame AE0C 		754 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
0e7bf5514e66181229677ebc30bc00ceec297229f58021ab622021b54cbbc1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
595070
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247634
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 17:13:04 GMT
expires
Tue, 29 Oct 2024 17:13:04 GMT
last-modified
Mon, 30 Oct 2023 17:07:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 82A8 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 06 Nov 2023 15:12:44 GMT
track
t2.teads.tv/ Frame E068 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-2&vid=efb1620c-f688-453c-8ccd-126052553619&gid=1087663&studio_cid=2c300e30-5c50-11ee-9d56-c50e1e5624e6&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&cts=1699281052218&cid=1150932&pid=169092&p=0HiLHJb0S9E3wB3gKi-P4w5UZML54ZeJHb5HinnOiYlAl9PubU0NkuogE53zgmdGTbn6VlkhlnKsiblC7eO5nOZrjJrgNpEZSDMgV1WqHsGWud2N69wIvFvHN0nVVUKNwbLLs4SRwCBrr2rYePV9DLwa5ENeWvR7Va-zDUWfd4MIHy62IVo2FXTlLtccqgZPd2oUtZDbDiZb4g2J_We1_PgtzrUgGkhQFTkgK_YBltMbHnmi-cUtIenomK-LVyI1T_rsNhV_nCvuVwCupgcTzT2UtDrdFedH9V2fGhDmC1yIOJWwUMxurx5SNujWMu8D4JbCY5fu75R7d_y8UFKPa9jZUX-RZIPMD1qQ4c0oxkZfXrSTAO2TjEnBSW4NgSZTzlY&cs=-456071731753180516205&slot=native&fv=1283&ts=1699281054722&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 06 Nov 2023 14:30:54 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame E068 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsua79N6Es9hv_uPoB7JfstIYqfZVZrFaCg8TABceTgVesCqmIw2fmPcDiz4J5VyknXC-Rj5ZNt2ERNC4t5xg6-w90PSbVia2IZxqMi6idLw0_na2jfAJ64wcQ_nmmp9saU4m3p6KwSXZrVb1L549FzkKHG8H7y7-O1XLmUERXKdJP4Zknx7U6wOQ3GcL9JY6-ux-3R8MZpA2LlX5YKhlx8bBkL-CXdlgS2IOqRoy1OgYG9P0SFNZ7ZE1ggh_KPyz5unP5sU1PC7vXnCBlkyZiBbHo2DQdETKlnFU04VV4mtv0JMutIBlcscuepIwPwqwIjN0r3Ed2FtTMLM6-Wryp85ea498_N-Mxk&sai=AMfl-YSRNkN_cfTtA8TQrsNqr2BDtHnsH148L52alHJfOtgw92VB36j1KudSJHGbOqEpg9bCjqOE9KhrQcDAGZ7Oyae_0UjdSRaD1R_8oSQnQz252OGJk7SDpHLoudz_jaw&sig=Cg0ArKJSzFZb4sHtD-yEEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Nov 2023 14:30:54 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 130C 		156 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4347799068408990&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2932055677&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fvb_8UML1NpHIdmLfBOM8oA%3A1699284644%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=3E0F821C-77F0-422C-AD5B-CD97B578E45F&nel=0&eid=44750824%2C44772139%2C44777649%2C44781409%2C44802463%2C44803784&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&dt=1699281054236&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&scor=508278899832926&ged=ve4_td12_er698.400.699.800_vi0.0.1200.1600_vp100_ts6_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
785 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1699281054970&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=146687346&pt=-1485078690&tz=60&viewable=true&ddast=V8cEoCLAaUrmS6liW3LxAoXcl0LUtuXygAAABgYID-AEmYXAvjarFwK2wm31o0W_nWCsPGuVYsVxaHY2SyuSabISAJk2thXC0WboXN5FuLZivfWmHYONeK5cricIxMNtdkMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZjaDodPte9Xvf73SU-z1zj9yv8aofdrXO9hU-7W_KyuxWvt9zhFjycbqHr7tYcHW6R6-_WOJxutd8tdv3dOpdb5rL73GLXW-d62N0ao8PvFjrsPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHBTk5XPZPSe_5eYPAAAAACAAAAAASAAgoB-WAIgx3jvx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRzZHu2ZypISdS0FyEEQAAAACo7T_fI5N0gopFlf___34rAFcAAAIWSxX6s7LoDkq8hQEAABAYs0APi99vdtg1frfL_P________-b-T_zj0aoB1cqTdBB4YeaX0AAgDW_gAAAbNQNAMAbAThBh6AVg8HqBMTsAAAAANz5____1wMStpHNNjGuXI7BbDjaWFyTjcWyXNhMJsvENTFNvAeOE2SEO30evs-GsMx-30FBOT09ZpdBxnKZDOKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gjgcoAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRFMuFar1Wq0cosWhpVbtNtN1srhbrHWLTcey8ZjXJlGrrXo9TF9TJPdyjHZIsGAtL1InhbpRONwTBwzh8kzmax8q9nCuVqZbMvJymFyGJYrk3EilmhOFulEdtk3bCObbWJcuRyD2XC0sbgmG4tlubCZTJaJa2Ka-Buu1Wq1Gq3cooVh5RbtdpO1crhbrHXLjcey8RhXppFrLXp9TB_TZLdyTPaN2XI5GS4Go8m-MVsuJ8PFYDTZd-gM39XnbFSWVZKPSmItbkvbmtOgcBks3pf6dB4WjAVhyXN02qTGZWdn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX61w-7Wud7Cp90tednditdb7nALHk630HV3a44Ot8j1d2scTrfa7xa7_m6dyy1z2X1useutcz3sbo3R4XcLHXafXWh6my1iieB0kU5EL-Ppov4jBxzMJYvlXDHZzRXLwSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EtEhx_____-MAAADIyKEHAABAvw_oSj38yJVij19BLBaDzf4BqBBrtVrdbqzVagUsoMFsMpzA____fw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!dfrc_vB!eidc_vA!lvlstst-in2_vA!lvlstst1_vA!pl146687-346_vB!t45!t45!ufm_vG!v146687h_vC&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
900ec78b1fa39580505c2dce4aa6c8c421936098b2ade5d65c2f0c21acc2030f

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:55 GMT
content-encoding
gzip
server
nginx
machineid
1447
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
track
t2.teads.tv/ Frame E068 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-3&vid=efb1620c-f688-453c-8ccd-126052553619&gid=1087663&studio_cid=2c300e30-5c50-11ee-9d56-c50e1e5624e6&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&cts=1699281052219&cid=1150932&pid=169092&p=RqmOmI0dOWkUP104Snl3KpJvSQDziW_QX5jBEuLAtb4Tjz-KvBZnaUmyUwCsUiSB7ZJAp66tKsD8ompAla0rEj2C-erZcx6Hxb7heOoVwxtw1TEYdLOFKaILQFHw8-1HbAv_vspPJO0KXOIEv-TfDn9TBLrim1zjSMTYlXuUSzM4quK-9G-S_erYlG37tg3C6bUOd1mttBJOKZBH9aBPNGc94MRrBq-RayWqBbAiWIXdZeOiGdbleiyhyPEAqmXRHFPgk6sSbMkXOR3F_el38aNSXw6w_1SrdTkNEp5I_bhiamkhF15BFfm1hevbWl3-3LIC6dCXFj2rhARvc5zbQa-fGG2v58P-PYHTN0ppX8I4X4XrS6VODkS1bJN_62iXRYc&cs=520104495956199375405&slot=native&fv=1283&ts=1699281055720&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 06 Nov 2023 14:30:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
csi
csi.gstatic.com/ Frame 130C 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lon02cop&c=5073878376414&slotId=2536939188207&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.163.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
maa05s01-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:57 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E068 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCbTot8M17sHZ2oOJkjZhMEQ3mIwm7WFWwn4PkQuhhG44gV7fVgdd2MK2vVtihwaPSdPykrl0V-jaX3zVXOioJjM_NB2BC0vsH2qM-wOqAbWfo36cm9_DwUjV_Bihkk-uS1RBXoYeW5w&sig=Cg0ArKJSzODZrydASIccEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231101&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699281048381&rpt=6458&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
t2.teads.tv/ Frame E068 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-4&vid=efb1620c-f688-453c-8ccd-126052553619&gid=1087663&studio_cid=2c300e30-5c50-11ee-9d56-c50e1e5624e6&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&cts=1699281052219&cid=1150932&pid=169092&p=Vxz6ypPnqqoa_cjpL1r2gTIpLRZoHMnohI-njhJ0XxWWPcaHoTcBbD_kDiyyKiEjBidm7xIzusxf92dXEYBI9ytcOdx1MrFmRgdC9J2mdEAxvslG1SmDuAANQtyQ6Q5yj_I5n67xgcACtcIRISpO3hwl1vGRFs7T1NlLOhcxz-pkrIBZ_0VRImB8zt-iDrCtN2WgiWrBemYIpgxAlQoR-D5wJGGqoyeBggADT9EpWpA0A1G5OAS6ULZdom0WjeB4VWiDeLOYVJ6BgQRFM_MVQd76KdLv9864FTOWeGEzEnndbJphXgGhW-vYSTbtbEFuNyJIqk8Rgxi7k6753GOX_K0O0yhwN16Zf3mRcu_cjTbhFz_oqc-dYWPNwMYkJv0_708&cs=-606578716668145624305&slot=native&fv=1283&ts=1699281056721&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 06 Nov 2023 14:30:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame 3F4D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsusbAe8bKycIHa8FiH9dkd8ovc8dkRk9gaHzlvoDCBAmSquX7scoowTsC5eXk-Z_AxLSUc_YG-LEygX0-U0a-BU-DdZNMBu3_pm_U7JNFI-YNKhtsWfkvZNiUSI9N2Y8kxO_7I-cmNOFPiiF7-7fzl4Kwp_NjcW9N3xadGe1cSqvmahdcqVNgRG47GZp6AbY0kptjQtSdqO_-0MIam4-PNX6rw0826eOyHNxRCsqRR84IR4SXIRac_bt7LDLGVvO9X61CD68-4wP-1fJ38LwP5jqChXgDBHotkW5VDBrK6z6cTrkhHiOMylOebezbMP4BqH8OfRrJATxqo-2zHvP81ycoSmHax1qhRvShekIrYuSbkYj8hJqhWEy36TlsyQ4aQlYBEiW7gwG86wlExObNcPHfguf0seaBpnzDzC-n3GfYclfdDBBEGfVitTQjOo7bV48QdnlmHuKUm-EA9O_7ixGneOpEyews8QVbNGiArDMDVRnTvUI2vEr4LQSsvcw0S4Wbp2w9if3zQR-6jlHxU5kVxFW3-tm8PBBbT28JXeABL6YdX1xZrs1Gu83i-K9ICteNSEHCkWc8sR--u11_qk_rpdC2YGZYyxuy3PSoGfEQl0H3swHARxZoYmayedBpDTxPLWB9T9WltMIAzsQvjTQHwkdeI0hO4nprJU1_Pm6ryjY86wSpRDCaPq-jHgo958NatZCt0WBYe4oSxJukt6D3SM9m1WWvGuwWid5KbF8vQq7eFnVSGbwaIDp38tNCJ-HVP24KrVXUUxTTfYxtPRvvHlNZg2JFmyccAu6-67FccXtpXi5WWEIi3EmDre4YIWXEeN1kvn_kFz5X7YmcFzaB4AGz8ms9I9mqrnLLAirU-nmue1v1Bpt-5t0IIbt1mDwwI-guuvRKZQVH9GYDmXuKySf2zNLhEoqaUmGg5NMRh5dYsgkit9Pd-B3UBFnkocU6frnMPi67kdB_5CwXaoATPPLhPyvsMy3LgpufAZUegfA7luk0loqftFts0hblF4as_0qSbm8VxnL0OV7YB_i6fWaxN2VN7acPdPDAmdsV-Er7g3syD2p4jCaW7Kwg4eOPCaUP8aEvOnkgHR0ONopgokyjyFPKj4aPjLhBJSoHYzm-wPH1G2N7rEkP5SonwI2zbfoklquwCRZJO5laMZ2l2Fl3sGG-rXysEv-UDoNMusPErG0_l4CvzMZ07Dc_JzFnG0WGe_KuLdX9RLK7-_R0x6yIa6GS1CBEzkZ3FkXw9tZwq3TfgRcfqpch4&sai=AMfl-YTCriszS34D8t0U1uM-RmgBv2Hh8niw97BZhmK5paidBbJgkwo5k4buHyeDHw1tTsi1AhE_kO9iIzb-doPsRLXpOYVwJ4NcxvFRvpr-gvfN3Ls4Hk9923uv4hbSJ9cXEL_5UeNLZvIZmplajNAzoMyHdSM_daoCqvfQqkzoHRPUkNQPMBbKpbFRo0-1Mt7sMClmt8pF0liIVKZynWiTmT1ULkNeB4pBTj1e6knpjJVCpBQDqP5FlcWhOyuTum_3iLIrfZs&sig=Cg0ArKJSzJPhPUxzn9mQEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=5904&vt=11&dtpt=4299&dett=3&cstd=1553&cisv=r20231101.47543&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/man-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F60C 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
a97c2e13ef8b886ac2035a760bca4489c371a0cec678b506f0fc126bdeed4dbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12242
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311010101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
c0f4690eae686e92e3e6a2927ecfddc7ddd6071fcdde0b97343b5acaa2b71948
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12223
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F60C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Nov 2023 14:30:57 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Nov 2023 14:30:57 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AACF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
17430
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 09:40:27 GMT
expires
Tue, 05 Nov 2024 09:40:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3FE9 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
GSE /
Resource Hash
7a0ece5d893331e0f86cef5b7c0ffcd9766e8c22452b653118aebef8a7365152
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mLEOpvtq1zofcIo1bu5K_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-mLEOpvtq1zofcIo1bu5K_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 14:30:57 GMT
expires
Mon, 06 Nov 2023 14:30:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4234 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
17430
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 09:40:27 GMT
expires
Tue, 05 Nov 2024 09:40:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0DED 		829 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
GSE /
Resource Hash
ae819b3e8e1a272e52dcf053a461a0fb7f95879cfaad36d2cd3a16ba81eacbff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i60bmd--nCtpNFnQcmpGmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-i60bmd--nCtpNFnQcmpGmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 14:30:57 GMT
expires
Mon, 06 Nov 2023 14:30:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame AACF 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 09:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
19017
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Nov 2024 09:14:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3FE9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=836891138854802&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 0DED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311010101&jk=23128242472952&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 4234 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 09:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
19017
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Nov 2024 09:14:00 GMT
generate_204
tpc.googlesyndication.com/ Frame AACF 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YBtASw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 4234 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?t9OAWg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:30:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
track
t2.teads.tv/ Frame E068 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-5&vid=efb1620c-f688-453c-8ccd-126052553619&gid=1087663&studio_cid=2c300e30-5c50-11ee-9d56-c50e1e5624e6&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&cts=1699281052219&cid=1150932&pid=169092&p=qFZueCkZeXkTmDELlfHf8HgIYcx29AIAjQ_rNTxo4IH_9NBQjNvE4pfFengjgLfF8ZLnT5DKBwpA2hemab4LtHwsZG0xZqJJiL-wK6N-O0H_qWjBYa6u5eHU2TO-saSds39uiExEByLkEYfBnraqTlOdG1uRgrZNiSJv68YXBVEibt5z6ATtCi8NdWhy2OCKbAcTh55dTs8U-aPC4nM2m4pxx0Cgis50myE2r2QQk5qtcccYD57R788G92cpLgzAvqGgmEZLcRJpJ8H-on1JXmLHh-MDwrgMWhdXJJ7n0JvraJbrcjRenPgmc56hYMCzgPfrhCDXISeImDtlZv46o0okeKrgJ9sC_NiHboS37f5J8S0c0xqE9yyLKetuZGHUHhU&cs=-40331080628952980305&slot=native&fv=1283&ts=1699281057720&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 06 Nov 2023 14:30:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
event.png
tpsc-ew1.doubleverify.com/ Frame EFF3 		0
291 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ew1.doubleverify.com/event.png?impid=ba7a4e0d2ffb49ef98dea98132907a39&flavor=0&gdpr=&gdpr_consent=&ee_dp_cadl=2&pltm=1&ee_dp_asmm=1&vdur=422&eoid=17&te_exec=0&msrjs=4866&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=1400&tetms=24&msltms=145&vltms=422&sei=290&vetms=12&tuviims=278&tuviems=712&engms=1&engisel=1&dvp_dtcov=4&sim=3&msrcanlm=904&msrcannum=3&ee_dp_tmads=2605&ismms=117&isumms=116&nvr=6&isgmmims=117&isgmv4mims=117&elmtp=1&isbxdms=3017&b11=3034&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1&lftb=3034&sftb=3034&msrdp=0&naral=640&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=1020&isuiabvms=1020&isgmpims=116&isgmv4dpims=1020&ispmxpms=1020&engalms=115&dvp_hdnAd=0&dvp_dpr=1&vstsz=909&ee_dp_cvcmeeid=1&metp=2&meeid=1&iscvmvms=3017&ttfurm=3501&cbust=1699281057750947
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4866.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bg3.co
Pragma
no-cache
Date
Mon, 06 Nov 2023 14:30:57 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-11-05T14:30:57
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F4D 		0
59 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5805615987646&version=m202309260101&ct=119&x=1&cor=8935055057630552000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 14:30:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F60C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=836891138854802&bg=!ISKlIm3NAAb4oU7C2KE7ADQBe5WfOEZF7RK8Evsf_m7i-aAkHs7lfwB41He4bRiaJl0sKsf-tdDCHHmc94QgIB3ZJJ6gAgAAAQBSAAAACWgBBwoAnRaBzJDWHnHStoWxjOfrxvMyzRu1YO-z7Gs_-_zbyemkTlW96hanv3_CzqDYkLjAhzizgXwDMKdWy1ReNrVt9scym2hEngoMUdlc01_u0g2jDl3cTNmnesBb-WhK8eyJS9TQdSl15HuRwKvrZiEz_NCvvLe7jaxX1KI2fBvwLPSx2vrcyKnv0EYr5HDnEiz6uioURPmxHEXPublqJZeZAtp_fKxg22__c1zkrHHdGAuOJhhqAMwAcyekozp4rSa72iyA4gMeb7pjipihFDHfaH_Nv8nAryVXDF_O-j9pVxfp2IW2boVohaX56lVliPsXU2bSWYyNp6HVcXZBb9sHUfkYYrqcXD65nEXr1fv4NYzQgk0lChGCQihgySnRc7NX8qK8KQHz_Wp8pvfO9Q5gW7y-A56mB9zM6_ZQXwoAZRiEIjT1nAa3KVjuperUpwxTowU1sz9Lhxf-hb9gWEWv7nSaxs_aUMfj09iSfEYNb4eKQqewv2h_aXtqagPjBy_k0FjNWzxExJ1BivLEhF-MJtEvnHiyGKM80aArLKL5hNry8t-reiZQ_pd1hX8Kes1W9ERSkCo0Z2K6qI-Ynx6oH0iU7RqH57cs6xzdCV0hqY5JtyPgWFFKbgtTH4RXrYqoGIweDSkhPMYS-D69D4pBBfd6UTjSunA-jWO5lZFO4Rxqk8y0imdTINW_hg-c5he4I7tvykBvSgvCnkD-XQPTo-foHEnJlJSa9Qs8aG3bEhPnwKAlVmVsuOKuqv7nBMz9k7V-s0ZjDMpo1j70AXU2w0vG2Lr-q02asnQhYXN52-yvaZGr7vGAKjNZuD77vguH0r2SwadHkYIe1bcJkY0XDitlfjY9WZRbiO06MYXIixu2CE7vKBpGtQPA98fL7aisknvEUEf4fy7yKdWjnzs-6wCZGvtSHEJ4NGfHbSFnfMWZAu9Wxaf-66NkECiBXAey_1v2HYBkj5IKMeyYbXuuYZL4mze9zLmYFxYy3Gs9ZrxyaYDtydj2oPI6UHi41-LdQppGq-TOteV-2NhOOvu0gU0EphmT4_tYnEMBorjCR7BHV2e23uHIwcpcYahs1Yh5VlbTXIKbB7JJ0xXshaPn4Yj_D92NCgQ-taJtZLoPe3-QQjlwJfF6XpfaLqrSC0MjUi6N-R5iUubqcrDGkZIVKt_Fy2pikqaN1IxZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311010101&jk=23128242472952&bg=!DwylDEPNAAb4oU7C2KE7ADQBe5WfONuKsG7fKP03ch1LKXnfAfNxRS3OQhVD7Ml0EiGEpt7UtYOIRLxmFxHX4_VVHuaJAgAAATVSAAAAC2gBBwoAiN4SDrgaf9yq67uhNaYgMk9nccXoNXkZsUZQMiw7v3gHQsVBpr_Bi8gQ0cVq6kVSjWCFtSt8zJ52BQEg_FkXuEKc10XUskUbFFP2G1k37FCvmo9AcUrVj5bUnhVsqg78L4TIBWZIJjTFDcNR-CBrUWqzXMiUy_JEAE5RzxNCbWlcoirrFQjrJ1KZAsCDHqL4SAATb25lX6GxtNoVQosQILACUhQy6_os9R4wqmhNVt78iEbIhnuNIDDVkXx0tCROxAEoCHcuPmTyDuD6s9O0Qze8PrRNlv5IXGxUfDtzEnJtg8snLZ6EMS9__L0s0lYo71zRKzMfrWsShw2cpH7w8_a8kb2yxmRo5Q_Uv-hiQ0RIeyCkWw27BvplCjdt0s_FDDw3d4ES2rLF9dvzpKMjgoxjr9PYME6rIuvI95fQuTcSaVThXQFnnS6v5DYQhb4ux07MbEhvmf9gopf-UEzGfsy5_X4bwfeX8Yd0sQRjxXrtF1HG0BR1xRr-R1AKq0LK3YRVi3IZgd3WKNnf8cG11AqPPtGpUXxnrhQfoft6b1E-SmSFCXzXP4Q6rDkpNu7pmRhBvkr-7Oa7L2sLDOiKvngZLWGGz_AYcSa7WkfFjYWcO_eNbtAiEOCYlLN-NHH0Xc_F3tWlSAb7N9pSuHp5mfHQe5XO_urO9HwC50j606nhBovMpLipSkOSiRitHC5VlQjPJzTZ5DV9BMK3PDS59aakTApcvJVyj3YhFEV5J1paEUs3_w_oYVkJq7tYyK7qprxpae5PwcQLokHfaUUmSB5_Ha19-Gx5Ywr_uC1XuF4KDzXYX_X72j1wmo_lQfDBK7aEg-psJWEjaNpf8_x_m80RVFJWevzoyT69uG4ernPzZGMWTNBJH8HiKN9uGRnYN5lh7vMaN_PRKovp7qTTQS7Y1r_4Xp0c-ylqwTLM-a2mKYDBqhOgtbv8NquJAKlN5yvFg6V1xzm_SAKJcei0VFn0eG9CwUp_g8YnoZGQGwQ6tfNPEtgmURodqOE-7hpw_8x7m9aBQ9xuC6u38lusnZbE9DHmcC5d-gqy2DVAqFloODnl8vI2Y1ryqXIrrysPURcj1myRIVe3wn2xvUzut7P-TH1aZ_nmQwV-Yw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/7799bec6189441c21619134d8adb850d.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/69ad1533d73c5e257d335b976d2895bd.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/c8cfd5e2bc439291c21f2fbd1e55543d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/00b9c55352c6d820c5d892ba163b5264.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/c10b77f3f4a25f44545fe40717b5032d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/1a3b8999398276a368d8f37969a85e43.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/0ddb004acd894c23d2d6d9e1cc371586.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/505b4a95b8d806c795fc6f1c990a36cb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/18c48024bef49e757c93b38668176786.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/05c07ec853bf8c189ef589e145be74f3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/5483c53934f1cd744c72f3d406d27107.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/5c77520c66ff397ea20ad34699a788fb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/478ac97549ae4353d83945baea2789f9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/01502244f0f6b812edf18d86e81e17c4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/47b6528d8891ba32fdcd8ddf1986e809.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/4db17f0b9c3fd5c30eafcc11ca28e2b2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202310/3249f04345c58b82dd826270839dfa26.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/5b5a2cafa4e7ea17077fda6952f4b7eb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/d017d34282d8d52215c2ac19da0a9f0c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/9363f47a8c64eb59a5dbd6b6d78c4336.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/3b406c7532254597dacc24e2daa094eb.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/9920ae0b6f35feacfe97a635bf147fd8.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/bd7369ad6b628148702975b5a2164bbf.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/c013a3cc9cb777bc481835f2048808b7.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/9ef56bd4fb9245943fecaf4068d9208d.jpg?w=150&h=100&q=100
Domain
sync.aralego.com
URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=95537766982&lsavail=0
Domain
ad.vidver.to
URL
https://ad.vidver.to/delivery/v2/sync?userid=64815808-0e60-493b-bad5-d2adccca1543&p_id=15
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/adreq?cb=244
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-reV3YnVE2oXuFeXtIvtawtdQwNjtkXJHHhVSdX0-~A&redirect=
Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Domain
tr.blismedia.com
URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIz3FNFu9kozrBWsHYPs51A&google_cver=1&google_push=AXcoOmTZKcvDBQN3F1Itmf-45wFnH605ErvdugEbihJ2fH5S53lbjJkmSU-uZapCM7p6HaV6B4KJq9quOX28_s0HBQOze0nM9lDqZQ
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEDld9ufXgIpiC46JIS59BKE&google_cver=1&google_push=AXcoOmQHzLL7VtHLBe7ehjZ2q0aoYv1BN8Bh9rFfFPhZdB9pcNMe8jFmt78L71ww55rNTErjhzDCvQ5TozLbaOzL-zBsHvAh5T3V0g
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEKlUfcXHfPRFc8eFk4G3h0&google_cver=1&google_push=AXcoOmR5yNYTWU4GFF_5MBOtmvOOIg-1UaVTuzjh_KHXt8w0s5wsP34lb0KSP-9e90gSlCRlQeLVJ3w8u9zhvbgN3lQHveiT6XW7PQ
Domain
cs.media.net
URL
https://cs.media.net/cksync?type=g&google_gid=CAESED7tWvBdq3VWRGVl38HRluw&google_cver=1&google_push=AXcoOmTPK_4Utl25LTaSISOHQomxImybsBfROPyerb_hsMtku6XQZTReTWu5NFoiaHr5Uj0TqKrSaql3VArH-EZCEmi-Y-F_GvunfQ
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEKdSaAXhvk1YRltTH0nXtDM&google_cver=1&google_push=AXcoOmRoFFy1mdXqbCtrruxMUcN-pnAFF32C34tTTdzZEjgXMny_jaHObyOaWKpWa4zHnIsO38NCsq_aU1gNkPF8-AmJOp75YN6rOQ
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/gob?google_gid=CAESELVK7MAoQSgAa6s2123b-7s&google_cver=1&google_push=AXcoOmSCgYAvvQn2iAUW-BHx2tfssDuhL6icZcfQ6nNBT1kN0sxhJJqKmdX3LRuz78uw4dBXRrdE6h7dbyn0j76MQVa2mUvDgWpMIb8
Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-reV3YnVE2oXuFeXtIvtawtdQwNjtkXJHHhVSdX0-~A&redirect=
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/instream/video/client.js
Domain
cdn.vidverto.io
URL
https://cdn.vidverto.io/secured2/vb_8UML1NpHIdmLfBOM8oA:1699284644/1327/video/1811/480_650.mp4
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LON027IV-10-F96X
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=25470
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-QmojKuZE2oJ9wXYL.LiYN2BmdmTtjeNl.0KYBA--~A
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=80&3pid=LON027IV-10-F96X
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=19564
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LON027IV-10-F96X
Domain
hb.yahoo.net
URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1wZ0w5ZWU5RTJ1SC5hd3EybEcwQW1zNWJQUnZHZEhxX35B&ovsid=LON027IV-10-F96X&dpid=58160
Domain
d2q8xv8xf7whrd.cloudfront.net
URL
https://d2q8xv8xf7whrd.cloudfront.net/script.js
Domain
a5174.casalemedia.com
URL
https://a5174.casalemedia.com/impression/v2/693656/85/cl4fh50vntloohvoo7qg/c96e098f-972c-4465-964c-23024354e961?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1699281644&profileIDs=&creativeID=28ee720&pubID=189372&format=banner&channel=site
Domain
www.gstatic.com
URL
https://www.gstatic.com/mysidia/8a6c58a25e971cfbc194f00dd2aa8ad4.js?tag=client_fast_engine_2019
Domain
www.gstatic.com
URL
https://www.gstatic.com/mysidia/d14ff5ba081e0737c484ab1a43575bd7.js?tag=video_location/web_och
Domain
www.gstatic.com
URL
https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019
Domain
ad.vidverto.io
URL
https://ad.vidverto.io/delivery/video/pod/aHTLd9FQPhWEkcxcN3GAKyQrLTRrW07qSAkxN9dWPnkRRYlq3CE843O1y8Eej4G%2FjYT17W1eNQJyDtGgMV7VB3CEA2wY%2FmBQVNNi3IiCTyepHuGlov0WdZxQyaZHr7lCWlQyigFO3jpQyznT0SWq6sKQJ8%2BxSqwViLcVNUeibV2nxbvifT2BfnhWBIudi22t7aDdISVC%2Bj7HRTr6XxYx%2F31i76Ry3Z9C6x1ufAxCraMoxzU3We%2BHwYnOPH08axpW1WDYayfOe3rN3YC5dbyQZuRlwjUrz1KZ8zmC33fRAV3tc9KoR%2BP4Sw%2B0hD7r2Lq75wLGBs8vAufqwYzq97LTObRSxHVym4L9e7J33SKVzE43WaoEKxuOF5txl3o68uGLd3x623crdo29cjDJgHwQlJjgGONY8RX%2BNjrYqmDdTR1mVRDSqMsRuhLxVV2pkXotZdbLI4VXJmB9D1Jhl6NX6RS267SNt8RTPxnVKwLhW7cM2o08TGT8rPX43Jt%2BXBdThBaN2OeadtRQl13tvA7lIxScR6HGBrJBmQdFe26cfvL%2BnOiIzkjfI9Si%2F3hVJe8a4hVHxg3kl6OGvnXc9kcaAZnTPGXXFy9Xf%2F8oKLRXxS02LS%2F1QuAsM%2FpH%2F%2FkKAOVhoNmc%2Fe2a%2BDS3ptvhWGIHbTR%2BrPwDG5Jd%2Bde7RsWueGAR%2FLeSPZ%2BsH46m6D2a41ZIgKh3gWe8jJEFU7T8TweBRoqDAKbMJw0TDj2ppS2%2FwI85qVCEPk1NPkZqeXwOnyPNmATS4Q919xwhVk9lCFoeI%2FloBjTM6mWUF4sNSJWweQE%3D?bids=%7B%7D
Domain
ads.smartstream.tv
URL
https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEAI4_aMwYnE34eheWEGcSAo&google_cver=1
Domain
ad.sxp.smartclip.net
URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEPniufZfbQneTLy34HOoyzk&google_cver=1
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Domain
i.liadm.com
URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUj4ly0uyDqVghiSXC.figAA%265178&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Domain
rtb.adentifi.com
URL
https://rtb.adentifi.com/CookieIndex
Domain
ad4m.at
URL
https://ad4m.at/ad/sim/ix
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/ht/htw-pixel.gif?ZUj4ly0uyDqVghiSXC.figAA%265178
Domain
mts0.google.com
URL
https://mts0.google.com/vt/data=HUsYhtFzwYAPOfk_FhuUdaQcSO751tuJDTzyfD8g16WOsi2mzzep4iO0TI0H4ronibRBgQWCFIKhjOw-
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQ1mv6uHh_rlOTDR-x1B3bUPaIuBhPVWioAoRYenBNaB-cwQvyXYAeNXD7z0uRX6J_cqpj0L6y10L8YLYkBxazjiiTyob8%26google_hm%3D%5BUID%5D&google_gid=CAESEHbkcjVJZL3gqKGQ7oB8wdA&google_cver=1
Domain
google.partners.tremorhub.com
URL
https://google.partners.tremorhub.com/sync?UIDF=CAESEJgIGIcudM8u51E0Ca1hXP0&google_cver=1&google_push=AXcoOmT3yO-LlSisYBDIVYr9o4jY7NCzpDXTwaoTDFh5ANGCkbrLu0_-HWSxy40ov0hx7Yxj9rGgo_KB3Ln5Id1d5BFHUo7qj7c
Domain
a.rfihub.com
URL
https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEMCQc032brMYvfe1pIMl20I&google_cver=1&google_push=AXcoOmQx7fL21lsuAMACm9yhPWxv5AGR8mfEoZdDH7PK24vrP7A_w_FVWv_9NAnbwNDNjmU3jjPYNB3SFwaMVL-p2vCeSO7sfTSj
Domain
trace.mediago.io
URL
https://trace.mediago.io/cs/google?google_gid=CAESEIAqqh3zePWbOn0212kt4UM&google_cver=1&google_push=AXcoOmQeoxqCM5axsKC34XMqPWMptyMTz-RaAlsM_R6kdNHJJUAESZ6nNc-D7wHQmASIBKmn0MBnHFUEanhZoxmS10lvJ787UM1s
Domain
partner.googleadservices.com
URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA
Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6c982058dafdb70f0000000000000000%22,%222%22:%220x1eb9bd88a64d897f0000000000000000%22,%223%22:%220x1bfa190290ad6e2f0000000000000000%22,%224%22:%220x7edce9b2d725c8b80000000000000000%22,%225%22:%220x6197e68ae7cb6a860000000000000000%22},%22debug_key%22:%224098183907724616598%22,%22debug_reporting%22:true,%22destination%22:%22https://frankenspalter.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221067887816%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221042761916752009793%22}&andc=true
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Domain
adpushup-d.openx.net
URL
https://adpushup-d.openx.net/w/1.0/pd
Domain
public.servenobid.com
URL
https://public.servenobid.com/sync.html
Domain
acdn.adnxs.com
URL
https://acdn.adnxs.com/dmp/async_usersync.html
Domain
contextual.media.net
URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6c982058dafdb70f0000000000000000%22,%222%22:%220x1eb9bd88a64d897f0000000000000000%22,%223%22:%220x1bfa190290ad6e2f0000000000000000%22,%224%22:%220x7edce9b2d725c8b80000000000000000%22,%225%22:%220x6197e68ae7cb6a860000000000000000%22},%22debug_key%22:%224098183907724616598%22,%22debug_reporting%22:true,%22destination%22:%22https://frankenspalter.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221067887816%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221042761916752009793%22}&andc=true
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL1qRgOXWrwSAjRJBI5Fz4U&google_cver=1
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Domain
i.liadm.com
URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUj4ly0uyDqVghiSXC.figAA%265178&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPQSiRyYmmDnXVFWXRStye4kmI5q_8EsJ_q9G9T3oE37D_cirat8sG7pmt8LNmIdO5QpF3040AoLVTkirouoOwey9TDaizkozrTJ0wL6j7i49V7Wa528fXNjbLuH4hXwZ1phA_i06bLaEPhLoE0by_VA1UglXXo_qlfcR9Sw7qk_HwwVO0H4H9D4_lXkdiOFRZkh8recUoWNZhO-QvhDF1Ejc415pxRi4Jer97soi2Tm1r10wOTx0Pw9_5nL4JQS6JP5Sb1FwOJJRDsrzxqRDTqatoi4SpvZBklixli73I9sfMCXPPXnUrLg_8lKFNQ2HEGt8-Mndrx1lmZzYRNk0BAGsWVE9ImPTqSrQnoNhTetlzZmNK6uFXtOIkv3AhQ_qMm1H5EmtkbFmYcaQZVvi4jMqCi6ZBrPazgzX7bRMfSYVgghMa8oF29eG5h_mtpPlZG3-X8X8NjrP8IFp_LwKjk-C2ksMq4L-HRJKWnNfZb6I2N7z5UiWaz9HV1MmS4elNQCa9QC8-Va-IKrbSOoEy_pOj3RrFBXV5YfhphXRNE86Hh9GOuu-_EDEWTWF9wH-hzk3G3rt3x8R3fQQSQWZmDV4wrqtU49BBUq07a1v0ZqDzIt3UhZWnoarmTg8btJq3S1z-lDEbb5pQUegy7tTpdBweEXDy8lmDcmvpYbeuQiLGCPOUWhbMr6lnZubOOWSjbXMggsV2dUsGVz1mzJKKS-kOetlRxPpaZ8GKTfDh7XmEBisfUgvv-C0xM2KrQdkstQRfCKPafeDoNOFSFRPtE-iD7GMEMTLPTVtmXaUIIXK0UtGyEkM2fl-vA8lEyioyObxkjVqXf-CthuGuJmJKxsQG5zZdYQpMQeBF4JiaV4sDAXN1MpcFS9vQ-G9d9xS7V3hRuclWBNJJXq_hAACLZSWXW-F16H--aRERZvfVoz2cFgfFueZ8gcrpTGWptTuZTyti5u_AXQuFuc1xBli3u5-Kj9HF1OoEGFdh-uDz6Z0pjRNU1jVq6gEn7cm68bVTFJYSIsYvcM7aATpwicogeroknwdvZtF9Xg6DZ781WJoR6dn7FXfTQ9wAzd3ZyzVQ0DwHS_uVE9QTSqZe-R-WYIkuOcnlfpdAG_7MMmbKnUPa2BmOLWNeeI5f7QWaU-vKbN6VWeinecwXGzmn3Z83yOciN-eEXT88d5ENQNKV5GGSsVCW-SALLCq4pj3MrpkPREexpIuY7XcbcktdwyZyvsWV2sp62p-wSVkIXiJDOkYrCtfYI3g5oj7hdJ1aPElKnz_bAVOpMAL9SdtSB2RRdIuOsGobWhQNxgL8liCL5jiK0Mkxj2Fl1RHWapWAZEvVtxBeeA_s37MbUMr0jzCfZps7iht2PJIg1Ll6xrvaDUbmrU3TMxT9O_djYdmu4JGsRPYi7CG2TauSmYKm2SL-9bdenL7JQi6Wd05WCxboLM__D977oiOvQtzUAZhFUuE7V4vUOdKYHkL2yt3SzZIuns1LeRrhd3Z9_35Z4HHSzwJCAoYR11eNevJTadUWvPwC7sjFcWVY8gt94vr4YRbqHO-tMqbj0YxZ6g088-Uij2bwQgNhC60OI8gowkMP4j1iP6jk7xnXrEDXcsvqMMAMiv_7amR2I_d2qk4NWFaz&sai=AMfl-YTDuy_MfMbh0PoFnX3dRYhiB4tHcwif-gViLgp59W9mGNc_dQwczamn1Wgi4uiSbw-4xxwbIvVbKtIx_zsJatLGNaFVSnv3A6KjuyeoO_z1k5RrOpzfkFpvrVaYnkSuY2jOqyYWAqT7pw&sig=Cg0ArKJSzMqH92_JjoilEAE&cid=CAQSPADICaaNNuRXPGsdo_q-JUje_F1GXdDN4Jcuz53cLhFL8cH62Scr_WfJIEtr0uzO42-Pf_IJzj0sSaT69xgB&id=lidar2&mcvt=1047&p=60,245,310,645&mtos=1047,1047,1047,1047,1047&tos=1047,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699281047767&rpt=1946&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/5b060c263d2ad79bebbe993f68225b05.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/0d3df55f64d9b364cbf0a3a9b92280e8.jpg
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Domain
ssp-sync.criteo.com
URL
https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
Domain
t2.teads.tv
URL
https://t2.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=efb1620c-f688-453c-8ccd-126052553619&pfid=68&env=js-web&ut=1&cid=1150932&gid=1087663&auctid=6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178&sid=174681&scid=7024&hb_provider=prebid&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&pscid=20204&psid=415253&cost=R_OHUhCSErph6E_ywv-wXjlz&cost_curr=USD&analyticsOnly=false&brid=7119&ad_source_id=128&dsp_campaign_id=1087663&dsp_creative_id=1150932&fms=9&p=gc04INT1zBMO17b7M8LR6owPTNEmq9YdcMG-JY2jCWmrrkV_oxTB5-2sD55p1Wgo6yk&cts=1699281045446&cs=676316860413278867805&1699281045446=&slot=native&fv=1283&ts=1699281052122&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Domain
t.teads.tv
URL
https://t.teads.tv/track?action=adReceived&env=js-web&auctid=6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178&pageId=154680&pid=169092&hb_provider=prebid&vid=efb1620c-f688-453c-8ccd-126052553619&pfid=68&f=1&slot=native&fv=1283&ts=1699281052123&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Domain
t.teads.tv
URL
https://t.teads.tv/track?action=adCall&pid=169092&pageId=154680&auctid=6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178&vid=efb1620c-f688-453c-8ccd-126052553619&hb_provider=prebid&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&env=js-web&gtc=1&gdpr_apply=false&gac=1&gap=1&ca=false&bsg=uncat&bsias=unsafe&pfid=68&gid=1087663&sid=174681&brid=7119&cid=1150932&rpm_reason=3&ut=1&p=yIPmkcGOto9sx4OV6ALALKpetRK7K2GSTx7UpOdBRLzRGQAvcJsk6vFZNOIIEem0lYfk4IBUcDfP7I1Bs8X_Wvj-&cts=1699281045447&cs=235574582174640231605&slot=native&fv=1283&ts=1699281052151&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Domain
a.sportradarserving.com
URL
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENMtpIW2Ovzwyb3KvHinFXI&google_cver=1&google_push=AXcoOmT0mtjBpAmfLoXx64_5Bnq4sDw_zzSj4FrfOcncnEkMITblujLUu4319P3ciI0cVwa8Ti9RVP76qSXURJIqhlntdB6MmSjTagoF2Cm3yQe4dXt1xkuNKN69Qrxtfv2nQm8SnfvxRIUXS7xKTlQz0Ocn
Domain
cs.media.net
URL
https://cs.media.net/cksync?type=g&google_gid=CAESED7tWvBdq3VWRGVl38HRluw&google_cver=1&google_push=AXcoOmR6E4IJEuhCDtq-mWWrAs2S95U8Sd0z860Faz4u6DCOOdzQvU8uesPj4Bgulscmdj2RMFqvarPMtgzplKN7lPfMjwn3p_Xw2LYUouCg9TQP4oDWLmwP0IHbnWBcCix76AtYOx7JBjNJ-kv842dU6K4
Domain
sync.teads.tv
URL
https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178&viewerId=efb1620c-f688-453c-8ccd-126052553619
Domain
s8t.teads.tv
URL
https://s8t.teads.tv/creative-2c300e30-5c50-11ee-9d56-c50e1e5624e6/performance-image-dco-912cca70-53eb-4fbe-85eb-fa99e362fbce.jpg
Domain
ad.doubleclick.net
URL
https://ad.doubleclick.net/ddm/trackimp/N1003055.2065319TEADS/B30725832.376914470;dc_trk_aid=568155215;dc_trk_cid=200199319;ord=1699281052218;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/7782998610513530828/index.html?e=69&leftOffset=0&topOffset=0&c=7JJme3abqI&t=1&renderingType=2&ev=01_250
Domain
googleads4.g.doubleclick.net
URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsusbAe8bKycIHa8FiH9dkd8ovc8dkRk9gaHzlvoDCBAmSquX7scoowTsC5eXk-Z_AxLSUc_YG-LEygX0-U0a-BU-DdZNMBu3_pm_U7JNFI-YNKhtsWfkvZNiUSI9N2Y8kxO_7I-cmNOFPiiF7-7fzl4Kwp_NjcW9N3xadGe1cSqvmahdcqVNgRG47GZp6AbY0kptjQtSdqO_-0MIam4-PNX6rw0826eOyHNxRCsqRR84IR4SXIRac_bt7LDLGVvO9X61CD68-4wP-1fJ38LwP5jqChXgDBHotkW5VDBrK6z6cTrkhHiOMylOebezbMP4BqH8OfRrJATxqo-2zHvP81ycoSmHax1qhRvShekIrYuSbkYj8hJqhWEy36TlsyQ4aQlYBEiW7gwG86wlExObNcPHfguf0seaBpnzDzC-n3GfYclfdDBBEGfVitTQjOo7bV48QdnlmHuKUm-EA9O_7ixGneOpEyews8QVbNGiArDMDVRnTvUI2vEr4LQSsvcw0S4Wbp2w9if3zQR-6jlHxU5kVxFW3-tm8PBBbT28JXeABL6YdX1xZrs1Gu83i-K9ICteNSEHCkWc8sR--u11_qk_rpdC2YGZYyxuy3PSoGfEQl0H3swHARxZoYmayedBpDTxPLWB9T9WltMIAzsQvjTQHwkdeI0hO4nprJU1_Pm6ryjY86wSpRDCaPq-jHgo958NatZCt0WBYe4oSxJukt6D3SM9m1WWvGuwWid5KbF8vQq7eFnVSGbwaIDp38tNCJ-HVP24KrVXUUxTTfYxtPRvvHlNZg2JFmyccAu6-67FccXtpXi5WWEIi3EmDre4YIWXEeN1kvn_kFz5X7YmcFzaB4AGz8ms9I9mqrnLLAirU-nmue1v1Bpt-5t0IIbt1mDwwI-guuvRKZQVH9GYDmXuKySf2zNLhEoqaUmGg5NMRh5dYsgkit9Pd-B3UBFnkocU6frnMPi67kdB_5CwXaoATPPLhPyvsMy3LgpufAZUegfA7luk0loqftFts0hblF4as_0qSbm8VxnL0OV7YB_i6fWaxN2VN7acPdPDAmdsV-Er7g3syD2p4jCaW7Kwg4eOPCaUP8aEvOnkgHR0ONopgokyjyFPKj4aPjLhBJSoHYzm-wPH1G2N7rEkP5SonwI2zbfoklquwCRZJO5laMZ2l2Fl3sGG-rXysEv-UDoNMusPErG0_l4CvzMZ07Dc_JzFnG0WGe_KuLdX9RLK7-_R0x6yIa6GS1CBEzkZ3FkXw9tZwq3TfgRcfqpch4&sai=AMfl-YTCriszS34D8t0U1uM-RmgBv2Hh8niw97BZhmK5paidBbJgkwo5k4buHyeDHw1tTsi1AhE_kO9iIzb-doPsRLXpOYVwJ4NcxvFRvpr-gvfN3Ls4Hk9923uv4hbSJ9cXEL_5UeNLZvIZmplajNAzoMyHdSM_daoCqvfQqkzoHRPUkNQPMBbKpbFRo0-1Mt7sMClmt8pF0liIVKZynWiTmT1ULkNeB4pBTj1e6knpjJVCpBQDqP5FlcWhOyuTum_3iLIrfZs&sig=Cg0ArKJSzJPhPUxzn9mQEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1605&cbvp=1&cstd=1553&cisv=r20231101.47543&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/instream/video/client.js
Domain
cdn.vidverto.io
URL
https://cdn.vidverto.io/secured2/vb_8UML1NpHIdmLfBOM8oA:1699284644/1327/video/1811/480_650.mp4
Domain
cdn.vidverto.io
URL
https://cdn.vidverto.io/secured2/vb_8UML1NpHIdmLfBOM8oA:1699284644/1327/video/1811/480_650.mp4
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4347799068408990&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2932055677&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fvb_8UML1NpHIdmLfBOM8oA%3A1699284644%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=3E0F821C-77F0-422C-AD5B-CD97B578E45F&nel=0&eid=44750824%2C44772139%2C44777649%2C44781409%2C44802463%2C44803784&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&dt=1699281054236&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&scor=508278899832926&ged=ve4_td12_er698.400.699.800_vi0.0.1200.1600_vp100_ts6_eb24168

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag function| _statcounter function| _typeof object| TRC object| _tblConsole undefined| msg object| adRecover function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| ggeac object| google_js_reporting_queue undefined| $ undefined| jQuery function| jqAlias function| setImmediate function| clearImmediate string| nam object| placementData undefined| google_measure_js_timing number| google_unique_id string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags object| aries object| google_reactive_ads_global_state object| cmTag object| ucf object| request object| _apPbJsChunk object| mnet string| nobidVersion object| nobid string| paramsString object| Criteo object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _cm_wfCounters string| lastWfUrl number| vidverto object| regeneratorRuntime object| aries_registry boolean| descriptionPage function| inView function| VASTClient function| IMA function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| VidvertoPlayer object| vpbjsChunk object| vpbjs function| quantserve function| __qc object| ezt object| _qoptions object| _aries object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| inViewWindow object| vidvertoPromiseCache object| closure_lm_760451 object| googDdmPs object| google_ad_modifications object| google_prev_clients function| startCMTagMain string| category function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer function| VidvertoPlayerVideoPlaylistUI object| closure_lm_115884 object| GoogleGcLKhOms object| google_image_requests

77 Cookies

Domain/Path Name / Value
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1699281042.8E60158DFA374FFF87681BB65D8AEE09.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1699281042.0
.statcounter.com/ Name: is_visitor_unique
Value: 1699281042647463118
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1699281042.1.0.1699281042.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.116137940.1699281043
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Da555554e-4a0e-4772-9871-79cc2cc8e4d5-tuctc427e12
www.bg3.co/ Name: __AP_SESSION__
Value: 62a225df-2054-4cac-bb0b-2c3d067daebc
.bg3.co/ Name: __gads
Value: ID=f0e5a09e382c81e4:T=1699281043:RT=1699281043:S=ALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA
.bg3.co/ Name: __gpi
Value: UID=00000cb7138c9a35:T=1699281043:RT=1699281043:S=ALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 66b971dc-ffa9-45c0-959d-0325bdcc3f41
.doubleclick.net/ Name: IDE
Value: AHWqTUmKxt1FLMJLJtFkBCzQPtwNgLs-aj9i-EoOGjSQ8_OBGga0KXjH9g6rMd6-H_s
ad.vidverto.io/ Name: moxuuid
Value: 5dddf150-824f-492c-9ade-1fe74afe8f80
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1699367444
ad.vidverto.io/ Name: _mwayss_imp[23133][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23133][frequencyPeriodEnd]
Value: 1699367444
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][frequencyPeriodEnd]
Value: 1699367444
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1699367444
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1699367444
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 1_1699281045_1699281045
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.teads.tv/ Name: tt_viewer
Value: efb1620c-f688-453c-8ccd-126052553619
.omnitagjs.com/ Name: ayl_visitor
Value: 1443c055c0cedda6f4cf239a1b6f18a7
.aralego.com/ Name: sspid
Value: cf3e1201-5e91-3d67-9887-923d8d5f7a00
.adnxs.com/ Name: uuid2
Value: 7069209738041572370
.bidswitch.net/ Name: c
Value: 1699281046
.bidswitch.net/ Name: tuuid_lu
Value: 1699281046
.bidswitch.net/ Name: tuuid
Value: 64815808-0e60-493b-bad5-d2adccca1543
a4p.adpartner.pro/ Name: apuid
Value: 5c28b338-8b80-4d11-9ab7-f81d010b1f0d
.yahoo.com/ Name: A3
Value: d=AQABBJb4SGUCEJ1l0-jelu-0QICl7gmsK58FEgEBAQFKSmVSZbtj0CMA_eMAAA&S=AQAAAg95lbbOB8Sy5rZlWsq3lMU
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1699281046.1.0.1699281046.0.0.0
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.smartadserver.com/ Name: pid
Value: 3230359227279246928
.casalemedia.com/ Name: CMID
Value: ZUj4ly0uyDqVghiSXC.figAA
.casalemedia.com/ Name: CMPS
Value: 5178
.casalemedia.com/ Name: CMPRO
Value: 5178
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: c45cc90a-3a1d-5236-b63d-3063d375c8f4
.betweendigital.com/ Name: ss
Value: 1
.ads.stickyadstv.com/ Name: UID
Value: 4f188bc43cbff39d850495a97db9b7c
.pubmatic.com/ Name: SyncRTB3
Value: 1700438400%3A220
.pubmatic.com/ Name: pi
Value: 159706:2
.pubmatic.com/ Name: KADUSERCOOKIE
Value: ABBD41CC-3511-4085-9C8D-F665C0C0EF63
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.rubiconproject.com/ Name: khaos
Value: LON027IV-10-F96X
.360yield.com/ Name: tuuid
Value: 413cd1fe-7134-4f0e-8d15-b24bbe02d580
.360yield.com/ Name: tuuid_lu
Value: 1699281047
.aralego.com/ Name: euconsent-v2
Value:
.openx.net/ Name: i
Value: 8f3f8c0d-e66b-4912-9395-3c534f393d79%7C1699281047
.admixer.net/ Name: am-uid
Value: 32700622c42d44a2aedb0f039c8c6673
.quantserve.com/ Name: mc
Value: 6548f897-ca9e7-7ff6a-a1cc1
ad.mox.tv/ Name: onetag
Value: 5cxk81p_D-S1RpjR2OjtC5fsH6V5pN6H_eTxxC_QYNk
.amazon-adsystem.com/ Name: ad-id
Value: A3eP8DfjYEeJmrLB5Jk5V9E
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxPTjAyN0lWLTEwLUY5NlgiLCJleHBpcmVzIjoiMjAyNC0wMi0wNFQxNDozMDo0OFoifX0sImJpcnRoZGF5IjoiMjAyMy0xMS0wNlQxNDozMDo0OFoifQ==
.bg3.co/ Name: __qca
Value: P0-2071036473-1699281046191
.primis.tech/ Name: csuuid
Value: 6548f898b0627
.quantserve.com/ Name: d
Value: EH8BDQGuKrjvsQA
.3lift.com/ Name: tluid
Value: 3915846383058280092266
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-06T14%3A30%3A50%22%7D
.analytics.yahoo.com/ Name: IDSYNC
Value: "194o~2ewe:18vk~2ewe:19e0~2ewe:175w~2ewe"
.adnxs.com/ Name: anj
Value: dTM7k!M40]D>6NRF']wIg2GVHiMEdP!]tbK8i_iqf!oN/@E'zz<*Z0Q`nGAYtLJG]ijKRgtb6uokEQ5'.=V3y-zH.nTD._*Pl[h>o'uTXn^*gRuK7O^uG/Q14xlFS4qHu7!Hzj9>w-/6_ndEi
.rubiconproject.com/ Name: audit
Value: 1|BkHTMDC1gDM2nB25ODkqE5CNEkchfOBOwyT9w57n6A0nT2ZFkaw/hzwJGNaUUnSeVVRXhgGWGb4kEa5N2k7U1SEEFoCDRlfY5yJVyavxcLjGOj3eOeYthuXJgMYu/vVdaPPeOixKWnurfEyPMKyhoUkpxrTgiz1lpmvllXEtYN4=
.onetag-sys.com/ Name: OTP
Value: h0k5YaXebvQoCXJ8BrKm_D2ovtE57dtp8EKQSDmuPW8
.betweendigital.com/ Name: ut
Value: ZUj4nAACC3CJhDp70aOC_lLQt7n0uwOm-njh2g==
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7783354667394345830
.bidswitch.net/ Name: google_push
Value: AXcoOmR-nCPzTmGb2FTDAsjAgU7sAQQpJZVnTF3fayme_IPSE2DRejldicSHQud7fdm6i3UDT4g_KidjUz8uzXqOAy-Nh_BuSVs82cHek2RiIQ53NIDAZAHaL2wnzZQzavsQxAY7Oh_B76yffOSR-RsZ3jD8
.simpli.fi/ Name: suid
Value: C9CFE0BE7F9E4F48B40D715BF90B7699
.us.ck-ie.com/ Name: CID
Value: 2f7e59dc81ceae095c79b1e629575d5f1ac496c0
.smilewanted.com/ Name: sw_user_params_infos
Value: VJtcbWmcbs%2FGDCYhmnT7mSw0tljLDUiqoQTvcm8LMjgFblAq8oIZtlaVEscvqDN%2Fg1JZLAsJGcTYuzo02JUNB6oMJ3aGgetABdjkD03jTCdHMEekDiNLwjkfRTDn9Eq0xFrePtV2ElqmITP2l8dFujnGw2ablxCsjxZ%2FJI8TV9r0xrAqaQlTDd7WXbTT515Q8GAwVPMpPV%2FBT35Bh5sU29cTlSaPN3YY4J33eXY%2BXKSF4zfZAN%2FdvnIm4v1GCxTUpOa9iI07Mz%2FHAe1G7J8x0s4pd2JYX8GvuLTW%2BLfw7U1cNQIm5pCSkPfraW6eCGg8ktunVUa4Y%2BogDGmt6mts27mKX%2FuGVFkUXhkNMe1U9yR5cCXOpFbzoKgOY44cZWlkdVXDexLgnwMnpG%2FRQ1CsEw%3D%3D
ad.vidverto.io/ Name: adpartner
Value: 5c28b338-8b80-4d11-9ab7-f81d010b1f0d

103 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/7799bec6189441c21619134d8adb850d.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/00b9c55352c6d820c5d892ba163b5264.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/69ad1533d73c5e257d335b976d2895bd.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/c10b77f3f4a25f44545fe40717b5032d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/505b4a95b8d806c795fc6f1c990a36cb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/05c07ec853bf8c189ef589e145be74f3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/18c48024bef49e757c93b38668176786.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/c8cfd5e2bc439291c21f2fbd1e55543d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/1a3b8999398276a368d8f37969a85e43.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/0ddb004acd894c23d2d6d9e1cc371586.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/5483c53934f1cd744c72f3d406d27107.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/5c77520c66ff397ea20ad34699a788fb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/478ac97549ae4353d83945baea2789f9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/47b6528d8891ba32fdcd8ddf1986e809.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/5b5a2cafa4e7ea17077fda6952f4b7eb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/01502244f0f6b812edf18d86e81e17c4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/d017d34282d8d52215c2ac19da0a9f0c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/4db17f0b9c3fd5c30eafcc11ca28e2b2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/9363f47a8c64eb59a5dbd6b6d78c4336.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/3b406c7532254597dacc24e2daa094eb.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/c013a3cc9cb777bc481835f2048808b7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/9920ae0b6f35feacfe97a635bf147fd8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/bd7369ad6b628148702975b5a2164bbf.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/9ef56bd4fb9245943fecaf4068d9208d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202310/3249f04345c58b82dd826270839dfa26.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
network error URL: https://cdn.adpushup.com/42753/L2EvbWFuLWd1LXhpbi1yZW4tcXUtbmEtcGFpLWh1bi1zaGEtZHVvLWNhaS1tby1sdW8tZ2UtZmVuZy1sdS1ndWFuLWNoYW8taGFuZy5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIz3FNFu9kozrBWsHYPs51A&google_cver=1&google_push=AXcoOmTZKcvDBQN3F1Itmf-45wFnH605ErvdugEbihJ2fH5S53lbjJkmSU-uZapCM7p6HaV6B4KJq9quOX28_s0HBQOze0nM9lDqZQ
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEDld9ufXgIpiC46JIS59BKE&google_cver=1&google_push=AXcoOmQHzLL7VtHLBe7ehjZ2q0aoYv1BN8Bh9rFfFPhZdB9pcNMe8jFmt78L71ww55rNTErjhzDCvQ5TozLbaOzL-zBsHvAh5T3V0g
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.inmobi.com/gob?google_gid=CAESELVK7MAoQSgAa6s2123b-7s&google_cver=1&google_push=AXcoOmSCgYAvvQn2iAUW-BHx2tfssDuhL6icZcfQ6nNBT1kN0sxhJJqKmdX3LRuz78uw4dBXRrdE6h7dbyn0j76MQVa2mUvDgWpMIb8
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cs.media.net/cksync?type=g&google_gid=CAESED7tWvBdq3VWRGVl38HRluw&google_cver=1&google_push=AXcoOmTPK_4Utl25LTaSISOHQomxImybsBfROPyerb_hsMtku6XQZTReTWu5NFoiaHr5Uj0TqKrSaql3VArH-EZCEmi-Y-F_GvunfQ
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEKdSaAXhvk1YRltTH0nXtDM&google_cver=1&google_push=AXcoOmRoFFy1mdXqbCtrruxMUcN-pnAFF32C34tTTdzZEjgXMny_jaHObyOaWKpWa4zHnIsO38NCsq_aU1gNkPF8-AmJOp75YN6rOQ
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEKlUfcXHfPRFc8eFk4G3h0&google_cver=1&google_push=AXcoOmR5yNYTWU4GFF_5MBOtmvOOIg-1UaVTuzjh_KHXt8w0s5wsP34lb0KSP-9e90gSlCRlQeLVJ3w8u9zhvbgN3lQHveiT6XW7PQ
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-reV3YnVE2oXuFeXtIvtawtdQwNjtkXJHHhVSdX0-~A&redirect=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 505)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://ad.vidver.to/delivery/v2/sync?userid=64815808-0e60-493b-bad5-d2adccca1543&p_id=15
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://token.rubiconproject.com/token?pid=25470
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/exchange/sync.php?p=19564
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ce.lijit.com/merge?pid=80&3pid=LON027IV-10-F96X
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-QmojKuZE2oJ9wXYL.LiYN2BmdmTtjeNl.0KYBA--~A
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LON027IV-10-F96X
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-reV3YnVE2oXuFeXtIvtawtdQwNjtkXJHHhVSdX0-~A&redirect=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1wZ0w5ZWU5RTJ1SC5hd3EybEcwQW1zNWJQUnZHZEhxX35B&ovsid=LON027IV-10-F96X&dpid=58160
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LON027IV-10-F96X
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://cdn.vidverto.io/secured2/vb_8UML1NpHIdmLfBOM8oA:1699284644/1327/video/1811/480_650.mp4
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://www.gstatic.com/mysidia/8a6c58a25e971cfbc194f00dd2aa8ad4.js?tag=client_fast_engine_2019
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://www.gstatic.com/mysidia/d14ff5ba081e0737c484ab1a43575bd7.js?tag=video_location/web_och
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEPniufZfbQneTLy34HOoyzk&google_cver=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEAI4_aMwYnE34eheWEGcSAo&google_cver=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://rtb.adentifi.com/CookieIndex
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUj4ly0uyDqVghiSXC.figAA%265178&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://a5174.casalemedia.com/impression/v2/693656/85/cl4fh50vntloohvoo7qg/c96e098f-972c-4465-964c-23024354e961?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1699281644&profileIDs=&creativeID=28ee720&pubID=189372&format=banner&channel=site
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://js-sec.indexww.com/ht/htw-pixel.gif?ZUj4ly0uyDqVghiSXC.figAA%265178
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQ1mv6uHh_rlOTDR-x1B3bUPaIuBhPVWioAoRYenBNaB-cwQvyXYAeNXD7z0uRX6J_cqpj0L6y10L8YLYkBxazjiiTyob8%26google_hm%3D%5BUID%5D&google_gid=CAESEHbkcjVJZL3gqKGQ7oB8wdA&google_cver=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEMCQc032brMYvfe1pIMl20I&google_cver=1&google_push=AXcoOmQx7fL21lsuAMACm9yhPWxv5AGR8mfEoZdDH7PK24vrP7A_w_FVWv_9NAnbwNDNjmU3jjPYNB3SFwaMVL-p2vCeSO7sfTSj
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://trace.mediago.io/cs/google?google_gid=CAESEIAqqh3zePWbOn0212kt4UM&google_cver=1&google_push=AXcoOmQeoxqCM5axsKC34XMqPWMptyMTz-RaAlsM_R6kdNHJJUAESZ6nNc-D7wHQmASIBKmn0MBnHFUEanhZoxmS10lvJ787UM1s
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://s0.2mdn.net/instream/video/client.js
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://ad4m.at/ad/sim/ix
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://mts0.google.com/vt/data=HUsYhtFzwYAPOfk_FhuUdaQcSO751tuJDTzyfD8g16WOsi2mzzep4iO0TI0H4ronibRBgQWCFIKhjOw-
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://google.partners.tremorhub.com/sync?UIDF=CAESEJgIGIcudM8u51E0Ca1hXP0&google_cver=1&google_push=AXcoOmT3yO-LlSisYBDIVYr9o4jY7NCzpDXTwaoTDFh5ANGCkbrLu0_-HWSxy40ov0hx7Yxj9rGgo_KB3Ln5Id1d5BFHUo7qj7c
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6c982058dafdb70f0000000000000000%22,%222%22:%220x1eb9bd88a64d897f0000000000000000%22,%223%22:%220x1bfa190290ad6e2f0000000000000000%22,%224%22:%220x7edce9b2d725c8b80000000000000000%22,%225%22:%220x6197e68ae7cb6a860000000000000000%22},%22debug_key%22:%224098183907724616598%22,%22debug_reporting%22:true,%22destination%22:%22https://frankenspalter.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221067887816%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221042761916752009793%22}&andc=true
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUj4ly0uyDqVghiSXC.figAA%265178&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL1qRgOXWrwSAjRJBI5Fz4U&google_cver=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPQSiRyYmmDnXVFWXRStye4kmI5q_8EsJ_q9G9T3oE37D_cirat8sG7pmt8LNmIdO5QpF3040AoLVTkirouoOwey9TDaizkozrTJ0wL6j7i49V7Wa528fXNjbLuH4hXwZ1phA_i06bLaEPhLoE0by_VA1UglXXo_qlfcR9Sw7qk_HwwVO0H4H9D4_lXkdiOFRZkh8recUoWNZhO-QvhDF1Ejc415pxRi4Jer97soi2Tm1r10wOTx0Pw9_5nL4JQS6JP5Sb1FwOJJRDsrzxqRDTqatoi4SpvZBklixli73I9sfMCXPPXnUrLg_8lKFNQ2HEGt8-Mndrx1lmZzYRNk0BAGsWVE9ImPTqSrQnoNhTetlzZmNK6uFXtOIkv3AhQ_qMm1H5EmtkbFmYcaQZVvi4jMqCi6ZBrPazgzX7bRMfSYVgghMa8oF29eG5h_mtpPlZG3-X8X8NjrP8IFp_LwKjk-C2ksMq4L-HRJKWnNfZb6I2N7z5UiWaz9HV1MmS4elNQCa9QC8-Va-IKrbSOoEy_pOj3RrFBXV5YfhphXRNE86Hh9GOuu-_EDEWTWF9wH-hzk3G3rt3x8R3fQQSQWZmDV4wrqtU49BBUq07a1v0ZqDzIt3UhZWnoarmTg8btJq3S1z-lDEbb5pQUegy7tTpdBweEXDy8lmDcmvpYbeuQiLGCPOUWhbMr6lnZubOOWSjbXMggsV2dUsGVz1mzJKKS-kOetlRxPpaZ8GKTfDh7XmEBisfUgvv-C0xM2KrQdkstQRfCKPafeDoNOFSFRPtE-iD7GMEMTLPTVtmXaUIIXK0UtGyEkM2fl-vA8lEyioyObxkjVqXf-CthuGuJmJKxsQG5zZdYQpMQeBF4JiaV4sDAXN1MpcFS9vQ-G9d9xS7V3hRuclWBNJJXq_hAACLZSWXW-F16H--aRERZvfVoz2cFgfFueZ8gcrpTGWptTuZTyti5u_AXQuFuc1xBli3u5-Kj9HF1OoEGFdh-uDz6Z0pjRNU1jVq6gEn7cm68bVTFJYSIsYvcM7aATpwicogeroknwdvZtF9Xg6DZ781WJoR6dn7FXfTQ9wAzd3ZyzVQ0DwHS_uVE9QTSqZe-R-WYIkuOcnlfpdAG_7MMmbKnUPa2BmOLWNeeI5f7QWaU-vKbN6VWeinecwXGzmn3Z83yOciN-eEXT88d5ENQNKV5GGSsVCW-SALLCq4pj3MrpkPREexpIuY7XcbcktdwyZyvsWV2sp62p-wSVkIXiJDOkYrCtfYI3g5oj7hdJ1aPElKnz_bAVOpMAL9SdtSB2RRdIuOsGobWhQNxgL8liCL5jiK0Mkxj2Fl1RHWapWAZEvVtxBeeA_s37MbUMr0jzCfZps7iht2PJIg1Ll6xrvaDUbmrU3TMxT9O_djYdmu4JGsRPYi7CG2TauSmYKm2SL-9bdenL7JQi6Wd05WCxboLM__D977oiOvQtzUAZhFUuE7V4vUOdKYHkL2yt3SzZIuns1LeRrhd3Z9_35Z4HHSzwJCAoYR11eNevJTadUWvPwC7sjFcWVY8gt94vr4YRbqHO-tMqbj0YxZ6g088-Uij2bwQgNhC60OI8gowkMP4j1iP6jk7xnXrEDXcsvqMMAMiv_7amR2I_d2qk4NWFaz&sai=AMfl-YTDuy_MfMbh0PoFnX3dRYhiB4tHcwif-gViLgp59W9mGNc_dQwczamn1Wgi4uiSbw-4xxwbIvVbKtIx_zsJatLGNaFVSnv3A6KjuyeoO_z1k5RrOpzfkFpvrVaYnkSuY2jOqyYWAqT7pw&sig=Cg0ArKJSzMqH92_JjoilEAE&cid=CAQSPADICaaNNuRXPGsdo_q-JUje_F1GXdDN4Jcuz53cLhFL8cH62Scr_WfJIEtr0uzO42-Pf_IJzj0sSaT69xgB&id=lidar2&mcvt=1047&p=60,245,310,645&mtos=1047,1047,1047,1047,1047&tos=1047,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699281047767&rpt=1946&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://static.bg3.co/imgs/202105/5b060c263d2ad79bebbe993f68225b05.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/0d3df55f64d9b364cbf0a3a9b92280e8.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other warning URL: https://a.teads.tv/media/flavors/native.js
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cs.media.net/cksync?type=g&google_gid=CAESED7tWvBdq3VWRGVl38HRluw&google_cver=1&google_push=AXcoOmR6E4IJEuhCDtq-mWWrAs2S95U8Sd0z860Faz4u6DCOOdzQvU8uesPj4Bgulscmdj2RMFqvarPMtgzplKN7lPfMjwn3p_Xw2LYUouCg9TQP4oDWLmwP0IHbnWBcCix76AtYOx7JBjNJ-kv842dU6K4
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENMtpIW2Ovzwyb3KvHinFXI&google_cver=1&google_push=AXcoOmT0mtjBpAmfLoXx64_5Bnq4sDw_zzSj4FrfOcncnEkMITblujLUu4319P3ciI0cVwa8Ti9RVP76qSXURJIqhlntdB6MmSjTagoF2Cm3yQe4dXt1xkuNKN69Qrxtfv2nQm8SnfvxRIUXS7xKTlQz0Ocn
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://t2.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=efb1620c-f688-453c-8ccd-126052553619&pfid=68&env=js-web&ut=1&cid=1150932&gid=1087663&auctid=6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178&sid=174681&scid=7024&hb_provider=prebid&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&pscid=20204&psid=415253&cost=R_OHUhCSErph6E_ywv-wXjlz&cost_curr=USD&analyticsOnly=false&brid=7119&ad_source_id=128&dsp_campaign_id=1087663&dsp_creative_id=1150932&fms=9&p=gc04INT1zBMO17b7M8LR6owPTNEmq9YdcMG-JY2jCWmrrkV_oxTB5-2sD55p1Wgo6yk&cts=1699281045446&cs=676316860413278867805&1699281045446=&slot=native&fv=1283&ts=1699281052122&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsusbAe8bKycIHa8FiH9dkd8ovc8dkRk9gaHzlvoDCBAmSquX7scoowTsC5eXk-Z_AxLSUc_YG-LEygX0-U0a-BU-DdZNMBu3_pm_U7JNFI-YNKhtsWfkvZNiUSI9N2Y8kxO_7I-cmNOFPiiF7-7fzl4Kwp_NjcW9N3xadGe1cSqvmahdcqVNgRG47GZp6AbY0kptjQtSdqO_-0MIam4-PNX6rw0826eOyHNxRCsqRR84IR4SXIRac_bt7LDLGVvO9X61CD68-4wP-1fJ38LwP5jqChXgDBHotkW5VDBrK6z6cTrkhHiOMylOebezbMP4BqH8OfRrJATxqo-2zHvP81ycoSmHax1qhRvShekIrYuSbkYj8hJqhWEy36TlsyQ4aQlYBEiW7gwG86wlExObNcPHfguf0seaBpnzDzC-n3GfYclfdDBBEGfVitTQjOo7bV48QdnlmHuKUm-EA9O_7ixGneOpEyews8QVbNGiArDMDVRnTvUI2vEr4LQSsvcw0S4Wbp2w9if3zQR-6jlHxU5kVxFW3-tm8PBBbT28JXeABL6YdX1xZrs1Gu83i-K9ICteNSEHCkWc8sR--u11_qk_rpdC2YGZYyxuy3PSoGfEQl0H3swHARxZoYmayedBpDTxPLWB9T9WltMIAzsQvjTQHwkdeI0hO4nprJU1_Pm6ryjY86wSpRDCaPq-jHgo958NatZCt0WBYe4oSxJukt6D3SM9m1WWvGuwWid5KbF8vQq7eFnVSGbwaIDp38tNCJ-HVP24KrVXUUxTTfYxtPRvvHlNZg2JFmyccAu6-67FccXtpXi5WWEIi3EmDre4YIWXEeN1kvn_kFz5X7YmcFzaB4AGz8ms9I9mqrnLLAirU-nmue1v1Bpt-5t0IIbt1mDwwI-guuvRKZQVH9GYDmXuKySf2zNLhEoqaUmGg5NMRh5dYsgkit9Pd-B3UBFnkocU6frnMPi67kdB_5CwXaoATPPLhPyvsMy3LgpufAZUegfA7luk0loqftFts0hblF4as_0qSbm8VxnL0OV7YB_i6fWaxN2VN7acPdPDAmdsV-Er7g3syD2p4jCaW7Kwg4eOPCaUP8aEvOnkgHR0ONopgokyjyFPKj4aPjLhBJSoHYzm-wPH1G2N7rEkP5SonwI2zbfoklquwCRZJO5laMZ2l2Fl3sGG-rXysEv-UDoNMusPErG0_l4CvzMZ07Dc_JzFnG0WGe_KuLdX9RLK7-_R0x6yIa6GS1CBEzkZ3FkXw9tZwq3TfgRcfqpch4&sai=AMfl-YTCriszS34D8t0U1uM-RmgBv2Hh8niw97BZhmK5paidBbJgkwo5k4buHyeDHw1tTsi1AhE_kO9iIzb-doPsRLXpOYVwJ4NcxvFRvpr-gvfN3Ls4Hk9923uv4hbSJ9cXEL_5UeNLZvIZmplajNAzoMyHdSM_daoCqvfQqkzoHRPUkNQPMBbKpbFRo0-1Mt7sMClmt8pF0liIVKZynWiTmT1ULkNeB4pBTj1e6knpjJVCpBQDqP5FlcWhOyuTum_3iLIrfZs&sig=Cg0ArKJSzJPhPUxzn9mQEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1605&cbvp=1&cstd=1553&cisv=r20231101.47543&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://s8t.teads.tv/creative-2c300e30-5c50-11ee-9d56-c50e1e5624e6/performance-image-dco-912cca70-53eb-4fbe-85eb-fa99e362fbce.jpg
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://t.teads.tv/track?action=adReceived&env=js-web&auctid=6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178&pageId=154680&pid=169092&hb_provider=prebid&vid=efb1620c-f688-453c-8ccd-126052553619&pfid=68&f=1&slot=native&fv=1283&ts=1699281052123&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://t.teads.tv/track?action=adCall&pid=169092&pageId=154680&auctid=6e12a43b-c81c-432d-ae04-37e53d4b78e4_c3bf1141-0ba9-45ad-a655-7dc33d53e178&vid=efb1620c-f688-453c-8ccd-126052553619&hb_provider=prebid&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&env=js-web&gtc=1&gdpr_apply=false&gac=1&gap=1&ca=false&bsg=uncat&bsias=unsafe&pfid=68&gid=1087663&sid=174681&brid=7119&cid=1150932&rpm_reason=3&ut=1&p=yIPmkcGOto9sx4OV6ALALKpetRK7K2GSTx7UpOdBRLzRGQAvcJsk6vFZNOIIEem0lYfk4IBUcDfP7I1Bs8X_Wvj-&cts=1699281045447&cs=235574582174640231605&slot=native&fv=1283&ts=1699281052151&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 505)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://ad.doubleclick.net/ddm/trackimp/N1003055.2065319TEADS/B30725832.376914470;dc_trk_aid=568155215;dc_trk_cid=200199319;ord=1699281052218;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://cdn.vidverto.io/secured2/vb_8UML1NpHIdmLfBOM8oA:1699284644/1327/video/1811/480_650.mp4
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cdn.vidverto.io/secured2/vb_8UML1NpHIdmLfBOM8oA:1699284644/1327/video/1811/480_650.mp4
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 505)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4347799068408990&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2932055677&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fvb_8UML1NpHIdmLfBOM8oA%3A1699284644%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=3E0F821C-77F0-422C-AD5B-CD97B578E45F&nel=0&eid=44750824%2C44772139%2C44777649%2C44781409%2C44802463%2C44803784&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fman-gu-xin-ren-qu-na-pai-hun-sha-duo-cai-mo-luo-ge-feng-lu-guan-chao-hang.html&dt=1699281054236&cookie=ID%3Df0e5a09e382c81e4%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_Mb4wj_ykUm1_XwhKAqNHQVYVTKmpA&gpic=UID%3D00000cb7138c9a35%3AT%3D1699281043%3ART%3D1699281043%3AS%3DALNI_MZGxugCCgmATH-PKRg_ISq4VnasyA&scor=508278899832926&ged=ve4_td12_er698.400.699.800_vi0.0.1200.1600_vp100_ts6_eb24168
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://s0.2mdn.net/instream/video/client.js
Message:
Failed to load resource: net::ERR_QUIC_PROTOCOL_ERROR.QUIC_NETWORK_IDLE_TIMEOUT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

92330f3f6f23cd6f8f732cb0169fa485.safeframe.googlesyndication.com
a.rfihub.com
a.sportradarserving.com
a.teads.tv
a4p.adpartner.pro
a5174.casalemedia.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.mox.tv
ad.sxp.smartclip.net
ad.vidver.to
ad.vidverto.io
ad4m.at
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.servenobid.com
ads.smartstream.tv
ads.stickyadstv.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
b1sync.zemanta.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.doubleverify.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidverto.io
cds.taboola.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cookiesync.api.bliink.io
cs.media.net
csi.gstatic.com
csync.smilewanted.com
d2q8xv8xf7whrd.cloudfront.net
delivery.adrecover.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google.partners.tremorhub.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hb.yahoo.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.liadm.com
ib.adnxs.com
id.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
inv-nets.admixer.net
js-sec.indexww.com
live.primis.tech
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mts0.google.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
public.servenobid.com
px.ads.linkedin.com
region1.google-analytics.com
rtb.adentifi.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
s8t.teads.tv
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.taboola.com
sync.teads.tv
t.teads.tv
t2.teads.tv
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
tr.blismedia.com
trace.mediago.io
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
x.bidswitch.net
a.rfihub.com
a.sportradarserving.com
a5174.casalemedia.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.sxp.smartclip.net
ad.vidver.to
ad.vidverto.io
ad4m.at
adpushup-d.openx.net
ads.servenobid.com
ads.smartstream.tv
ap.lijit.com
b1sync.zemanta.com
bidder.criteo.com
c1.adform.net
cdn.vidverto.io
ce.lijit.com
cm.adform.net
contextual.media.net
cs.media.net
d2q8xv8xf7whrd.cloudfront.net
google.partners.tremorhub.com
googleads4.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
i.liadm.com
image2.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
match.adsby.bidtheatre.com
match.prod.bidr.io
match.sharethrough.com
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pubads.g.doubleclick.net
public.servenobid.com
px.ads.linkedin.com
rtb.adentifi.com
s0.2mdn.net
s8t.teads.tv
ssp-sync.criteo.com
static.bg3.co
static.criteo.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.richaudience.com
sync.teads.tv
t.teads.tv
t2.teads.tv
token.rubiconproject.com
tr.blismedia.com
trace.mediago.io
us-u.openx.net
www.googleadservices.com
www.gstatic.com
103.231.174.251
104.16.86.20
104.20.219.77
104.26.5.103
13.32.99.81
130.211.44.5
141.226.224.32
141.226.228.48
142.250.181.226
142.250.181.228
142.250.184.226
142.250.184.232
142.250.185.131
142.250.185.138
142.250.185.161
142.250.185.194
142.250.185.198
142.250.185.74
142.250.185.97
142.250.186.162
142.250.74.194
147.75.84.158
151.101.1.44
151.101.130.137
151.101.193.44
152.199.21.70
154.54.250.150
162.210.196.208
167.235.184.171
172.217.16.193
172.217.163.35
172.217.18.2
172.64.149.180
172.64.151.101
172.67.10.198
178.250.1.11
178.250.1.8
18.66.97.52
184.30.21.51
184.30.22.30
185.106.33.48
185.180.223.67
185.29.134.248
185.86.138.155
185.89.210.90
188.42.191.196
193.108.153.19
198.47.127.18
2.18.161.51
212.8.250.228
213.19.162.41
216.239.32.36
23.56.202.187
23.97.225.52
3.123.247.10
3.124.160.8
3.233.145.247
3.73.254.34
3.75.62.37
34.120.63.153
34.91.62.186
35.205.65.172
35.227.252.103
35.244.174.68
37.157.3.20
51.83.220.94
51.89.9.253
52.214.193.22
52.223.40.198
52.46.143.56
54.155.236.110
54.228.148.187
54.77.250.56
69.173.144.137
69.173.144.138
69.173.144.165
76.223.111.18
8.2.108.194
91.228.74.208
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
046fd6da69d65ef5095e39f6b6dcdc1d6466bfc9cf62eebe047f172697827899
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06a3d98a3905a256bd8f4aaa9ceb93b4c5d5ec0bbdef21a24271f5d8835fdc6a
08133ec4f237bf226f251eb7925e4a5aaf6ea4db8bf1f3f1db86fd10fba36b5d
085e85263c4f84e282ff973ce564c40757303a9c4aef19f6f2f98c1992399020
09909577463f5aa08978e66bcac1a6a939f2c86433ff92f47a8582f089e75698
0a1e8eedc94c0cedc3c62afbd806bbc36b5863094f2fb961d4855cd53a7ec407
0a80f36b81bb1520637bb04834c9dff97b03b1367910d4baa9ac695e7daf2841
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0daacbec8b84ea75e745a5eb6f3556e1e9e0bd14566bd91e7f3c5a0a53c6c178
0e7bf5514e66181229677ebc30bc00ceec297229f58021ab622021b54cbbc1c2
0eaed749931e3a7cbfcecd1c0ecfff06e953caebf0d3fb3850cc6b0857308c14
0f9633e3eb0bcc9ab4f4b506d71918d5451f4ae65e929dd87bac259b7d1129b6
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
114cdc8589b924431c59ca966326d3a64d994016bdc1204dd569f6c0b4127f60
11698b459bf78eb31a0997fcea24f956aa1e4d89761021f4509cfb36bffab28a
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
13e09b52a44105efebec83dd243ee6fd0354b2446ca7f0c2bb3414fdc4143fbc
15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b
16a2002fe6073aa0708f1048d7e523b42f8043a72770e1c5782c7e1010ab03a0
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59
1aa7f035c2446d046b406af2d4c416cb6389213bc9ed4011b14cadad524a9499
1b61cd22e13ff1b780738095e963bae3609e6567bdc8cbadaaf64402c59513b2
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1e1f158f7d5d6d220892d4b543eab502cbbc6438aac25f6de6d1353fc5aa7389
1f9f0f14bcdae60c13c8dd9144ad85f418db56ba1c057d3c7a5c2b0e8399d524
223b0d1f5fe9805e59af9f9b4eca70ba74d52431790f365d72f6c4c761d1c961
25360b90f84d350935cbcb115216f9ecd2a2a0371a038c8d4b44f61e6b8f4eb7
255bb19a77ea949d156e748a6d1ce4b1eadbac7c599cf0c5383a5d6782b20ba2
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2a1d99c91471524a71612ba09aaf2582a5282e85469016bc480c55b9dcff6a4b
2adee87fcb8a2f7509abdc4b195a1c0b73d8967ed7b507a05337f6badb5133d6
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31924d61890f7e85f15d4dc31227a016d0893e5105a68718ec9a44c205780ab2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ee1cf059c27b908a136283d4dec5831b42e0a7cfcf6a6a1c9fe485896cef2d
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586
37412b30b641c63ffcbc775b5fc2a497f2f2d99a5eb74dcc3adf02ef76cdfa0f
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
38f324cd35cbc810bb9bee7a118c502dda6b97ed0af19e2da73f4d4223b1f172
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3bf6ad585e13e6e4b6832a8c8b75b1c83b4e7ee3683c5f786a274527b5fe7d27
3c2b33470f71b406f376d87a73f3236288f686359b37a640e281f9a2c41025d4
3d2fca20c72ba0c2803a37dd2c5403844c091b8c0db7cb843d587ef84a434cec
3e584f0dadd9e3c67522fc3fafe0bdaa96281cac762788fe8245d9275e6450ee
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4264d2c442f18cc5aa7079a72a709e32811075aced702e27170b5bbf474e4a9a
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43a5d19d130b0a487dc7424de79ea23fbe2c3e7b9b5048394ba25b4b0e3eafd9
43b28e8c3e5b0d5d16164fa7f1157715d24011825c1f47bac04607f975b0f3e8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453549f96dfe36d7613d358a5af8f6d3d5cb543eccf49e174fbdb9ec59ed121e
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8
45da17b10801949d96d632772eb2936456daca7c8791778cdfc7b183a00d9a04
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f3814580ed67b82400f08e6e77214c1ab59427a34f8a4180b2129f70c477ec
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47abe6b0aebcc3f6c94714081c3808aba09cc53eb4944111956de21be699cb00
484c056599160cd1328dae9492e4c91279c8e888b2f7ad943ae447ea200668c6
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d9bc8bbd7bdb94bd39db7924f8b76b656cc4bbedb8d3744bece43bcd0bd3661
4dee7bd3e3a19e8147f265b7fe3a7c1c88bfaae5d70addf47cab297a4126c5c3
50fb084e53a8aeffaefffbe1612b995ff22ec168455280aae50f40187263fbeb
51aa07837ba92ab9a6da0289bbc8cf0d5c54106290231bce6750faa6bb57f6e8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
563b5cebb070505baced6cb9a1649f20c1d59e3f49ac9b7f669ab0bfa01916e1
566460b09094730561e79bb8304e48f097dbc06fff016b2c055673c1e77a9839
56bc33db1741248df0fdf247982ccf7e0b109b61a66fa1316f8b25fdb9cfb794
57d726902e7e61bdd77159edc80d18774870eadd91c277653646d3374aba27af
59b7ba00c6170e1a890c797cc9cbc41b56543ce632405f6643272f280e6ea01a
5a9ea7c2395ec54815384590db64d80caf149a93926b12dc10ae90e04f95e73a
5bee226f60cc50dcf362ba1007c883b2c594dd0b852072c7dd8a26c238d343c7
5caee3aaa1a04aac55e465614f4329486f5f2a3626706f000b61cc434ad92838
5e211413f65ee1c76b82bc984d801c2c04307772e9da17ab7660a28b6f1e74aa
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230
63a24c909284da362fe8abf7550507792ac790f99893bd1c9ef838a06d48464f
651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66ac1baf13c1e2a705b1faa04c4fcb5a729628f12eb8e1106224a321b75b354e
6a10026a5515532bc83d5cc40f634aaca4ee39b21ae46ab1edcfd12f8e90396d
6a48d3d2e58721e4e80b4ab99055e3aa6e0707dc1fa76da809667315349b632c
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
718cf01ee14fce07ddb7d51e4e80fbb32c5fb62b2ea6f36dd9cd968efda861c5
745b63e80b66a7a5c73e8ad4fecefd5c25ceb19ed68eb838a248caeaacf0dd91
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7a036ab46eca7dcea2b5756c526a6dc2381aaf9c31b4c2bf0f0b64cfb85105b6
7a0ece5d893331e0f86cef5b7c0ffcd9766e8c22452b653118aebef8a7365152
7df67e7a88c4579786e376d1f316cb714e4b7c3bb5434a7fdb66cf3282aaed0a
7e09530696c1d2d1afed3334bd55d150ea38426cddfcc2d6033b3ec5b6db866f
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
80bd9f4f42e2a8fc72c3c71dbe5d2ae87241ec44d78689b5210018be6d3717cd
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
8650999c3cf7ab4a078baabd7987daa70e1fe86439e39e3b36fc3c36104bb538
88c5316269d027d86caacb864643422ccf0429d1f65800515dd13485499156d2
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8edc832c4c233e8e48f9cbffeac3d0deb56f3f0a3c5c2df7aec6cb73987549bc
900ec78b1fa39580505c2dce4aa6c8c421936098b2ade5d65c2f0c21acc2030f
915e540ec4846f32a7e0ded607aecbe88840842f30933a946260d0fdcd72c782
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9dc5b8bc99ddfbb0e3cfa4bcb5b4affdd531cf598bb58f4bd47f0f1d1aa3f1d3
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1d03b476888ae905bc214b6bb86077959a05e7ecb2bff5ab5d5063611e91f01
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a1ef24e0c8a4295538fdbbcf62bb6bd72b24a60c9588c7178be5c54b6ac17b93
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a5b5fba2a0ce725ab390525e789bd93ba1c8c016e23215ba7ce37a350251d059
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61
a6225201ce81d29bfcd33554f37e843f4f4311e7714aae33d483ef144aac569c
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a79a126bb696d3a191508b191f0bb3891d24803a962f9edc1a25fcbf1ccb5916
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141
a7acb1d5e2c7d802f11ad0efd1cf8eb7b724f5737f68575ae61ba0e447021bc6
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
a852b50993fb4f7c1557594df0d2ace0b25322e34901fe6dca6399833a2df6b0
a91ba23c02a9c343dd527fd8b42544211314ec443cda1ec326b849a0098cb8f8
a97c2e13ef8b886ac2035a760bca4489c371a0cec678b506f0fc126bdeed4dbc
a9ace66b5ad490abe75f138bb1c167216bc3a1b0ea343b88190cd06b35147456
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac2fe2697b560ed2c6826bf1e2aa8e2e11976155d5d72410a196d04beffb10a4
ae819b3e8e1a272e52dcf053a461a0fb7f95879cfaad36d2cd3a16ba81eacbff
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a
b7da0db3e657e460fc32d3572c8576f410c0c08c7d6661ad84edb40e2df6a95c
b85adb89209d84977a2cfe15dd912a20cbc996f90a689e5b20bb035e3b3fcd4b
b8772a132b701c01463cd2da89c0f05adc6a0d45824ae699de2e9abc043dba71
b93a4a5f86c5d4a805ebb9f4a776ae5d5237bc22355fd8eaa10eb3393e60a06b
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
c0241c3f3f13bb847c5aff54769b3de470d263a088a589ae4b3efb768270d7b2
c0f4690eae686e92e3e6a2927ecfddc7ddd6071fcdde0b97343b5acaa2b71948
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25a259861a8e488612ce06a2c21a3361ad515dc764c8b4da09e75fa54110463
cb6041dfa840839f10f93b76f66b19f62cdc1e054483ed8f1211ab7e34b52090
cb6be1aab2e03f12317c0cfbae3cf593ee7bf8ba0262c4784692ae9286712423
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f
cd7af4a8ea770471dc4746a7ee079ff79d59a2d8e5d2a53dd23e4b1155f78d1f
d0a7178e72e957378c0f7b49e1199dceefbec6bfc4204b9b2ad7b913ed68a725
d26ae523edbd258d6f649f6cef6e79b453dd38400e8fb58aae62422d3e324ef1
d4381aff52057c55df11fa459a0257d6f7524a3c4e8cb749908e1814583d5175
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d71f15e40a332b01a051d53e8b0bbb334f02456038d71e42ca042a109f85089e
d814714dfdb518b0e13c82074c7ba39581f53169afcc1424f88e25927f020adb
dafe7c1f3ad5a6b7b798dd0353fdac10e44f901e0062739cadb4d34b594e3b6d
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41b7c25142a951f4021e46030b3f1f3e7d675871210d605e9e00103b03dbc0d
e47569e7537e1efec41068d03f3a689849fa380767294b1cbcf349961ee822e7
e5734d5e67c9230622730f3d1bd6531170f5ccfb92dff2e299617a0bb0f917f8
e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7
e814fcebd232b1bd6c01f75c6be920e4d3b674a48a20c937a28df2556a90dd04
e85a7b370672e0815dab5d27fff70027b94b760abc1c43bfe4a4f3ae074f98b2
eaed891fb8da3e0298b57a6bf5ce06806364bc946ddd5ac5e8087d1487ed858e
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6c684a92c2d2e2e3ef7a7c60020dd1568986226a250ede78e112f88d143976
f03ea718e3c89f9d30e8990bd107def41d65d7c443bb24338ded25364752800d
f121de070aa6d63e0ddef92b4c326e46b64d2436539f434af422af53590f577c
f31575b6d06519c6610e42b0b7deae0ef561c46c3e1f3ba6c30f3fa1978c2d7f
f66a1b38e9b220da5b6a1134785acfc1890a1c94eb0a00b8d0d0bb9ce5647b86
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f9069e765fbe398f997add12a68cb2a29757379a4419198ef6fc3f627a06011f
f9181b5f805ea4f23beddd61025a4dae21f05e8728b6ee5aad10f343912f6633
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e