urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo...
Submission: On September 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 145 IPs in 13 countries across 120 domains to perform 796 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 754565.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
16 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
2 104.20.218.77 13335 (CLOUDFLAR...)
1 6 162.210.196.208 30633 (LEASEWEB-...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 152.199.21.70 15133 (EDGECAST)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
75 151.101.193.44 54113 (FASTLY)
87 2a00:1450:400... 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (STACKPATH...)
5 10 2a02:2638:d::d 44788 (ASN-CRITE...)
1 2600:9000:244... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
10 2a02:2638:3::3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
5 2a00:1450:400... 15169 (GOOGLE)
22 185.180.220.208 49981 (WORLDSTREAM)
6 2a00:1450:400... 15169 (GOOGLE)
1 162.19.138.119 16276 (OVH)
25 141.226.228.48 200478 (TABOOLA-AS)
3 2600:1f18:24e... 14618 (AMAZON-AES)
8 23.97.225.52 8075 (MICROSOFT...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
6 9 2620:116:800d... 16509 (AMAZON-02)
2 178.250.1.11 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 9 51.89.9.252 16276 (OVH)
5 2a00:1450:400... 15169 (GOOGLE)
1 1 51.83.220.94 16276 (OVH)
7 10 18.196.138.245 16509 (AMAZON-02)
3 3 96.46.186.57 7979 (SERVERS-COM)
1 175.110.113.213 49981 (WORLDSTREAM)
1 69.173.144.137 26667 (RUBICONPR...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 185.255.84.150 200271 (IGUANE-)
1 34.107.148.139 396982 (GOOGLE-CL...)
7 12 185.89.211.116 29990 (ASN-APPNEX)
1 95.101.149.35 16625 (AKAMAI-AS)
1 3 147.75.84.158 54825 (PACKET)
1 3.75.110.88 16509 (AMAZON-02)
5 35.186.253.211 15169 (GOOGLE)
12 52.51.73.145 16509 (AMAZON-02)
3 20 104.18.39.155 13335 (CLOUDFLAR...)
1 18.192.168.246 16509 (AMAZON-02)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
8 104.22.68.131 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
1 5 35.244.159.8 15169 (GOOGLE)
11 52.223.40.198 16509 (AMAZON-02)
2 8 2a05:d018:d29... 16509 (AMAZON-02)
21 2a00:1450:400... 15169 (GOOGLE)
44 2a00:1450:400... 15169 (GOOGLE)
2 13 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
18 95.101.149.233 16625 (AKAMAI-AS)
19 49 216.58.206.34 15169 (GOOGLE)
4 4 104.64.126.246 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 69.173.151.100 26667 (RUBICONPR...)
41 2a00:1450:400... 15169 (GOOGLE)
5 185.165.240.123 49981 (WORLDSTREAM)
4 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 5 209.54.182.161 16509 (AMAZON-02)
1 3 54.239.38.253 16509 (AMAZON-02)
4 4 69.173.144.139 26667 (RUBICONPR...)
2 7 69.173.144.165 26667 (RUBICONPR...)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
2 4 216.52.2.6 32475 (SINGLEHOP...)
1 4 185.86.139.94 201081 (SMARTADSE...)
1 1 52.45.175.185 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
11 2404:6800:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
1 2602:803:c003... 26667 (RUBICONPR...)
3 23.32.185.35 16625 (AKAMAI-AS)
8 2a00:1450:400... 15169 (GOOGLE)
1 185.84.60.29 198622 (ADFORM)
2 2a00:1450:400... 15169 (GOOGLE)
1 178.250.1.6 44788 (ASN-CRITE...)
1 178.250.1.9 44788 (ASN-CRITE...)
1 141.226.224.32 200478 (TABOOLA-AS)
11 2a02:2638:d::13 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
4 6 178.250.7.11 44788 (ASN-CRITE...)
2 95.101.148.20 16625 (AKAMAI-AS)
4 18.197.134.14 16509 (AMAZON-02)
3 9 185.86.138.155 201081 (SMARTADSE...)
3 5 13.248.245.213 16509 (AMAZON-02)
5 3.71.149.231 16509 (AMAZON-02)
7 10 37.157.6.233 198622 (ADFORM)
1 185.255.84.153 200271 (IGUANE-)
1 2 34.250.238.79 16509 (AMAZON-02)
2 34.246.32.191 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 3.65.188.50 16509 (AMAZON-02)
4 6 70.42.32.127 22075 (AS-OUTBRAIN)
14 185.64.191.210 62713 (AS-PUBMATIC)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 23.32.185.192 16625 (AKAMAI-AS)
1 34.255.244.27 16509 (AMAZON-02)
1 3.126.31.96 16509 (AMAZON-02)
6 142.250.185.194 15169 (GOOGLE)
4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 139.162.23.100 63949 (AKAMAI-LI...)
3 99.81.152.59 16509 (AMAZON-02)
9 10 46.228.174.117 56396 (AMOBEE)
1 2 54.154.13.244 16509 (AMAZON-02)
1 52.31.202.102 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 5 52.28.44.182 16509 (AMAZON-02)
3 4 35.204.74.118 396982 (GOOGLE-CL...)
2 5 198.47.127.19 3257 (GTT-BACKB...)
2 2600:9000:223... 16509 (AMAZON-02)
2 172.217.16.130 15169 (GOOGLE)
4 2600:1f13:800... 16509 (AMAZON-02)
1 3.130.41.166 16509 (AMAZON-02)
1 151.101.1.108 54113 (FASTLY)
2 104.18.38.76 13335 (CLOUDFLAR...)
1 108.139.243.89 16509 (AMAZON-02)
1 167.71.9.19 14061 (DIGITALOC...)
1 2 23.212.88.20 16625 (AKAMAI-AS)
1 52.31.136.103 16509 (AMAZON-02)
3 23.32.184.192 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 3.221.79.249 14618 (AMAZON-AES)
1 1 216.52.2.91 30282 (AS-INAPCD...)
4 4 2001:678:cb4:... 56396 (AMOBEE)
3 3 193.0.160.130 54312 (ROCKETFUEL)
1 69.166.1.34 27630 (AS-XFERNET)
1 1 18.210.34.36 14618 (AMAZON-AES)
1 8.2.110.24 46636 (NATCOWEB)
1 2a00:1450:400... 15169 (GOOGLE)
7 9 54.197.82.124 14618 (AMAZON-AES)
1 1 34.160.19.107 15169 (GOOGLE)
3 6 151.101.194.49 54113 (FASTLY)
1 1 185.183.112.155 60350 (VP)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 12 52.210.15.1 16509 (AMAZON-02)
3 3 52.22.231.105 14618 (AMAZON-AES)
1 1 52.0.248.85 14618 (AMAZON-AES)
1 169.197.150.8 398989 (DEEPINTENT)
1 2 2.23.197.190 16625 (AKAMAI-AS)
3 3 208.93.169.131 46244 (WEBMD-IDC...)
1 1 202.241.208.52 4694 (IDCF IDC ...)
1 80.77.87.163 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
5 198.47.127.205 62713 (AS-PUBMATIC)
1 2 52.18.182.246 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 2 162.55.233.29 24940 (HETZNER-AS)
2 8.2.110.114 46636 (NATCOWEB)
1 1 2.16.202.75 20940 (AKAMAI-ASN1)
3 185.64.190.81 62713 (AS-PUBMATIC)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 72.251.245.179 32475 (SINGLEHOP...)
2 2 35.214.244.205 15169 (GOOGLE)
10 10 52.48.219.162 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 77.243.51.121 42697 (NETIC-AS)
6 6 141.94.171.215 16276 (OVH)
2 2 54.155.69.215 16509 (AMAZON-02)
2 2 18.198.126.47 16509 (AMAZON-02)
1 1 51.255.68.171 16276 (OVH)
796 145
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
16    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
16    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
6    162.210.196.208 (Clinton, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
4    2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
5    2a02:26f0:3500:12::1730:1786 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.adpushup.com
75    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstatb.taboola.com
pips.taboola.com
87    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
10    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2600:9000:2447:c000:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
10    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
5    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
75af943cf76591a6135a999a133351ee.safeframe.googlesyndication.com
0680a2e874d6ba6d9e127aab8b3d807e.safeframe.googlesyndication.com
22    185.180.220.208 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.vidverto.io
6    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
25    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
am-wf.taboola.com
3    2600:1f18:24e6:b901:df54:bbc1:d058:f5d7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
8    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
9    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d-27262595401722679046.ampproject.net
3    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
5    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
10    18.196.138.245 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-138-245.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    175.110.113.213 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-213.hosted-by-worldstream.net
ad.vidver.to
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
12    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
3    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    3.75.110.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-110-88.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
5    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
12    52.51.73.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
ads.servenobid.com
20    104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
r.casalemedia.com
ssum-sec.casalemedia.com
1    18.192.168.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-168-246.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
8    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
1    2600:9000:223c:4600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
adpushup-d.openx.net
11    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
8    2a05:d018:d29:3602:9368:3d72:e6f:ea07 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
21    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
44    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
13    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700:e6::ac40:c526 (United States)

ASN13335 (CLOUDFLARENET, US)
amp.analytics-debugger.com
18    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
49    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
cm.g.doubleclick.net
4    104.64.126.246 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
41    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    185.165.240.123 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-165-240-123.hosted-by-worldstream.net
cdn.vidverto.io
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
7    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
4    216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
11    2404:6800:4001:807::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2602:803:c003:200::37 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
3    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
criteo-sync.teads.tv
8    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    185.84.60.29 (Denmark)

ASN198622 (ADFORM, DK)
adx3.adform.net
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
widget.nl3.eu.criteo.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
11    2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
6    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
4    18.197.134.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
match.sharethrough.com
9    185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
5    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
5    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
10    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
c1.adform.net
dmp.adform.net
1    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    34.250.238.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-238-79.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    34.246.32.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-32-191.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    3.65.188.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-188-50.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
6    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
b1sync.zemanta.com
14    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2600:1f18:612b:4232:9d4e:6678:22fa:de31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    23.32.185.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-192.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    34.255.244.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-244-27.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    3.126.31.96 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-31-96.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
6    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
4    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
1    139.162.23.100 (Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li865-100.members.linode.com
a.c.appier.net
3    99.81.152.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-152-59.eu-west-1.compute.amazonaws.com
match.360yield.com
10    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    54.154.13.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-13-244.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
1    52.31.202.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-202-102.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2a00:1450:4001:16::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
rr1---sn-4g5ednd7.googlevideo.com
5    52.28.44.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-44-182.eu-central-1.compute.amazonaws.com
pm.w55c.net
4    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
5    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    2600:9000:223f:2a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
ade.googlesyndication.com
4    2600:1f13:800:7781:dd90:d3ef:9f10:1c0d (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
1    3.130.41.166 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-41-166.us-east-2.compute.amazonaws.com
s.thebrighttag.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    108.139.243.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-89.mxp63.r.cloudfront.net
public.servenobid.com
1    167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
bgstats.mox.tv
2    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
c21lg-d.media.net
hbx.media.net
1    52.31.136.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-136-103.eu-west-1.compute.amazonaws.com
g2.gumgum.com
3    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2600:9000:223f:e600:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    3.221.79.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-79-249.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    216.52.2.91 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    18.210.34.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-34-36.compute-1.amazonaws.com
ssp.disqus.com
1    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
9    54.197.82.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-82-124.compute-1.amazonaws.com
a.audrte.com
1    34.160.19.107 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
6    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    185.183.112.155 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    2a05:d018:cc3:fe05:2a7f:a7af:d979:6620 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
12    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
3    52.22.231.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-231-105.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    52.0.248.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-248-85.compute-1.amazonaws.com
sync.ipredictive.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
stags.bluekai.com
3    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    202.241.208.52 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
5    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    52.18.182.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
2    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    2.16.202.75 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-75.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    85.114.159.118 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    72.251.245.179 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    35.214.244.205 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 205.244.214.35.bc.googleusercontent.com
csync.loopme.me
10    52.48.219.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-219-162.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
4    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
6    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
2    54.155.69.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-69-215.eu-west-1.compute.amazonaws.com
ads.avct.cloud
2    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loada.exelator.com
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
Apex Domain
Subdomains		 Transfer
138 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
75af943cf76591a6135a999a133351ee.safeframe.googlesyndication.com
0680a2e874d6ba6d9e127aab8b3d807e.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 341
1 MB
101 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1076
trc.taboola.com — Cisco Umbrella Rank: 674
vidstat.taboola.com — Cisco Umbrella Rank: 2913
am-trc-events.taboola.com — Cisco Umbrella Rank: 13572
images.taboola.com — Cisco Umbrella Rank: 1811
imprammp.taboola.com — Cisco Umbrella Rank: 13424
am-match.taboola.com — Cisco Umbrella Rank: 13561
wf.taboola.com — Cisco Umbrella Rank: 3138
am-vid-events.taboola.com — Cisco Umbrella Rank: 12698
vidstatb.taboola.com — Cisco Umbrella Rank: 5470
pips.taboola.com — Cisco Umbrella Rank: 1685
cds.taboola.com — Cisco Umbrella Rank: 2059
sync-t1.taboola.com — Cisco Umbrella Rank: 1485
am-wf.taboola.com — Cisco Umbrella Rank: 14755
3 MB
101 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
cm.g.doubleclick.net — Cisco Umbrella Rank: 259
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
pubads.g.doubleclick.net — Cisco Umbrella Rank: 430
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 393
870 KB
41 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 338
5 MB
38 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 981
fastlane.rubiconproject.com — Cisco Umbrella Rank: 557
eus.rubiconproject.com — Cisco Umbrella Rank: 656
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1188
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1232
token.rubiconproject.com — Cisco Umbrella Rank: 662
pixel.rubiconproject.com — Cisco Umbrella Rank: 385
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 8805
109 KB
30 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 896
image6.pubmatic.com — Cisco Umbrella Rank: 869
ads.pubmatic.com — Cisco Umbrella Rank: 572
image2.pubmatic.com — Cisco Umbrella Rank: 1056
simage4.pubmatic.com — Cisco Umbrella Rank: 1301
40 KB
27 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 31959
cdn.vidverto.io — Cisco Umbrella Rank: 43491
423 KB
23 criteo.net
static.criteo.net — Cisco Umbrella Rank: 653
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8975
csm.eu.criteo.net — Cisco Umbrella Rank: 8658
220 KB
22 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 455
mug.criteo.com — Cisco Umbrella Rank: 2500
bidder.criteo.com — Cisco Umbrella Rank: 866
ads.eu.criteo.com — Cisco Umbrella Rank: 8559
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9434
widget.nl3.eu.criteo.com — Cisco Umbrella Rank: 16542
dis.criteo.com — Cisco Umbrella Rank: 633
78 KB
20 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 645
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 629
r.casalemedia.com — Cisco Umbrella Rank: 1668
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 505
13 KB
16 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 399
328 KB
13 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1688
usersync.gumgum.com — Cisco Umbrella Rank: 2138
4 KB
13 gstatic.com
fonts.gstatic.com
csi.gstatic.com
38 KB
13 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 906
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 730
4 KB
13 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
13 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 490
ups.analytics.yahoo.com — Cisco Umbrella Rank: 352
4 KB
13 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2661
public.servenobid.com — Cisco Umbrella Rank: 5257
8 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 279
secure.adnxs.com — Cisco Umbrella Rank: 500
acdn.adnxs.com — Cisco Umbrella Rank: 643
26 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15734
e3.adpushup.com — Cisco Umbrella Rank: 18621
282 KB
12 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1391
rtb.openx.net — Cisco Umbrella Rank: 796
google-bidout-d.openx.net — Cisco Umbrella Rank: 1399
us-u.openx.net — Cisco Umbrella Rank: 518
adpushup-d.openx.net — Cisco Umbrella Rank: 25659
2 KB
11 adform.net
adx3.adform.net — Cisco Umbrella Rank: 62285
cm.adform.net — Cisco Umbrella Rank: 1256
c1.adform.net — Cisco Umbrella Rank: 660
dmp.adform.net — Cisco Umbrella Rank: 3578
6 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 379
2 KB
11 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 369
grid.bidswitch.net — Cisco Umbrella Rank: 1197
3 KB
10 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 632
6 KB
9 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2910
6 KB
9 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 799
1 KB
9 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1322
pixel.quantserve.com — Cisco Umbrella Rank: 1108
cms.quantserve.com — Cisco Umbrella Rank: 933
12 KB
8 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1012
static.adsafeprotected.com — Cisco Umbrella Rank: 683
dt.adsafeprotected.com — Cisco Umbrella Rank: 607
101 KB
8 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 335
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1106
6 KB
8 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6963
csync.smilewanted.com — Cisco Umbrella Rank: 3056
static.smilewanted.com — Cisco Umbrella Rank: 11944
16 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
imasdk.googleapis.com — Cisco Umbrella Rank: 521
713 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 624
4 KB
6 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3243
3 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 778
1 KB
6 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1977
www.google-analytics.com — Cisco Umbrella Rank: 49
760 B
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 666
eb2.3lift.com — Cisco Umbrella Rank: 440
2 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 226
340 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 37628
sync.aralego.com — Cisco Umbrella Rank: 3214
4 KB
5 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1052
5 KB
5 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 743
match.360yield.com — Cisco Umbrella Rank: 2383
992 B
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 747
ce.lijit.com — Cisco Umbrella Rank: 1071
2 KB
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1453
contextual.media.net — Cisco Umbrella Rank: 712
c21lg-d.media.net — Cisco Umbrella Rank: 2693
hbx.media.net — Cisco Umbrella Rank: 1338
11 KB
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1294
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 991
2 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 935
2 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3462
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3625
413 B
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 886
1 KB
4 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 610
103 B
4 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1581
sync.teads.tv — Cisco Umbrella Rank: 1452
criteo-sync.teads.tv — Cisco Umbrella Rank: 2585
867 B
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15983
42 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 20565
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 23515
898 B
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 617
2 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 773
2 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 982
2 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1332
1 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1027
373 B
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1606
2 KB
3 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9350
757 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 26361
2 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4809
1 KB
2 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3456
672 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1063
419 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1513
565 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1767
1 KB
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3341
2 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2211
422 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 957
485 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 596
701 B
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 628
984 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 597
1 KB
2 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3508
cs.admanmedia.com — Cisco Umbrella Rank: 1127
20 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 733
cdn.indexww.com — Cisco Umbrella Rank: 1763
2 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 234
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1180
811 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 405
918 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
90 KB
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4269
visitor.omnitagjs.com — Cisco Umbrella Rank: 1072
690 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 351
3 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 828
id5-sync.com — Cisco Umbrella Rank: 432
31 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 820
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27806
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 16086
c.statcounter.com — Cisco Umbrella Rank: 10633
15 KB
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3650
566 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 605
587 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1207
696 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1148
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1099
465 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1446
181 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1661
424 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2045
281 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1737
367 B
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1432
274 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1120
399 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2275
370 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1988
160 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5532
526 B
1 mox.tv
bgstats.mox.tv — Cisco Umbrella Rank: 71048
66 B
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2521
268 B
1 googlevideo.com
rr1---sn-4g5ednd7.googlevideo.com — Cisco Umbrella Rank: 61627
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 745
338 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 14071
598 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2249
44 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2700
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4660
400 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 29811
153 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2893
399 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1358
879 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 3488
274 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 13837
561 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 41280
645 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 23946
3 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1255
634 B
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 55771
155 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10548
258 B
1 ampproject.net
d-27262595401722679046.ampproject.net
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1537
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1891
3 KB
1 bg3.co
www.bg3.co — Cisco Umbrella Rank: 754565
static.bg3.co Failed
14 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
796 120
Domain Requested by
87 pagead2.googlesyndication.com cdn.ampproject.org
www.bg3.co
pagead2.googlesyndication.com
ads.aralego.com
imasdk.googleapis.com
googleads.g.doubleclick.net
17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
49 cm.g.doubleclick.net 19 redirects googleads.g.doubleclick.net
eus.rubiconproject.com
17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
www.bg3.co
g2.gumgum.com
46 images.taboola.com www.bg3.co
44 tpc.googlesyndication.com www.bg3.co
17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
s0.2mdn.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
imasdk.googleapis.com
41 s0.2mdn.net imasdk.googleapis.com
www.bg3.co
s0.2mdn.net
googleads.g.doubleclick.net
22 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
21 googleads.g.doubleclick.net www.bg3.co
pagead2.googlesyndication.com
17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
18 eus.rubiconproject.com imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
ads.aralego.com
www.bg3.co
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
18 am-trc-events.taboola.com www.bg3.co
16 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
16 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
15 cdn.taboola.com www.bg3.co
cdn.taboola.com
14 simage2.pubmatic.com ads.eu.criteo.com
ads.pubmatic.com
public.servenobid.com
g2.gumgum.com
13 www.google.com 2 redirects www.bg3.co
17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
12 usersync.gumgum.com 1 redirects g2.gumgum.com
ads.pubmatic.com
12 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
12 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
11 imageproxy.eu.criteo.net ads.eu.criteo.com
11 csi.gstatic.com imasdk.googleapis.com
11 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
cdn.adpushup.com
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
csync.smilewanted.com
public.servenobid.com
10 match.prod.bidr.io 10 redirects
10 ib.adnxs.com 6 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
10 x.bidswitch.net 7 redirects ads.eu.criteo.com
g2.gumgum.com
public.servenobid.com
10 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
cdn.adpushup.com
static.criteo.net
10 gum.criteo.com 5 redirects cdn.taboola.com
static.criteo.net
cdn.adpushup.com
9 a.audrte.com 7 redirects ssbsync.smartadserver.com
ads.pubmatic.com
9 rtb-csync.smartadserver.com 3 redirects ads.eu.criteo.com
googleads.g.doubleclick.net
public.servenobid.com
ssbsync.smartadserver.com
9 onetag-sys.com 1 redirects ad.vidverto.io
cdn.adpushup.com
17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
www.bg3.co
public.servenobid.com
csync.smilewanted.com
8 pubads.g.doubleclick.net imasdk.googleapis.com
www.bg3.co
8 pr-bh.ybp.yahoo.com 2 redirects imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
ads.pubmatic.com
8 e3.adpushup.com www.bg3.co
7 sync.1rx.io 7 redirects
7 cms.quantserve.com 6 redirects 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
7 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
ads.eu.criteo.com
6 pixel.onaudience.com 6 redirects
6 sync-tm.everesttech.net 3 redirects g2.gumgum.com
ads.pubmatic.com
6 c1.adform.net 4 redirects ads.pubmatic.com
6 googleads4.g.doubleclick.net www.bg3.co
6 dis.criteo.com 4 redirects www.bg3.co
6 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 image2.pubmatic.com ads.pubmatic.com
5 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
5 pm.w55c.net 5 redirects
5 ups.analytics.yahoo.com ads.eu.criteo.com
googleads.g.doubleclick.net
public.servenobid.com
ads.pubmatic.com
5 eb2.3lift.com 3 redirects ads.eu.criteo.com
cdn.adpushup.com
5 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ssum-sec.casalemedia.com
5 cdn.vidverto.io www.bg3.co
5 rtb.openx.net cdn.adpushup.com
googleads.g.doubleclick.net
5 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
www.bg3.co
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 uipglob.semasio.net 2 redirects public.servenobid.com
g2.gumgum.com
4 ad.turn.com 4 redirects
4 ssum-sec.casalemedia.com public.servenobid.com
js-sec.indexww.com
ssum-sec.casalemedia.com
4 dt.adsafeprotected.com googleads.g.doubleclick.net
www.bg3.co
4 um.simpli.fi 3 redirects ads.pubmatic.com
4 sync.outbrain.com 2 redirects ads.eu.criteo.com
g2.gumgum.com
4 match.sharethrough.com ads.eu.criteo.com
17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
public.servenobid.com
csync.smilewanted.com
4 ssbsync.smartadserver.com 1 redirects 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
googleads.g.doubleclick.net
public.servenobid.com
4 ap.lijit.com 2 redirects public.servenobid.com
csync.smilewanted.com
4 token.rubiconproject.com 4 redirects
4 region1.google-analytics.com cdn.ampproject.org
www.googletagmanager.com
4 secure-assets.rubiconproject.com 4 redirects
4 trc.taboola.com cdn.taboola.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 simage4.pubmatic.com ads.pubmatic.com
3 bh.contextweb.com 3 redirects
3 sync.srv.stackadapt.com 3 redirects
3 p.rfihub.com 3 redirects
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 sync.targeting.unrulymedia.com 2 redirects ssbsync.smartadserver.com
3 match.360yield.com 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
googleads.g.doubleclick.net
3 us-u.openx.net 1 redirects googleads.g.doubleclick.net
3 aax-eu.amazon-adsystem.com 1 redirects eus.rubiconproject.com
ads.pubmatic.com
3 htlb.casalemedia.com cdn.adpushup.com
3 prebid.a-mo.net 1 redirects cdn.adpushup.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.betweendigital.com 3 redirects
3 fonts.googleapis.com cdn.taboola.com
17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
s0.2mdn.net
3 http-intake.logs.datadoghq.com cdn.adpushup.com
3 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 ads.aralego.com 1 redirects ads.aralego.com
2 loada.exelator.com 2 redirects
2 pubmatic-match.dotomi.com public.servenobid.com
ads.pubmatic.com
2 ads.avct.cloud 2 redirects
2 mwzeom.zeotap.com public.servenobid.com
ads.pubmatic.com
2 csync.loopme.me 2 redirects
2 cm.adgrx.com ads.pubmatic.com
2 dsp.adfarm1.adition.com 2 redirects
2 am-wf.taboola.com vidstat.taboola.com
2 us.ck-ie.com csync.smilewanted.com
2 sync.richaudience.com 1 redirects csync.smilewanted.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 creativecdn.com 2 redirects
2 stags.bluekai.com 1 redirects g2.gumgum.com
2 b1sync.zemanta.com 2 redirects
2 dmp.adform.net 2 redirects
2 ade.googlesyndication.com www.bg3.co
2 static.adsafeprotected.com googleads.g.doubleclick.net
2 fw.adsafeprotected.com 1 redirects www.bg3.co
2 dclk-match.dotomi.com 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
googleads.g.doubleclick.net
2 ad.360yield.com ads.eu.criteo.com
g2.gumgum.com
2 dpm.demdex.net 1 redirects www.bg3.co
2 cm.adform.net 1 redirects ads.eu.criteo.com
2 contextual.media.net ads.eu.criteo.com
cdn.adpushup.com
2 secure.adnxs.com 1 redirects ads.eu.criteo.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 sync.teads.tv googleads.g.doubleclick.net
2 fonts.gstatic.com ad.vidverto.io
2 www.google-analytics.com www.bg3.co
2 px.ads.linkedin.com 1 redirects eus.rubiconproject.com
2 pixel-us-east.rubiconproject.com eus.rubiconproject.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 prebid.smilewanted.com cdn.adpushup.com
2 mug.criteo.com www.bg3.co
2 oajs.openx.net 1 redirects www.bg3.co
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 dsp.nrich.ai 1 redirects
1 ads.stickyadstv.com 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 cs.admanmedia.com g2.gumgum.com
1 tg.socdm.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 sync.adotmob.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 www.youtube.com www.bg3.co
1 static.smilewanted.com csync.smilewanted.com
1 sync.admanmedia.com public.servenobid.com
1 hbx.media.net 1 redirects
1 ssp.disqus.com 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 ce.lijit.com 1 redirects
1 cs-server-s2s.yellowblue.io public.servenobid.com
1 sync.adkernel.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 c21lg-d.media.net contextual.media.net
1 bgstats.mox.tv www.bg3.co
1 adpushup-d.openx.net cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 s.thebrighttag.com www.bg3.co
1 rr1---sn-4g5ednd7.googlevideo.com www.bg3.co
1 beacon.krxd.net www.bg3.co
1 a.c.appier.net 1 redirects
1 e1.emxdgt.com ads.eu.criteo.com
1 sync-criteo.ads.yieldmo.com ads.eu.criteo.com
1 ad.yieldlab.net ads.eu.criteo.com
1 a.twiago.com ads.eu.criteo.com
1 criteo-partners.tremorhub.com ads.eu.criteo.com
1 exchange.mediavine.com ads.eu.criteo.com
1 matching.ivitrack.com ads.eu.criteo.com
1 r.casalemedia.com ads.eu.criteo.com
1 visitor.omnitagjs.com ads.eu.criteo.com
1 criteo-sync.teads.tv ads.eu.criteo.com
1 sync-t1.taboola.com ads.eu.criteo.com
1 cds.taboola.com cdn.taboola.com
1 widget.nl3.eu.criteo.com ads.eu.criteo.com
1 pips.taboola.com cdn.taboola.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 adx3.adform.net imasdk.googleapis.com
1 0680a2e874d6ba6d9e127aab8b3d807e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 75af943cf76591a6135a999a133351ee.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 beacon-ams3.rubiconproject.com www.bg3.co
1 ads.eu.criteo.com www.bg3.co
1 im.bluevoox.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 stats.g.doubleclick.net cdn.ampproject.org
1 vidstatb.taboola.com www.bg3.co
1 pixel.quantserve.com www.bg3.co
1 amp.analytics-debugger.com cdn.ampproject.org
1 google-bidout-d.openx.net oa.openxcdn.net
1 imprammp.taboola.com vidstat.taboola.com
1 rules.quantcount.com secure.quantserve.com
1 bidder.criteo.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 ad.vidver.to www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 d-27262595401722679046.ampproject.net cdn.ampproject.org
1 secure.quantserve.com cdn.adpushup.com
1 id5-sync.com cdn.id5-sync.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
0 static.bg3.co Failed www.bg3.co
796 208
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
cdn.adpushup.com
R3		 2023-08-23 -
2023-11-21		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
ad.vidverto.io
R3		 2023-07-26 -
2023-10-24		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
analytics-debugger.com
GTS CA 1P5		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
cdn.vidverto.io
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-27 -
2023-10-22		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
itm.ivitrack.com
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2022-11-06 -
2023-11-28		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-28 -
2023-12-29		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-15		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-08-29 -
2023-11-07		 2 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
bgstats.mox.tv
R3		 2023-07-24 -
2023-10-22		 3 months crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-08-07 -
2024-09-05		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh

This page contains 134 frames:

Primary Page: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Frame ID: 0E946884E976ECFF788A4630FA8ABF36
Requests: 236 HTTP requests in this frame

Frame: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 74C136A989CA34EC92BCD1385F44B75D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstp6r7-I_jih-f7ZmaY5CmimkRJXUQmfwzt2lQ94ItsMgkURW2Z-XupTuut5ENL5B_quNXq3mMQZymhZvexxPgkhg5Yb4LovRHktH--nBJLoXZiWfaMWiXy5XR8Rz6ZUrmrgqeiRKdNZyOiYyVXZ2oEIPP68odTazhXla27Djlm9nV7t8Qo716rNK2uYNdHhhj6Ms3_RfUFLl2Hq3hINE85SV25g5vEp0-T-XH7FlmLJ249actnYKqx2pCIPRuPFPcGjTMlU2obMgSHQpaenozo6LxGty9TLK9Kvmfc5xXP1c1VkJ9AixYEhaS4He3r8IgXucsp&sai=AMfl-YSvqu9uWIlQm-73M7uqreUJJTzus7V6UOnSUet0hHXEUjjj45_nWrfqkrSWILPBfYIg437vek9AbxFBi9P0tNBgXyUbpr-3vygU0KfUlOo&sig=Cg0ArKJSzMKciMyJjWsoEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1A259F34F83735A66210BDF05BADB2A8
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
Frame ID: C82181AC573ED4FF2333364B0A82944E
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 607BCE1C3AB460571AB187BBE801B43C
Requests: 1 HTTP requests in this frame

Frame: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8FFC22D79EEF24D9A1D6EFE6EA33B742
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&cmcv=&pix=undefined&cb=1694273544426&uv=3334&tms=1694273544426&abt=nonrv_vA!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=226f7bca-d8bf-43e6-8a26-e0f937054f59&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 693C0DEC5D9CA3A1BD5CB5F69E3C778C
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 600145ABE88F5CD8177FBF2F0ADBA21D
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F028FA9E814B00F1A2B5CCE58697F877
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiY-cHuATAB&v=APEucNWRyoY1Ulck6gh6O_EMx-Bc0tqjLv2kwMigDAWHzIueRBHja9j8TJmFlc1HkAr_C03u7Ez4B72iJhm9CuNeTlNOkw_1jUwh6NfDc4PkZZI012ARHKl94nh0qs9AqzKdagwITsUJxYhApfE1XnSNZtRJG7M1k_mf1gdgqWKuSgYXO7KFL2lCNnDEeVdHwatPn1NFx-0aZRrGSiS62zPKrY8ZcPO39g
Frame ID: 58B750078AF4A0380BD86B040416188F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 07FC62D1124D2DB03F232CD57C3363AF
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: D936D33A9B9BA07B39C2DFBAF8C85BA0
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: D8560D79DDF5D3C820BFB55E27801034
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: B12A0BE4E9290FFE3C7AC9D03812D08E
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 1C082684A47BD9ACF335286E1A268C61
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 7BBE7EBB78A162E0C8EABABBC81EB37E
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 837B727F06AD1E50EA6BDA491BCF5148
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 7CBE7F570ED88C50295B6B5BDAD2F9A8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: F9135758A27C49511CA3607B28A12A9D
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Frame ID: D6A0ED8EB7DF65B17612E0F6F59F7F87
Requests: 39 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 065A5862913AD2349FB4E11AD2623D74
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AE6AC683A9A72D72B3BF5383B7E634DE
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 8E14CF7D6D24A6BCCAEED87EF3C89896
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 94E41394C179A3924DCE9DD440C5CBAA
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6130299874045194587/index.html?e=69&leftOffset=0&topOffset=0&c=tA3GDtGYaX&t=1&renderingType=2&ev=01_250
Frame ID: 7D4F71EFECF63AED04201CEC92425C8A
Requests: 8 HTTP requests in this frame

Frame: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C524FB00A3DB52B1213A7A75B9629960
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8D7734B788406A93EC2E437AC29FFCDA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Frame ID: D88B5F93F4172041EB5378F87AF8B6AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkdrzwgEwAQ&v=APEucNW7_MfIrVo5ZN0Cw5bE7K0x8AKrvm7wB-J3k_bUF9-Jf7CqBDZkPGK_X4u2giSBV44LnaXv8csf0ZP7wkijZWeuxNPDRzjLSPMgi7ajFgZX9HdCibSM6xjusq4r26U5pSMfjxTQuKJFNU4z3vOl60xV9zgTGAgtpsRyaoWP2py-5JUmnJxRIfIPs640mqdx2hblZof8aS6T9aCb6vh8AF5jQufnIw
Frame ID: BDFE26AC585B3E8F6D00F1F209087B7D
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 4DF8FBDC3D830B424BDDE2DD8B4A9D8C
Requests: 13 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Frame ID: F1655EC38DB564DB3F04947ACA58B5B0
Requests: 22 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 184A68FC5F66EF8CF2E5B20F838D1563
Requests: 2 HTTP requests in this frame

Frame: https://beacon-ams3.rubiconproject.com/beacon/d/3e7dc23b-05b1-4af7-be6e-67d17d248012?oo=0&accountId=20616&siteId=395958&zoneId=2209398&sizeId=15&e=6A1E40E384DA563B853850426245E7EFE13F654D6BF4C8F59D1DEC505C6AC38BC776359FA90FF384E8F34FBFADDDAE917A3220A15E3EC91D14D428FDEF9104E8D5055F13D0C293E301BCD94F5EF80214EFF5095DFCDA4220444B47C392CD59A56DF44A058BDE36DF3E5B93F3D8579F833625704E2F89569BF623EBBBE4109889373B997023FC9B983F9C24DF26E72F63AB471BC9994093360D8CEF130CE913DCD9073D7564581F44D6FAD8F0F8F091D381EC6608451581C559A3009EE0271107F19B91AB766529FB82504BF9B3BDDA2FD092A6EC3342C0A4270FA4F3AE25AD31819FD4564AC46637E50EBF53FFBDAFC0AF71204A56448A18C5A7AD89FE10EDCAC20A3D0C6FE4DB34CA3E41C27253237D508AB776A72787C1CE181A98323B36A9B0D07C8522B765B9F8CE3F9E40EA5E94B7A005B3AD9176DF0B9542C09C94D4417551730646B4AC6737B970260ECE0B11F6C7B6D36EBCA58239596D39236CE47E857ED473DFAF60B7DE1047012110E6AA0850888894FFE9AEAE050B2E51613E7D2B4DBD10824385D7F4E2135FF758B376EDB5E30DE5E571099468C31356A84AAC831EBCB2B1194F84CD875C7DD3D96827100DEC5AB55045D51BA8673DD0D385CE06D008DF03D7E88FB0C3C85327ACCA40B65A7570C13B761241B2F04EE184D9074A0D1B9B89613AEB4721334A81CA743904D274C92E5A4E68134C99C15223C0CE18228C4E3F2880E300D4F645AE6497E1A705195BEE01437AB85A5AA488F008BF9856A8B5885329E2A4FA6DCA78E753AFDCD2C60C7AF73BA1A5560806207258ABD926052664C01A89C258DB581B5F61E37294C30B41EEA45692BFDC83F2FCFB5EC19EBB2C4520380919AB8426E2ABAE169D09087B2BB64879B7A68F350D4FBBA656EFBA8CC0850B287B47A266A1EA5E808576F139A2D6D199D1A6359E7D21664509BA879158EA2FAD272C1DE3F69212F90D7474C782F9F96B0DC757FF2B337F2DDF8DA0E8EC3D999E760E0B5796E5BA06D5CAF23912FF50CF5BC1663E640BB4BC76559306F3AD6278D39FC9BF8874D38EC8D621E8648DCF5F49D356FFAD0ED8C64AFAB3EEEBC0FDA4B527AF64DB3EE5F1741A656D313EB3E008C1FBBEFEAC4AED74BA85E7EDAFF711E34A423B61DF246341FF9A3FAF75111314E1CF13EF6C13C1E33DE4CB03C901F30B9BE51E6F18434D3356F1F74028DCFDC53E9A9E9D68E83BCE1BA7561587F639CDA10306204D320B
Frame ID: 53AE622BD2140180F0839FF11275D452
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Frame ID: 920F9B0E761C59CFAB27DFEFD57FFB89
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 242B1A9539DA925101FA588EB0FE1A4C
Requests: 1 HTTP requests in this frame

Frame: https://75af943cf76591a6135a999a133351ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5EA90A8FB440D2A35504B0FCF0D51A3A
Requests: 1 HTTP requests in this frame

Frame: https://0680a2e874d6ba6d9e127aab8b3d807e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6EFAC654416F0201A73EBC3A4E37DB0C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 0BAB98D32E54E466DDE43A8FD7BC3FE6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Frame ID: 008F04B59F8FF43C14C39F2C0F3772FC
Requests: 1 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=7944&cb=64fc900919e9c0d0360c9a84cbadfdf4&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Frame ID: 79A981A418E7BF389AC2875A8E4F455F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Frame ID: 1A635B42D455FA12671FDE2280301B63
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4AB45822C76CD764B16F70A8720361C0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D0F9B9F4CB24F2873ED37730226B450B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BB8F4FD2F3F64B13A452D758844B86FF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E656563A19772102D35EEB3803816A8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C2F68102F4981E580558F504DAB512BC
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-j3ymTBem5QrYVbhsopcMJQyz6BJ6Vl9EI1Gevg&google_gid=CAESEHDAHT2dqlCCtmfJaiW3-vg&google_cver=1&google_ula=913071,0
Frame ID: 53ED3A53FC566108286A3D977AFEF4FD
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNU2Au188RirC67Zu3Fj04ekHgIGLWCUuP9lRVisLyWf7xXeYrRMr3eGlujKOMDisZn5aPyHPdx5vpTHxNU_2CGrlDJZmaVBj6GGCrxhc2dpCyFoUgNUHlU_2IUlgQTTh1gxdDn-xD94hJSLsTigaIWWm-vt5nL3dMeB8I_BqzxwmembcwU
Frame ID: FF69A84DC44C7F7C9B461A7A48FF5B21
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 7D404D7C27B0FB5A08E1756E0C3F64CF
Requests: 24 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=YEaMD8hqE1&t=1&renderingType=2&ev=01_250
Frame ID: 790651D0F9C31D6E7DB580337F752D9F
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJSMhfMBMAE&v=APEucNW7voJ4JyUgr_03xpHI8Ej_-2QKlEaHQ2Kreb86BQrdAqOtCdTdF5Y7IANE_13nFzQ2VsAP14WiFxnnKr70vAWYVATVcmbujSgV3cRbjvfTPiz_Q_lc3hssgdUYrcB9dLDUYId1DkdhR1iESM-UL5Z1tvRGGeAdEIqK3PdByjKTkCTt2Eo
Frame ID: 4C2356057BA5794EAAD9458412A13207
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 268E3616F424BB189A672F7F1C2811F5
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Frame ID: 89AAEF7541CAE16DB95F26589314CABD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 83147E1D22ACE77CBE27ADD4BD1A23B0
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E025E98A0961CB75AE878E80148376E0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 198426EFA2EEA26E57EAA843D129ACF8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 032525DCB9389C8B215174F4E09B9CE8
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A2FE5F6C0D301D987686F152E7DE43D2
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C0D537DCCB3A9CE5EABB8B67A5593E2A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1B71AA693176B4803B300D7B1460B6D7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Frame ID: 313FC2693153795706E6AD28DFDB60CA
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Frame ID: 1576C977CFAD976243A67AE671FDA169
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7C63E05AB4987656A639EECC6741474F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Frame ID: 7A5FE8E805BA620F21C695E5B5C6328C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 4F835A282BB64B3AE8119116C9481155
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3C1C7B24D1C051B059C02FE1FDB0B118
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1694273544377
Frame ID: B0AB48AFC6D68420448A5599BFB12EC0
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 455FC61760DF444FA9038299B451CC70
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: DF66DEA5877820D366F816C53FC28DBC
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7815E92F938A2537C2DCCE076C51CD4F
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 0BCA2C29DC98E229FD91E73AF07F6C73
Requests: 14 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: 61A1F541C98C52AA68A1695DFCDC7DF2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CEEEF6342F3B02728F716DBE3FE8921C
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 37F2AAC3B8850261E365F9C12A057E47
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
Frame ID: 83526F6F68FBE14B0754E5D13AB9BDC8
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 615C82E458276BA8F22F3A97F2FF027F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 05105B0D977FCEF760E27A32139CC238
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 73F4943656879BA6447B8991C1CAF366
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 656235DD55AA002A2BA358FFC089DE0F
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 106FD9CBF2EE566A848436095BB6682E
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: F9F15D93C59C164EF8F84F1F22CE0951
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: DAE222286E1607B6593A808616D578A1
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: CEF3115F7E67E83729B2807F48CAF19B
Requests: 22 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: CD1FA44ADE3FE1469288470FCA9EC699
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 167D9B77613C326A2782A45AE3A1A2BA
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 50E139D4879E5C04162702E5BADB1CAD
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 60E56F5999B7414B9B5591557AD1DC91
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 54D840E9CADC7F004BD4D29E4F5BF8A2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E49AEF8AEFA0B974CD9FE4CC8758F05D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 65503FD8ACDFE82F200E09037DEF8636
Requests: 2 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZPyQDAALyhZyCwBV
Frame ID: C5B915F3E4FF3096BF7A7C6157764D63
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iNDhmZDE3OS0zNDllLTQxYTItOTM3YS1jZTNmYjNhNGRhNzk=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: A216123F359BEFD93E96DB10D4570E30
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 36FCD55002D59443126195790981219D
Requests: 9 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: EADF9BB605BC884E84BDDDCE1D8FEB5D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZPyQDcCo5tAAALg0PRAAAAAA
Frame ID: 35F2B1710A8AF279044B04706E4CFE26
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_b48fd179-349e-41a2-937a-ce3fb3a4da79&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: ADDEE725CE4C10EFE00450AD50D7AFE5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=9dk3DQFqnvASlXRLhLJz&pi=gumgum&tc=1
Frame ID: 7BBC06CB7DD6ED60BB99A34CD1214F74
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: D922D75A1DB4ACEE3FA3F748A7E99180
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 8349E8F64E46A8939223B0F8CAC49A50
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: C8255AE339849E445D526A920E6AC4AC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 215954076E92853D4089070FA2814154
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&redir=true&gdpr=0&gdpr_consent=
Frame ID: 8AE97CB1BC7AD51AF5E70612CF52F93C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8fi0rP784vfqreT39qj_rfP74Krq9eOq9_lFcmpy
Frame ID: 5AD17C9C9859FA9BC73BE682700CC21D
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345
Frame ID: 7AB958A768CCD54492003B6D253E1E4E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: DFEE6F5295FBC353236E88C01E3B903D
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 99FB725EFBB05E3E7635D99AEF63A78B
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1034773037
Frame ID: AFAA64C561A45A888874809BFB348A35
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/67a2d8f4-85f6-53fc-a4b9-750cc045e504
Frame ID: 95B536733763097025AE6E54D319D145
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: FEEF439774D7033470BDBDB6BCE2174C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/6187144383698912030
Frame ID: 352225E5D3ACB226D55A4BB357513B00
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/20fb49e4a9d3d27c8a4eb4240e9d6?gdpr_consent=&gdpr=0
Frame ID: 50E62601BB17F0D087170208826B81E7
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 9F68F5732377FFB6B39709D88239FCBA
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: D61DEF2341AF88EBE48C5811A499E7D3
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&gdpr=0&gdpr_consent=
Frame ID: 5C66F7B0C4F246068C4022605EFE4132
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5803185560340488745&gdpr=0&gdpr_consent=
Frame ID: 681CC651871565690801368F9731FA88
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VIN3NTqiXqNEj2Obly118Nly2hc&gdpr=0&gdpr_consent=
Frame ID: BB1CEFEBE88132AF9C989027B9DC2092
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276849492042250393&gdpr=0&gdpr_consent=
Frame ID: DCAAEAD3CDF2B1C717C0667A8714266B
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 324DB724E7F860AA26F89B008F3671CE
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 5A8C2C56CD1A72974356C48B6FF5EB3C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 9720B45ECBECBA872D2083711E0A553A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFf6k7J-SAAACerBT-Pqg&gdpr=0&gdpr_consent=
Frame ID: E3121293311C90181ED04CA1DEB3D4D9
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345
Frame ID: 83154288CDBB4695F52721940CC5153B
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&gdpr=0&gdpr_consent=
Frame ID: FD40D9E6E50D301AF2BA2D118DEA9B57
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5803185560340488745&gdpr=0&gdpr_consent=
Frame ID: 46F16D57BAC73EB5F6441B64D8B47ABE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VIN3NTqiXqNEj2Obly118Nly2hc&gdpr=0&gdpr_consent=
Frame ID: 48548A619A51C03DE96F33077858FCE2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276849492046837911&gdpr=0&gdpr_consent=
Frame ID: FCA2EEA68EC027ED8F36D8F7ED1332FF
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 69491C0897AC9B96B72D55408CB97D41
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: AB6CB862D270C8195B327D583A49FD35
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 0DE3F0EA1770C55363495BF30FCF32BF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFf6k7J-SAAACerBT-Pqg&gdpr=0&gdpr_consent=
Frame ID: 0674F538BD2D41F3BB7E9822517EDE9B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345
Frame ID: 296A58DAFF7B5E9523AADB3D4A17BCFC
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 2CA341C9A77B219F166F7F65BC226869
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C43A7433FE3FF9E6BEB8253169200DC3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 587913FB9F0E45A9F5ED67F21EB0EF6B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

發揮金融創新優勢 “政銀擔”線上批量融資擔保合作模式推出 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

796
Requests

87 %
HTTPS

29 %
IPv6

120
Domains

208
Subdomains

145
IPs

13
Countries

12706 kB
Transfer

30444 kB
Size

162
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 64
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&rid=esp&cc=1
Request Chain 88
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=mdAS0XxCSUpwQitTdDF1OGJ6K1Q2d3hZWDFRUFAvNWMwU1dFdUdKcXhDeXRVVVFEVDNzbC9DQ2lZZWhFc2VJOFlMQi9yczlCbnFndnZMa0U0SXMyWnR6d0h4eFM0eE5TdFpoYzY2dGYzenpDQmplY0tlRTJTMG9TTW1nU24zK3JWaVczK1VXdHhRbmozZXMrcnB5WGVrYnp6Rm5XdjBxMURnWGNndWdUQldmalpreHJGTWFVZDgrTGhUeWduQkxaUHpsZU96L3BEQnk1elRhOEVzV2IwdkdMWWtPK2pxVmVTa0FjZ0tSQW9sbFR4NU1EYUFHQjNVOTFFaVZ4ZVducUE2Q3NLUnZCSXBPYW9vOWpyVTF2WGl6VytjZz09fA&cppv=2
Request Chain 119
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D0cedbfba-6b1c-4f30-872c-f321e0d521a1%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=0cedbfba-6b1c-4f30-872c-f321e0d521a1&p_id=23
Request Chain 120
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=0cedbfba-6b1c-4f30-872c-f321e0d521a1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=0cedbfba-6b1c-4f30-872c-f321e0d521a1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-1800319704082978100 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=67a2d8f4-85f6-53fc-a4b9-750cc045e504&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=a2757d6e-980e-477e-9df3-05a9ba443503&p_id=15
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITL1qS0BUZ4aMGIcrljoqk&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITL1qS0BUZ4aMGIcrljoqk&google_cver=1&C=1
Request Chain 206
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPyQCRLTghbNSmm1ps0Q9QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITL1qS0BUZ4aMGIcrljoqk&google_cver=1
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHKFcGvywpdl2BOjf-icaKM&google_cver=1
Request Chain 208
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgwMzE4NTU2MDM0MDQ4ODc0NQ%3D%3D
Request Chain 215
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 218
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 253
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Request Chain 254
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Request Chain 255
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmRlZWVjMWIwYTA0OGEzY2UzZDExNzZkZWZlNWRhZDU1ZGMxODQ5ZA&gdpr=1&us_privacy=1---
Request Chain 256
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1DNlExTkMtMVgtRERBRQ==&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEL_oHlEv5YLv7GrSqRVrwAo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1DNlExTkMtMVgtRERBRQ==&google_push=&gdpr=1
Request Chain 257
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMC6Q1NC-1X-DDAE&gdpr=1&us_privacy=1---
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEBhBmpUzRSPx4VpxT4XVURw&google_cver=1
Request Chain 260
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/aDn4W3Z2f5TyWWEfGoLUHcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-65fcoZBE2oJuADu26gmergAdRKygJIb2_j7dcQ--~A
Request Chain 270
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELNj8ohwbGiPuhUZWoN-XqY&google_cver=1&google_push=AXcoOmSQZUvvxm-ndIn4W4bpc6rh_28U2AKkCyoYenc9BCXsDvZiFywWjwi_PrsMzv3yCfJvYaf6dJ3NjjSo6thRO_1UPN2tV--MJZS0FF4XZpA_Jl_QF2mJ22Jx-W8zlQyPDMZokWxUz9M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSQZUvvxm-ndIn4W4bpc6rh_28U2AKkCyoYenc9BCXsDvZiFywWjwi_PrsMzv3yCfJvYaf6dJ3NjjSo6thRO_1UPN2tV--MJZS0FF4XZpA_Jl_QF2mJ22Jx-W8zlQyPDMZokWxUz9M&google_hm=kOP4KMMnRzCVgKrNuFRNPxc
Request Chain 271
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL_oHlEv5YLv7GrSqRVrwAo&google_cver=1&google_push=AXcoOmS1qtWBwI9L4pqouUHRXzFhdMMeLWGGECfYtOkRZaFBbX_2XBdM5QcygUm36COYzqtd4cOQjcPfOfJesGV078N54nraqQzQQnwcfQexTDqjuoMiA-a_-J1DIg7KBYqdZZ9oMEZcGA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1DNlExTkMtMVgtRERBRQ==&google_push=AXcoOmS1qtWBwI9L4pqouUHRXzFhdMMeLWGGECfYtOkRZaFBbX_2XBdM5QcygUm36COYzqtd4cOQjcPfOfJesGV078N54nraqQzQQnwcfQexTDqjuoMiA-a_-J1DIg7KBYqdZZ9oMEZcGA
Request Chain 272
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPz8BQi0n1Ew5w9MBbazK_Y&google_cver=1&google_push=AXcoOmQ0dBuQZII36NOA6EY2ldAGtt8qZqNeZL6L-e_XhN7a_c9w3G3QZ0vzJklQVrPd8CnKjTAOJV0T53osyWW30u5jhFyVGZh-Xn6nVAJDJDs-PUFEur1h20NH6YRTdxCIYamzWXZ6rzA HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPz8BQi0n1Ew5w9MBbazK_Y&google_cver=1&google_push=AXcoOmQ0dBuQZII36NOA6EY2ldAGtt8qZqNeZL6L-e_XhN7a_c9w3G3QZ0vzJklQVrPd8CnKjTAOJV0T53osyWW30u5jhFyVGZh-Xn6nVAJDJDs-PUFEur1h20NH6YRTdxCIYamzWXZ6rzA&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ0dBuQZII36NOA6EY2ldAGtt8qZqNeZL6L-e_XhN7a_c9w3G3QZ0vzJklQVrPd8CnKjTAOJV0T53osyWW30u5jhFyVGZh-Xn6nVAJDJDs-PUFEur1h20NH6YRTdxCIYamzWXZ6rzA&google_hm=HSwEqGZHX1ykCr5nTfKNWEhI
Request Chain 274
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEM-YSODl4dTeM9J8ueSqeps&google_cver=1&google_push=AXcoOmQlg8DUBGbGVIdThDP6LzeRJh5ayQbgcRNS1_sDI8ChBjgiKFoQip2kC9byhM4AOd4Xy5sQTLB6_h7jJgyxNPFgy9n6LfdyCchswylnR1OxP6hSA3NYTBbkZzh5FaP3QGOzyr0Cy6NW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQlg8DUBGbGVIdThDP6LzeRJh5ayQbgcRNS1_sDI8ChBjgiKFoQip2kC9byhM4AOd4Xy5sQTLB6_h7jJgyxNPFgy9n6LfdyCchswylnR1OxP6hSA3NYTBbkZzh5FaP3QGOzyr0Cy6NW&google_hm=QlMuZjg0MS1hYTI5LTQ2NDgtOWE4Yg==
Request Chain 275
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMrbjttTB8tzO6PTT-sB_Ps&google_cver=1&google_push=AXcoOmQsj1RlCibZK_kkQl3229jnIgA73KwIOdczpDFryEO9t92cJTCFqpSgvj7_an4q40Q2MkAU2O-eIjUn8xX_ErSaJUUWxZv7WDQNzQS7Ff86W8lvbOgBVBrarAwV1EV2HDPJAmXLGmE8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQsj1RlCibZK_kkQl3229jnIgA73KwIOdczpDFryEO9t92cJTCFqpSgvj7_an4q40Q2MkAU2O-eIjUn8xX_ErSaJUUWxZv7WDQNzQS7Ff86W8lvbOgBVBrarAwV1EV2HDPJAmXLGmE8 HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 325
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEsuEu6Ssh0MKhiUzfbDINo&google_cver=1
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEIAwKDldxZo-8uKBFBcizyw&google_cver=1
Request Chain 358
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-j3ymTBem5QrYVbhsopcMJQyz6BJ6Vl9EI1Gevg&google_cm&google_hm=ay1qM3ltVEJlbTVRcllWYmhzb3BjTUpReXo2Qko2Vmw5RUkxR2V2Zw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-j3ymTBem5QrYVbhsopcMJQyz6BJ6Vl9EI1Gevg&google_gid=CAESEHDAHT2dqlCCtmfJaiW3-vg&google_cver=1&google_ula=913071,0
Request Chain 398
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5803185560340488745
Request Chain 411
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=0ycpRwI6M5TzBPfTenF5_Y1gVcK6EVMg HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=0ycpRwI6M5TzBPfTenF5_Y1gVcK6EVMg
Request Chain 446
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPpzuyYW-9yZGZK3SCJxsP0&google_cver=1&google_push=AXcoOmQcNJxu7jULh5D-atxkEQMWvgL3AIPbXMxpLf5ynCvPsgVvIYUqZWB8y_Czx8blsZ-QT_FKkJcU3qedq9hEqLZsuryIHpo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQcNJxu7jULh5D-atxkEQMWvgL3AIPbXMxpLf5ynCvPsgVvIYUqZWB8y_Czx8blsZ-QT_FKkJcU3qedq9hEqLZsuryIHpo
Request Chain 447
  • https://a.c.appier.net/gcm?google_gid=CAESEPNHEELUyg9oGgS5IlMjSSM&google_cver=1&google_push=AXcoOmSjgtS5o5bmAMHgHC-DhavKQQMUNxBgPVcShFRDE-b0rpL6va9OYkjm3t4Ipid4xXu8V-0Hvj42zVaT3-gUYug1QyBxx9kb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=eGVNNWt4S1NDa3FNUkk0MEM1RDhaQQ%3D%3D&google_push=AXcoOmSjgtS5o5bmAMHgHC-DhavKQQMUNxBgPVcShFRDE-b0rpL6va9OYkjm3t4Ipid4xXu8V-0Hvj42zVaT3-gUYug1QyBxx9kb
Request Chain 448
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHjOlQDqf2GDl5PrdepRQe8&google_cver=1&google_push=AXcoOmQnHppYk4wdUknsWsvMmFjVG_BXJP5MFMzYu1BdfgkUFbBQk_OvGHavnIIezioEkKHsAQTIP9nSSv-HU2Pb7MR1xJUATdPS HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHjOlQDqf2GDl5PrdepRQe8&google_cver=1&google_push=AXcoOmQnHppYk4wdUknsWsvMmFjVG_BXJP5MFMzYu1BdfgkUFbBQk_OvGHavnIIezioEkKHsAQTIP9nSSv-HU2Pb7MR1xJUATdPS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjE4NzE0NDM4MzY5ODkxMjAzMA&google_push=AXcoOmQnHppYk4wdUknsWsvMmFjVG_BXJP5MFMzYu1BdfgkUFbBQk_OvGHavnIIezioEkKHsAQTIP9nSSv-HU2Pb7MR1xJUATdPS
Request Chain 450
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMn0H-FWrfNhIW3pAo7h2ZY&google_cver=1&google_push=AXcoOmQZtvAo2OZkoR0glCgiZAMN1ppzo02dYXuuHhALC1uirz4zQ5OMsuTqgvcqfWT8d3hQ7j2MLcsO3W-bzaWgayvfXGL2z1Kw HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQZtvAo2OZkoR0glCgiZAMN1ppzo02dYXuuHhALC1uirz4zQ5OMsuTqgvcqfWT8d3hQ7j2MLcsO3W-bzaWgayvfXGL2z1Kw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1694273546762 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cac6fb04-2920-4a19-aebe-4adeb4403511-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQZtvAo2OZkoR0glCgiZAMN1ppzo02dYXuuHhALC1uirz4zQ5OMsuTqgvcqfWT8d3hQ7j2MLcsO3W-bzaWgayvfXGL2z1Kw%26google_hm%3DA8rG-wQpIEoZrr5K3rRANRE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQZtvAo2OZkoR0glCgiZAMN1ppzo02dYXuuHhALC1uirz4zQ5OMsuTqgvcqfWT8d3hQ7j2MLcsO3W-bzaWgayvfXGL2z1Kw&google_hm=A8rG-wQpIEoZrr5K3rRANRE
Request Chain 453
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPEZ-X6uSqXNdiQ6iSHEWHE&google_cver=1
Request Chain 462
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEL1TNCu3gi2b1c7g8Mj0N3M&google_cver=1
Request Chain 509
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=BfM4o9bhyVCJPwGXy_ur-bKH5OB-P6_J
Request Chain 519
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOgDmBLuE3piAt1epyRIPgI&google_cver=1&google_push=AXcoOmT4h32J0healo0vzq6uqqZFlJg3rCQzAmUkuh_6ImNeDtfgSyBXdz7mobyWow4jjp3YYo8ouoHzAhDxOjraIppm4HBmyg34 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmT4h32J0healo0vzq6uqqZFlJg3rCQzAmUkuh_6ImNeDtfgSyBXdz7mobyWow4jjp3YYo8ouoHzAhDxOjraIppm4HBmyg34&google_hm=PxggZfM_9NELvvdgBonQVQ
Request Chain 520
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmRHjeqYaBAz-WB48Ati-j4j-LNHLqq8zKMiDaJR2dZ04kyins1CxZy9By_AMPC0IT8UgAV5u_v4anJeB8uLJovNjYGb-9gg HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmRHjeqYaBAz-WB48Ati-j4j-LNHLqq8zKMiDaJR2dZ04kyins1CxZy9By_AMPC0IT8UgAV5u_v4anJeB8uLJovNjYGb-9gg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFJjV0dVcmMxUUVaV0g1&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmRHjeqYaBAz-WB48Ati-j4j-LNHLqq8zKMiDaJR2dZ04kyins1CxZy9By_AMPC0IT8UgAV5u_v4anJeB8uLJovNjYGb-9gg
Request Chain 521
  • https://um.simpli.fi/gp_match?google_gid=CAESEJXKfaYwx9GPCOvLOdY5-b0&google_cver=1&google_push=AXcoOmRykmEkglLf-QZKjrAyggcIndTBaNiP6GAceDP-f9-L8ic1CMrGDGEJNvCwMnjY5Wk7x5fNCO3Eadjxb7qGBpfSAgRbQM-3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=34C39FA5833F4624848DBA65E3ED7214&google_push=AXcoOmRykmEkglLf-QZKjrAyggcIndTBaNiP6GAceDP-f9-L8ic1CMrGDGEJNvCwMnjY5Wk7x5fNCO3Eadjxb7qGBpfSAgRbQM-3
Request Chain 523
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEECLE-G83JE7aJ3p9Xn2p2E&google_cver=1&google_push=AXcoOmSH9SwmVLb25C7aWzCnRPBU7F0a4fA7J9u6g7Tzfkt9DdYHpwOUBCyMyfWjV8Qqp3jYQZ0wjiqQqEXz3FwMnmHp_lKFytug HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aj3SRPHbRKOh73yJIa3zRQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSH9SwmVLb25C7aWzCnRPBU7F0a4fA7J9u6g7Tzfkt9DdYHpwOUBCyMyfWjV8Qqp3jYQZ0wjiqQqEXz3FwMnmHp_lKFytug
Request Chain 525
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEtax3EzPvdazmPjt9958E0&google_cver=1&google_push=AXcoOmRaDHiELFINNImYChbUNPLPAo6QQozsr_qa1msJAgTYI3N0l-UuJsRFe5kJQrYSMBDPOnc8P4shWAiuiFYwylc9ECC_yxDW HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRaDHiELFINNImYChbUNPLPAo6QQozsr_qa1msJAgTYI3N0l-UuJsRFe5kJQrYSMBDPOnc8P4shWAiuiFYwylc9ECC_yxDW&google_gid=CAESEEtax3EzPvdazmPjt9958E0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAzMTM5NzM1NTY1ODQxODM2ODk5NQ%3D%3D&google_push=AXcoOmRaDHiELFINNImYChbUNPLPAo6QQozsr_qa1msJAgTYI3N0l-UuJsRFe5kJQrYSMBDPOnc8P4shWAiuiFYwylc9ECC_yxDW
Request Chain 527
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOgDmBLuE3piAt1epyRIPgI&google_cver=1&google_push=AXcoOmRgnz0xkOltZ2oHuYEVu_BKnrajxesjhQrGfURupsJkZCmNKTFYlIRwTqcN0n-x2WckxymiIBbBXnl06fijkXQFsnAvubdp817V-Qj0K0MF2a3olxJkSdg9UGTScTd6vKOrCiYzSVsx5KWALMwRAOy2Zfs HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRgnz0xkOltZ2oHuYEVu_BKnrajxesjhQrGfURupsJkZCmNKTFYlIRwTqcN0n-x2WckxymiIBbBXnl06fijkXQFsnAvubdp817V-Qj0K0MF2a3olxJkSdg9UGTScTd6vKOrCiYzSVsx5KWALMwRAOy2Zfs&google_hm=PxggZfM_9NELvvdgBonQVQ
Request Chain 529
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmR-grsx1DBOsJK0DCb6kapSoWw3uDlqB4AxdzwcDLVF2J2nIT3MvftR6M4S17ZBS81rZ_qlCvdPGApDhnrZtZnRKw1gtKGu1ynwTQFpg9m-LvMgOiO_1E6hpbs6iUtUZPPXxHKtnA1kJuG_mU4pPovyB4M HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmR-grsx1DBOsJK0DCb6kapSoWw3uDlqB4AxdzwcDLVF2J2nIT3MvftR6M4S17ZBS81rZ_qlCvdPGApDhnrZtZnRKw1gtKGu1ynwTQFpg9m-LvMgOiO_1E6hpbs6iUtUZPPXxHKtnA1kJuG_mU4pPovyB4M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFJjV0dVcmMxUUVaV0g1&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmR-grsx1DBOsJK0DCb6kapSoWw3uDlqB4AxdzwcDLVF2J2nIT3MvftR6M4S17ZBS81rZ_qlCvdPGApDhnrZtZnRKw1gtKGu1ynwTQFpg9m-LvMgOiO_1E6hpbs6iUtUZPPXxHKtnA1kJuG_mU4pPovyB4M
Request Chain 530
  • https://um.simpli.fi/gp_match?google_gid=CAESEJXKfaYwx9GPCOvLOdY5-b0&google_cver=1&google_push=AXcoOmSMbZV8yYENqRD8qyRQSsqbewCVskILwDdxXDzw7ZoOePN3dI89GX8-osF7WMlaygFPcVkquRMvbmTsqZ0jAjeI6g3mvs36mH4v3A-037b44ocgT4ormsp4ivKoN9gtrr-mNl-a9E8jS7B4do47iDRQLNg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C476D90D8D114802AA1EAC9476111498&google_push=AXcoOmSMbZV8yYENqRD8qyRQSsqbewCVskILwDdxXDzw7ZoOePN3dI89GX8-osF7WMlaygFPcVkquRMvbmTsqZ0jAjeI6g3mvs36mH4v3A-037b44ocgT4ormsp4ivKoN9gtrr-mNl-a9E8jS7B4do47iDRQLNg
Request Chain 531
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTydYPQhqhqYQQfvcA29hKF8DaqnW5AFpqPAG2x7TaNvR5-ce_OsawM2tx6K3wp3R0Dlnh0BY6s5mqsrs_WsfvWrG4XQoggFO8c7QUXxgAVWCSyJeGtrz-tChsyKLcFxn2F1CyfxNb2j65ME9ShXZPC8A&google_gid=CAESEHDAHT2dqlCCtmfJaiW3-vg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-j3ymTBem5QrYVbhsopcMJQyz6BJ6Vl9EI1Gevg&google_push=AXcoOmTydYPQhqhqYQQfvcA29hKF8DaqnW5AFpqPAG2x7TaNvR5-ce_OsawM2tx6K3wp3R0Dlnh0BY6s5mqsrs_WsfvWrG4XQoggFO8c7QUXxgAVWCSyJeGtrz-tChsyKLcFxn2F1CyfxNb2j65ME9ShXZPC8A
Request Chain 533
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 538
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-3216231935713038&ias_chanId=1&ias_placementId=20343400544&bidurl=https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hEshQW7qCrtU3UtkuRBuvm&adContainerId=brand_safety_CpD8ZNfuMo6Y-gaa-ovAAw&cbFunctionName=goog_wrapCb_CpD8ZNfuMo6Y-gaa-ovAAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.bg3.co&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.bg3.co%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3216231935713038%26format%3D400x250%26w%3D400%26h%3D250%26ptt%3D12%26adk%3D184803677%26output%3Dhtml%26bc%3D7%26to%3Dampa%26pv%3D1%26wgl%3D1%26asnt%3D0-35961398703449782057%26dff%3Dsans-serif%26prev_fmts%3D1600x96%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26ifi%3D2%26pfx%3D0%26pwprc%3D1037897477%26adf%3D1477162822%26nhd%3D0%26adx%3D1000%26ady%3D2474%26oid%3D2%26is_amp%3D5%26amp_v%3D2308242321000%26d_imp%3D1%26c%3D84801006253%26ga_cid%3Damp-er-It84ly8bNYNvbtW01ug%26ga_hid%3D2064745187%26dt%3D1694273545507%26biw%3D1600%26bih%3D1200%26u_aw%3D1600%26u_ah%3D1200%26u_cd%3D24%26u_w%3D1600%26u_h%3D1200%26u_tz%3D120%26u_his%3D3%26vis%3D1%26scr_x%3D0%26scr_y%3D0%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%26bdt%3D2773%26dtd%3D98%26__amp_source_origin%3Dhttps%253A%252F%252Fwww.bg3.co&adsafe_type=bed&adsafe_jsinfo=,id:2bb6590b-ce8b-163e-9705-ebc2f763eab6,c:nJFMjK,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-569775bf89-hbjp4,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tPnh8M8+11%7C12%7C13%7C14%7C15%7C16%7C171%7C17211%7C17212%7C1811%7C1812%7C1911%7C1912%7C19131%7C1914%7C1a1%7C1b1%7C1c%7C1d1%7C1d21%7C1d3%7C1e%7C1f1%7C1f21%7C1f3%7C1g%7C1h1%7C1i%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1k3%7C1k41%7C1l%7C1m111%7C1m2%7C1n%7C1o1%7C1o2%7C1p1*.990511-61634100%7C1p11%7C1p12,idMap:1p1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:32,oid:14c489bf-4f26-11ee-996a-4a2cc68357bc,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_CpD8ZNfuMo6Y-gaa-ovAAw&cbFunctionName=goog_wrapCb_CpD8ZNfuMo6Y-gaa-ovAAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Request Chain 545
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmQRvnAUnWGVFJPgTV25CfUhXMOE7mbVpy2EoyuJW_YKpY0aaJRYq0m-njPM6Wa-D4Eumf5wEggAyiT3sTzdoEAAB9WimQAqaRKeYzSdIG43yuhrNpRNaGnmKck_C1OEF5NgEavHG5DiqUmUMohuge2_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFJjV0dVcmMxUUVaV0g1&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmQRvnAUnWGVFJPgTV25CfUhXMOE7mbVpy2EoyuJW_YKpY0aaJRYq0m-njPM6Wa-D4Eumf5wEggAyiT3sTzdoEAAB9WimQAqaRKeYzSdIG43yuhrNpRNaGnmKck_C1OEF5NgEavHG5DiqUmUMohuge2_
Request Chain 546
  • https://um.simpli.fi/gp_match?google_gid=CAESEJXKfaYwx9GPCOvLOdY5-b0&google_cver=1&google_push=AXcoOmR5Sc-9Sz_3ZTS0kiVO1T9cLXIOIMkRLLhUkRX2GRO2oYukObvtlLem1TBopxv61-v5VI5s7hNcyRLV_E6yJpvWgWif8tVU-IBXP7eOn3SyX1DhPFEZFYStvwaKuNjCVuRa539pesorxcva51amQwgd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C476D90D8D114802AA1EAC9476111498&google_push=AXcoOmR5Sc-9Sz_3ZTS0kiVO1T9cLXIOIMkRLLhUkRX2GRO2oYukObvtlLem1TBopxv61-v5VI5s7hNcyRLV_E6yJpvWgWif8tVU-IBXP7eOn3SyX1DhPFEZFYStvwaKuNjCVuRa539pesorxcva51amQwgd
Request Chain 547
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmStQX2YYPP3D-F61gH5aU7hbalK6_43uM7pp31O32E9eD6uH1zxXbQ0zaW-Xo61FctlQGjlXXx9Ihhnsizeqgd7L7BQfj2H_ExUCUmpf2YZ6D56acBSChc4f_Q1D40UxUylrBa170cUi7H57MtEDoY0&google_gid=CAESEHDAHT2dqlCCtmfJaiW3-vg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-j3ymTBem5QrYVbhsopcMJQyz6BJ6Vl9EI1Gevg&google_push=AXcoOmStQX2YYPP3D-F61gH5aU7hbalK6_43uM7pp31O32E9eD6uH1zxXbQ0zaW-Xo61FctlQGjlXXx9Ihhnsizeqgd7L7BQfj2H_ExUCUmpf2YZ6D56acBSChc4f_Q1D40UxUylrBa170cUi7H57MtEDoY0
Request Chain 550
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEtax3EzPvdazmPjt9958E0&google_cver=1&google_push=AXcoOmTmC0HAAJ0stFkhcduyhQAxaLPwPY3qfRa9iqsrDYR3j9ACGmfsngFXbwLWyQsWVv753I-SO2XfRClvlh8jVPcMEhgc_ElwK5GJRAvzUsIpO1zip_DVVoW5DMXw2FI1YuEukh8EayssJGbcEXMv1kYQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAzMTM5NzM1NTY1ODQxODM2ODk5NQ%3D%3D&google_push=AXcoOmTmC0HAAJ0stFkhcduyhQAxaLPwPY3qfRa9iqsrDYR3j9ACGmfsngFXbwLWyQsWVv753I-SO2XfRClvlh8jVPcMEhgc_ElwK5GJRAvzUsIpO1zip_DVVoW5DMXw2FI1YuEukh8EayssJGbcEXMv1kYQ
Request Chain 567
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=JKAAcJ4lNanHZdrQr9VW7JdxFXugr7Tz
Request Chain 618
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 623
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=5803185560340488745
Request Chain 624
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HSwEqGZHX1ykCr5nTfKNWEhI
Request Chain 626
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6769197145 HTTP 302
  • https://sync.1rx.io/usersync/turn/3306217142786303795?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cac6fb04-2920-4a19-aebe-4adeb4403511-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-cac6fb04-2920-4a19-aebe-4adeb4403511-003 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-cac6fb04-2920-4a19-aebe-4adeb4403511-003
Request Chain 627
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5109685629568722130
Request Chain 629
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 631
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-9b06a3e2-871b-3072-95a3-f952deefeef7
Request Chain 634
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 649
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=SGbYWUdijgJTM4gCTzaTWEpljF9Ta49fTmd-u_za
Request Chain 650
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=33885143-8586-498e-8708-776b0fa12a66&gdpr=0&gdpr_consent=
Request Chain 651
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Y2U4UGlGMU5adnZSeENKN0VOMVZrUk94Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGNlOFBpRjFOWnZ2UnhDSjdFTjFWa1JPeGciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGNlOFBpRjFOWnZ2UnhDSjdFTjFWa1JPeGciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGNlOFBpRjFOWnZ2UnhDSjdFTjFWa1JPeGciLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6187144383698912030&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGNlOFBpRjFOWnZ2UnhDSjdFTjFWa1JPeGciLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=ce8NfkWQTqhQgyN6s9ieRLO-g&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=3094586480578561071&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 652
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2822019987 HTTP 302
  • https://sync.1rx.io/usersync/turn/3306217142786303795?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cac6fb04-2920-4a19-aebe-4adeb4403511-003
Request Chain 654
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 655
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOFlSHr3yv7-TqZOKqewkRg&google_cver=1
Request Chain 658
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685629568722130
Request Chain 659
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=fa6e3ee0-d999-82f7-ab3288a4
Request Chain 660
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=juksCIHtelOVvHxTiblnCYzqeA6V5HsOiOip53ca
Request Chain 661
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZPyQDAAPCXR20gBY HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPyQDAAPCXR20gBY&_test=ZPyQDAAPCXR20gBY
Request Chain 664
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOFlSHr3yv7-TqZOKqewkRg&google_cver=1
Request Chain 667
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685629568722130
Request Chain 668
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 669
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709998348&external_user_id=a9a01fb6-0319-4ff8-9e74-92d85af26058
Request Chain 675
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5803185560340488745
Request Chain 676
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_b48fd179-349e-41a2-937a-ce3fb3a4da79&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=Qh92YE0bIDtZSiY7RU89YUAcImZZEiFmRB4J3S5B
Request Chain 677
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%286WlGQPzRP0kp71I5lUTEjfonM9T2nP2nLW3-J2hP7OPVdiqgBrE-KnIRtbQ6fII3%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%286WlGQPzRP0kp71I5lUTEjfonM9T2nP2nLW3-J2hP7OPVdiqgBrE-KnIRtbQ6fII3%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_b48fd179-349e-41a2-937a-ce3fb3a4da79&obuid=ENC(6WlGQPzRP0kp71I5lUTEjfonM9T2nP2nLW3-J2hP7OPVdiqgBrE-KnIRtbQ6fII3)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Request Chain 678
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=0630fd45-2c68-43f9-9924-bceda4e75ed9
Request Chain 679
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-54837735-3aa2-5ea3-448f-639b972d75f0$ip$217.114.218.23
Request Chain 680
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-.5COoz9E2pd67yhQ2DWVbFjCR.MUzhILbbbr~A
Request Chain 681
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=92e8af9c-efbb-4b56-8ef3-5686377faac1
Request Chain 683
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_b48fd179-349e-41a2-937a-ce3fb3a4da79&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=-ZMbrrPMcoV0emvrWe1-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2LK2JVRHE4SQJVRW6VRQMVWXM4SXMUYS2JTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2LK2JVRHE4SQJVRW6VRQMVWXM4SXMUYS2JTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=-ZMbrrPMcoV0emvrWe1-&us_privacy=1---
Request Chain 685
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=ZNXAiICuAe22&ev=1&pid=558355
Request Chain 686
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3094586480578561071
Request Chain 690
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZPyQDAALyhZyCwBV
Request Chain 694
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZPyQDcCo5tAAALg0PRAAAAAA
Request Chain 698
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=9dk3DQFqnvASlXRLhLJz&pi=gumgum&tc=1
Request Chain 699
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 706
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 708
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8fi0rP784vfqreT39qj_rfP74Krq9eOq9_lFcmpy
Request Chain 710
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aj3SRPHbRKOh73yJIa3zRQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 712
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2375861489 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345
Request Chain 713
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Y2U4TmZrV1FUcWhRZ3lONnM5aWVSTE8tZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6187144383698912030&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 714
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkEzREQyNDQtRjFEQi00NEEzLUExRUYtN0M4OTIxQURGMzQ1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 715
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENQ_uMd4GUyDb-vC0ydl5e4&google_cver=1
Request Chain 718
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6187144383698912030
Request Chain 730
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 732
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1034773037
Request Chain 733
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/67a2d8f4-85f6-53fc-a4b9-750cc045e504
Request Chain 737
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6187144383698912030
Request Chain 739
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/20fb49e4a9d3d27c8a4eb4240e9d6?gdpr_consent=&gdpr=0
Request Chain 757
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5803185560340488745&gdpr=0&gdpr_consent=
Request Chain 758
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VIN3NTqiXqNEj2Obly118Nly2hc&gdpr=0&gdpr_consent=
Request Chain 759
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276849492042250393&gdpr=0&gdpr_consent=
Request Chain 762
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 763
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCa3RrN0otU0FBQUNRWlBXRlVjUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAFf6k7J-SAAACerBT-Pqg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFf6k7J-SAAACerBT-Pqg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFf6k7J-SAAACerBT-Pqg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3094586480578561071&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFf6k7J-SAAACerBT-Pqg&gdpr=0&gdpr_consent=
Request Chain 766
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 767
  • https://pixel.onaudience.com/?partner=214&mapped=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0 HTTP 302
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=6187144383698912030&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f4c2a20eb85ba444/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 768
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=9502da27-ccbb-4dca-8427-a4151de61d5c&ssp=pubmatic
Request Chain 769
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3306217142786303795&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 772
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 773
  • https://pixel.onaudience.com/?partner=214&mapped=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e03aefc9352946fc65388e53b39e6dc7&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
  • https://stags.bluekai.com/site/52799?id=93e1056161087d47
Request Chain 775
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5803185560340488745&gdpr=0&gdpr_consent=
Request Chain 776
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a2757d6e-980e-477e-9df3-05a9ba443503&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=73c55841-967d-4cfb-871c-e44d1f69a60b&expires=1&user_group=5&ssp=pubmatic&bsw_param=a2757d6e-980e-477e-9df3-05a9ba443503&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a2757d6e-980e-477e-9df3-05a9ba443503&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 777
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VIN3NTqiXqNEj2Obly118Nly2hc&gdpr=0&gdpr_consent=
Request Chain 778
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276849492046837911&gdpr=0&gdpr_consent=
Request Chain 779
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3306217142786303795&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 783
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 784
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGZjZrN0otU0FBQUNlckJULVBxZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFf6k7J-SAAACerBT-Pqg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3094586480578561071&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAFf6k7J-SAAACerBT-Pqg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3094586480578561071%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3094586480578561071&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFf6k7J-SAAACerBT-Pqg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFf6k7J-SAAACerBT-Pqg&gdpr=0&gdpr_consent=
Request Chain 795
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=3&topUrl=www.bg3.co&bundle=dZ6ElV9PbFkzMldZbENFUWdVJTJGRWhINXBwa2FjUXkxZ0g2RWdReXprVHBsQ1B4QyUyRmY5Z2Q1ZXB1bWpHbjZXSVVtV1VVOWFPR3ZuMFMxOUhXT1h0bEVMNXIxYUNEazRtS2xtMVVFVHhaYXU3a3NPYTg5bVhFNFBOczBJdWc3aDd2dWhkdXBVYzglMkZZUzd0NUFQY2QzVFRyTU5lTWclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=x_82MnxNQ0VaWVJkVXdWS2I5b0c1bTNHVW9BaVZQVThhc1YyMFRTRzhFVmVLNG1LRDNzNDhHTk00em1oUXYreVdvWDh5VUg1MWdxaCt0SkxQeHhSSDVOdWN4YU5oVkZiZzAwbE1FbVhQclp0WHowenA3Y3VQVzZKSlRnSTJTTFpYUGVFdXFhbVgzenFySmp6RDdXVXB4bS81TVlDa1ZVcWl0YUtoOW5yU3MrWFZ5Z2lTTlNOcG0zSFhCSTdxL0xkZjlpSGlESFg4dU1JRW1lOTlNQ2JyczYycE1jZTRlNVNvSGZMZDZMOWxtY3grU3d4czJJR1VnRThHdEhVWTQvUHlkekNzdkdld3lVUzFTU09jaDBDclI1WFFGUT09fA&cppv=2

796 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
www.bg3.co/a/ 		50 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d6090ef5193fb5825e5ec7e6cc12c0b4dd410153c4bace585a6f0dd9390f15a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=900
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 15:32:22 GMT
etag
"c650-BqPedIyws183egKO4MctMydAm+Y"
expires
Sat, 09 Sep 2023 15:47:22 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 09 Sep 2023 15:32:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72941
x-xss-protection
0
server
sffe
etag
"1fd4dd9eff57c430"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 09 Sep 2023 15:32:23 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74ef1dc879279b310d54c27709e0b28aa7d18b1f7c23b4f1733b03047d538f2c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 09 Sep 2023 15:32:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9642
x-xss-protection
0
server
sffe
etag
"02dd63e520ffd2e6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 09 Sep 2023 15:32:23 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5302bfe1d93dd4e0efef96171eda6cc8a0a07b18d1ed21d428db1e49c397d33b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 09 Sep 2023 15:32:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7559
x-xss-protection
0
server
sffe
etag
"7e5f99ff05e5cd4c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 09 Sep 2023 15:32:23 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac8f57da73198d0ce1d7dc5537d21ee4ab8c099c5d48e053b2dd1dcbfe2e0128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29189
x-xss-protection
0
server
cafe
etag
100 / 19609 / 31077595 / config-hash: 18345592501010170579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:23 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 16:30:31 GMT
server
cloudflare
age
3893
etag
W/"64fb4c27-a067"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
80407bcc28a65c38-FRA
expires
Sun, 10 Sep 2023 02:27:30 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7139
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7efIAP42HrP207UxaqUolPQPiRBGo3FXoM3wg%2FnYBduClJ7MqeQi0U1XTP1hO%2B3hpywvUcWyKuDLfoY%2FChDgjsS1AGXYFzBIRExDMaK%2F7FtUJB0jnDfSDEedA8siVPtJGxYSGYsWuy3g18jQNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
80407bd13d318fe0-FRA

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D0) /
Resource Hash
3c0d9e37e84dce8c7cbdcf693b07b616bf8f1b6cfcba0eb651a159d8be031f8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-client-geo
DE
date
Sat, 09 Sep 2023 15:32:23 GMT
content-encoding
gzip
age
117023
x-cache
HIT
x-client-device
desktop
content-length
10580
x-ap-device
MOBILE
last-modified
Fri, 08 Sep 2023 07:00:32 GMT
server
ECAcc (ama/48D0)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
BE
expires
Sat, 09 Sep 2023 16:32:23 GMT
adpushup.js
cdn.adpushup.com/42753/ 		662 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:1786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
94fbae877ac9ccf349fb9534c36b97a6e6bb6adeba86ea4cc285842b560e16cd

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-country
DE
date
Sat, 09 Sep 2023 15:32:23 GMT
x-ap-device
DESKTOP
content-encoding
br
last-modified
Wed, 06 Sep 2023 22:24:57 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-ap-geo
CH
server-timing
cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="1694273543098_389027462_108240740_483_2718_34_74_146";dur=1
content-length
142558
expires
Sat, 09 Sep 2023 16:32:23 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		493 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1da8c9de4dd18fb2f600f2aaabe17fba093ff3e313b073bc5099775744e9590d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
B7ESEqt9U0d0JJqnlCaJeGglIiWiYfbN
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Sep 2023 15:32:23 GMT
x-amz-request-id
QKW8BEW0A65GJSQK
age
98
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
54035
x-amz-id-2
z6+wC52bI0N7QwPlilP89jR1Q0+18pSyTRYp9XLhTld/DJKMc91o03AHPf9FyEzapstmgq/xDkU=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 15:17:43 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694273543.066781,VS0,VE4
etag
"b35382d57c6b5b9ac2f9d781f1578799"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
76
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
impl.20230905-4-RELEASE.js
cdn.taboola.com/libtrc/ 		804 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
68c9b585e4b7bed0162034533ab90f9a0c90d308b059fddc9a21a483c6d065ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
DHSY4h5zVk1UjTokLGTmT4IpOCy1UIOB
content-encoding
br
via
1.1 varnish
date
Sat, 09 Sep 2023 15:32:23 GMT
x-amz-request-id
KTJ5G1T2ZY79WG4Y
age
21788
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
170225
x-amz-id-2
N19IwH4/N/0qjpx6UPvM4DrF7NvGmP8xnhrV6k24mww9BeCqS8cdgMqnU30S0hJvfiOoiWuNEek=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Tue, 05 Sep 2023 09:28:59 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694273543.144275,VS0,VE0
etag
"02e831e0d003d619395b9b4db0013950"
vary
Accept-Encoding
content-type
application/javascript
abp
90
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
7568
t.php
c.statcounter.com/ 		192 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=61C1AE0B4EE44F4889C8654002A96F84&java=1&security=dd738f34&sc_snum=1&sess=c49b29&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&t=%E7%99%BC%E6%8F%AE%E9%87%91%E8%9E%8D%E5%89%B5%E6%96%B0%E5%84%AA%E5%8B%A2%C2%A0%E2%80%9C%E6%94%BF%E9%8A%80%E6%93%94%E2%80%9D%E7%B7%9A%E4%B8%8A%E6%89%B9%E9%87%8F%E8%9E%8D%E8%B3%87%E6%93%94%E4%BF%9D%E5%90%88%E4%BD%9C%E6%A8%A1%E5%BC%8F%E6%8E%A8%E5%87%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=1470&sc_rum_e_e=1474&sc_rum_f_s=0&sc_rum_f_e=1426&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
80407bccd9355c38-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
04c4d37ae9c12cc7731fe54c89556f22.jpg
static.bg3.co/imgs/202109/ 		0
0
94651aacfc2eefd7411f99de237fb6da.jpg
static.bg3.co/imgs/202111/ 		0
0
a1ee9b988fd23d5fd545d7681a8c2706.jpg
static.bg3.co/imgs/202212/ 		0
0
dd3fefeb39f99742708f4762700dc3c1.jpg
static.bg3.co/imgs/202202/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:30 GMT
age
337553
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2968
x-xss-protection
0
server
sffe
etag
"20a8808a3fce3085"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:30 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:31 GMT
age
337552
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23124
x-xss-protection
0
server
sffe
etag
"91fba5c7cd59114d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:31 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		5 KB
903 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8dd10c4eabe829c55b6dc7b0b3c581ef3809a309008d16aa34ba0ba092f2b1d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
555
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:31 GMT
age
337552
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3948
x-xss-protection
0
server
sffe
etag
"a02df160e36bd176"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:31 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-14e98"
vary
Accept-Encoding
x-hw
1694273543.dop212.fr8.t,1694273543.cds209.fr8.hn,1694273543.cds235.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 13:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
5762
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129934
x-xss-protection
0
server
cafe
etag
17007686020673988365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Sep 2024 13:56:21 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
238074
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		73 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=17%3A32%3A23.253&lti=deflated&data=%7B%22id%22%3A28%2C%22ii%22%3A%22%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1694013456733%2C%22vi%22%3A1694273543250%2C%22cv%22%3A%2220230905-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%22%2C%22vpi%22%3A%22%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2574%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A612%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1d6ba73048e8c897fde133631ba54d3857a910d25eecd21c79825a69ffb41d49

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
247
date
Sat, 09 Sep 2023 15:32:23 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7351
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230057-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1694273543.270783,VS0,VE247
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1694273543.dop212.fr8.t,1694273543.cds209.fr8.hn,1694273543.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2447:c000:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date
Sat, 09 Sep 2023 03:41:04 GMT
Via
1.1 c0f1616474eb5ab66a150ca4467bd724.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P5
Age
42680
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
2776
Last-Modified
Wed, 06 Sep 2023 03:40:59 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
JLW_2TeVRzIvaxF9V1IcZHn-sRUAs_L4emn7AEV_cXiP1Pl-mdZwHw==
esp.js
cdn.id5-sync.com/api/1.0/ 		139 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 09:30:49 GMT
server
cloudflare
x-amz-request-id
MWKYM1T9JX7HPNB6
age
376
etag
W/"1a5f44cdb786ba83a7fa05963228f464"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
80407bce48f2694b-FRA
x-amz-id-2
pY6p/oR/2+42bVL00JT3+C3IDDYMcwXtdBkjms7Ftfj6yuck6lNYOYLZZtmAz8t1unTNOkNx5/Y=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27067
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FYzSitRqAeRGWW4OyheQFc55l1nbloIQHQlpCWIgUOGK2XgsPfy1Tej0ehv%2FyPVhh0Kzj8oD8LzwaEKVp9zVIaq9NNitv1H5UxMFGhJhT84o6nCbrRCgJqmp6USWnqGME72AdysZcqiErYvflo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
80407bce4df39ba0-FRA
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-ab99"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Sep 2023 15:32:23 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 02:29:26 GMT
content-encoding
gzip
age
1170177
x-guploader-uploadid
ADPycduOKtZ-jYI708NlmmpGXaU-NamfOkJWG4viTvwKHJcmSy94qlD08CPlfYu_2RHuf9tKSr4DZ6TG98ZrmcQ41lZhQQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 26 Aug 2024 02:29:26 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3553257487497326&correlator=2472138813035983&eid=31077747%2C31077595%2C44777901&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1694273543335&lmt=1694266343&adxs=220&adys=228&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&vis=1&psz=760x0&msz=760x0&fws=4&ohw=1600&ga_vid=2108848729.1694273543&ga_sid=1694273543&ga_hid=2064745187&ga_fc=false&dlt=1694273542734&idt=571&adks=3605545259&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6a79154fa8d80adb91d60adcd5849f11f1c81eaac0fc73daa8efe1deb8f52ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12459
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 74C1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:23 GMT
expires
Sun, 08 Sep 2024 15:32:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 1A25 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstp6r7-I_jih-f7ZmaY5CmimkRJXUQmfwzt2lQ94ItsMgkURW2Z-XupTuut5ENL5B_quNXq3mMQZymhZvexxPgkhg5Yb4LovRHktH--nBJLoXZiWfaMWiXy5XR8Rz6ZUrmrgqeiRKdNZyOiYyVXZ2oEIPP68odTazhXla27Djlm9nV7t8Qo716rNK2uYNdHhhj6Ms3_RfUFLl2Hq3hINE85SV25g5vEp0-T-XH7FlmLJ249actnYKqx2pCIPRuPFPcGjTMlU2obMgSHQpaenozo6LxGty9TLK9Kvmfc5xXP1c1VkJ9AixYEhaS4He3r8IgXucsp&sai=AMfl-YSvqu9uWIlQm-73M7uqreUJJTzus7V6UOnSUet0hHXEUjjj45_nWrfqkrSWILPBfYIg437vek9AbxFBi9P0tNBgXyUbpr-3vygU0KfUlOo&sig=Cg0ArKJSzMKciMyJjWsoEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 09 Sep 2023 15:32:23 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
content-encoding
gzip
last-modified
Fri, 18 Aug 2023 14:03:06 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64df7a1a-66bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 09 Sep 2023 16:32:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A25 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:23 GMT
increment
id5-sync.com/api/esp/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sat, 09 Sep 2023 15:32:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
floating-unit.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6b7babf84ce7797789a5680401cb436cdc9118988848a158ca54418412d1083

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
V1rselWEQkmv8ejM_YOT9pvQ4PsP3pyq
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Sep 2023 15:32:23 GMT
x-amz-request-id
YMYSCWQ4HDFV88QA
age
260318
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2474
x-amz-id-2
uc/TxTGKFcoM/JlekznaoFnw684uXNLIBkSY9K6l8dG1BXVc/d0aUPhpx7nxrtygWl9fxEaNMqY=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 15:13:46 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694273544.552904,VS0,VE0
etag
"9b0b24e2992039edeafef2deb5f869d2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
77
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4892
taboola-vignette-new-scanning.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9da2d7a84e76c27b93b2c4cacf7d94664404afa4c832a51b61516c3e510467c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
nyBLekRqWpLwFsYJ1PM2htL48qH2exXE
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Sep 2023 15:32:23 GMT
x-amz-request-id
GG3SZN1QSGHYAPZ8
age
260298
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
o+B0AKbDwwOufquBUhKM603c+EpaE5eo//GnTgnjAMIFfA/OIdq8E/w8MrYBJjugsAxyTQGJywI=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 15:14:06 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694273544.553575,VS0,VE0
etag
"fcf081c3f2e178fc5d019b3ef2860ee1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
94
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4021
distance-from-article.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2667c5a21fcde467613da8c09a1137467ff3ddbefd3cd4a8cc9f1b794524fba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
em2XoJWhDIGX2pPbKxuWmMDgPsr_r4ef
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Sep 2023 15:32:23 GMT
x-amz-request-id
VB7GC7DNR3DBAGXN
age
260329
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
MwndNzSFMrfPZuXlmjg+CH3RvIMFhrFGJpJWlIU4n1N0LM64WpnV/AGfobY9J5d7i0GAmvKutRg=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 15:13:35 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694273544.567968,VS0,VE0
etag
"0a16ddc5535f3ec9c04adb198a63ab57"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
57
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
75785
article-detection.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f149685a7ee57be9021e9195fe13705d2656c54b066f08be7c06a22c91b30585

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
VYQg0KzRzVKgsOUVIwoGWUZcIizdfOKZ
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Sep 2023 15:32:23 GMT
x-amz-request-id
F29PXCZ8HNKVHJH3
age
260336
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1292
x-amz-id-2
v/a7T3HLPP9VJKIs/ZoINAzTkQ4zUgmrWpgtYsjY3+QlOMnzxtML84PR9LAS30+tHp6+1yAQ708=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 15:13:28 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694273544.568311,VS0,VE0
etag
"a684a25a6af049d0fee39485c35b845e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
75797
article-and-feed-area-scanner.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
888f76105fb77df4b08a77b9fbf0746568ac052c7bc8597e5e0880565b86e895

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
fOyTBhgqz5FQ3RMtRWBYfaMIjaTXG7F_
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Sep 2023 15:32:23 GMT
x-amz-request-id
1WEMZ831J5J8E5XZ
age
260338
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1149
x-amz-id-2
OrBIsnOl8DMNGGS+8zZCwQJfqpV+dw6hLQncralM7SnlVvXy/dxHSngBJ+U15R4jYfoyiZDTLdQ=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 15:13:26 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694273544.568435,VS0,VE0
etag
"5b5131281ce111f3314a114c7f4e6b93"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
47
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
22689
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.3.0/ 		127 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c44e080ef80f83f7fc346253431046ff2bfe10ff0762acc1c247be5e169547ea

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
282467
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
36498
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Wed, 06 Sep 2023 09:01:32 GMT
server
AmazonS3
x-timer
S1694273544.617015,VS0,VE0
etag
"1865860838c0a4f202ab61510882ea01"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
MBwNQWWoasK9QdVBzfrJSMb4dGtXeyY63MWPfWLulxwQ0SOIpiRafA==
x-cache-hits
31017
feed-card-placeholder.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c0b56e48f5c453c09b9229d70e9e85aead182f70b1ff39245061bf60af6bc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
.8WMZOWcDpNm0.Ccx52jyM8r4MC6976_
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Sep 2023 15:32:23 GMT
x-amz-request-id
3KKZJT1BHCRVXYWY
age
260323
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
k6bhlbvN6KLmcGsQRfjoz7YptQAdyVlsTRKrgkvp9A4tCI+2N2yMesYwCKScEwY2BQFGyzS5cgE=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 15:13:40 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694273544.574956,VS0,VE0
etag
"a682091ea54d189e1c90f84edb66dc6a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
23
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
49692
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Sep 2023 15:32:23 GMT
x-amz-request-id
CCG7A4WVWN5WJAVZ
age
69
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694273544.577329,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
42
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
107
userx.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
659c04daa2a54bef52f7966dc3500b8e702c6c8cd1c4a3bf5516234d3fb10a74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
s_CdpOrxd5OMAuEV0GJ7BKn.ddN4GAhu
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Sep 2023 15:32:23 GMT
x-amz-request-id
J4VM1AJYK6QJHX3G
age
260294
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
FIq2NZRhejRV5eG0EITjnAVmFsTjNMpRi7giTA5FIjJKU6MUOB1ZCrrt1gNGOY6UXpqajzBu4iw=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 15:14:10 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694273544.585418,VS0,VE0
etag
"22ce59d71c04e51e63a2870100dee4d6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
17
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
28837
explore-more.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfb968ff7ebcfc502af4bee0e5b4fce1b3ddfc29b883947aa18737c7ddf4dc05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
nTny9pOwUaN6ss1oAQu2PcehWgBYcg1r
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Sep 2023 15:32:23 GMT
x-amz-request-id
NASXNJWVBD4GEBA1
age
260326
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8803
x-amz-id-2
V0wstXoV0n2+bJL8i51/PcQ4dHD4ffSYa39uaMHin2aUHH5b6pD7SOELnFltwMEFSga3o5C2Ra0=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 15:13:38 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694273544.598306,VS0,VE0
etag
"0da94878b067376092df0c027b53d238"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
56
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
29681
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi48=12611&tvi50=-50&lti=deflated&ri=16b69d770a71e09fda632ba729949d34&sd=v2_02f4ce1f0933fd647c86afc4190e2dfb_e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587_1694273543_1694273543_CNawjgYQ2YJdGNK4ytSnMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1694273543250&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=17%3A32%3A23.543&id=5624&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi48=12611&tvi50=-50&lti=deflated&ri=16b69d770a71e09fda632ba729949d34&sd=v2_02f4ce1f0933fd647c86afc4190e2dfb_e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587_1694273543_1694273543_CNawjgYQ2YJdGNK4ytSnMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1694273543250&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1694273543544%7D&tim=17%3A32%3A23.544&id=3031&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi48=12611&tvi50=-50&lti=deflated&ri=16b69d770a71e09fda632ba729949d34&sd=v2_02f4ce1f0933fd647c86afc4190e2dfb_e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587_1694273543_1694273543_CNawjgYQ2YJdGNK4ytSnMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1694273543250&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1694273543551%7D&tim=17%3A32%3A23.552&id=7936&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi48=12611&tvi50=-50&lti=deflated&ri=16b69d770a71e09fda632ba729949d34&sd=v2_02f4ce1f0933fd647c86afc4190e2dfb_e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587_1694273543_1694273543_CNawjgYQ2YJdGNK4ytSnMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1694273543250&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A32%3A23.588&id=5220&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A32%3A23.617&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=1861&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28162
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A32%3A23.618&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=287&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28162
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A32%3A23.625&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=3312&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28162
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A32%3A23.626&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5420&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28162
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A32%3A23.632&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=6612&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28205
block.jpg
delivery.adrecover.com/ 		631 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1694273543639
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F4) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires
Sun, 08 Sep 2024 15:32:23 GMT
date
Sat, 09 Sep 2023 15:32:23 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (ama/48F4)
age
2003219
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
DE
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:31 GMT
age
337552
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10339
x-xss-protection
0
server
sffe
etag
"6b0a8d436e5c7ad3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:31 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:df54:bbc1:d058:f5d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:1786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-country
DE
date
Sat, 09 Sep 2023 15:32:23 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
nginx/1.18.0
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=12, ak_p; desc="1694273543708_389027462_108242221_1217_1896_34_66_146";dur=1
content-length
122286
expires
Sun, 08 Sep 2024 15:32:23 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:1786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-country
DE
date
Sat, 09 Sep 2023 15:32:23 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1694273543775_389027462_108242222_322_1883_34_66_146";dur=1
content-length
211
expires
Sun, 08 Sep 2024 15:32:23 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:1786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-country
DE
date
Sat, 09 Sep 2023 15:32:23 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=68, origin; dur=0, ak_p; desc="1694273543782_389027462_108242231_6887_2417_35_0_146";dur=1
content-length
18371
expires
Sat, 09 Sep 2023 16:32:23 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQyNzM1NDM2OTEsInBhY2tldElkIjoiMDAwMEE3MDEtM2U4ODY2NDgtYzFlOC00OTMzLTgxNzYtNDA3YjM0YzcwMTc3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZhLWh1aS1qaW4tcm9uZy1jaHVhbmcteGluLXlvdS1zaGktemhlbmcteWluLWRhbi14aWFuLXNoYW5nLXBpLWxpYW5nLXJvbmctemktZGFuLWJhby1oZS16dW8tbW8tc2hpLXR1aS1jaHUuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2014.7000007629395
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:23 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:23 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		213 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
851e04ab30d3036701fa3d2b2a3db761579f1319cda0819efb17a2d7cf3a2862
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:47:09 GMT
age
337514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57751
x-xss-protection
0
server
sffe
etag
"df3f5bf96724b1a9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:47:09 GMT
syncframe
gum.criteo.com/ Frame C821 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:23 GMT
server
Kestrel
server-processing-duration-in-ticks
356295
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&rid=esp&cc=1
85 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&rid=esp&cc=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
1e69f5e67bf3407e626f25a92195ea69acf93dbdb690ef95c45ea371e3300c75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-FpZGwGNAkZdR7A/wQFUZqwSH0MI"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sat, 09 Sep 2023 15:32:23 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.bg3.co
location
/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
json
trc.taboola.com/palmate-bg3co/trc/3/ 		20 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=17%3A32%3A23.787&route=AM:AM:V&tvi48=12611&tvi50=-50&lti=deflated&data=%7B%22id%22%3A516%2C%22ii%22%3A%22%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_02f4ce1f0933fd647c86afc4190e2dfb_e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587_1694273543_1694273543_CNawjgYQ2YJdGNK4ytSnMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABom4_D7OWo_MhscAA%22%2C%22ui%22%3A%22e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587%22%2C%22uifp%22%3A%22e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587%22%2C%22lbt%22%3A1694013456733%2C%22vi%22%3A1694273543250%2C%22cv%22%3A%2220230905-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%22%2C%22vpi%22%3A%22%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3661%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A648%2C%22mw%22%3A760%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5415898105dab245e3e27a19cf65c9241e13b6cb6c2710de79c6c65dae1ffb47

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
208
date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7349
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230057-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1694273544.798206,VS0,VE208
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_960%2Cw_1280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_960%2Cw_1280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d45de95e45b1ed53ff4c9439986c5fb5c865c9e43e1020cc7aebf576a02e933b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sat, 09 Sep 2023 15:32:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_960%2Cw_1280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age
278421
edge-cache-tag
539264722275397693898618951167535693130,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
539264722275397693898618951167535693130,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
1989
req-referer
https://www.news.de/
content-length
125686
x-request-id
ea97305a5ae579c1efb737f012115025
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100159-IAD, cache-iad-kjyo7100113-IAD, cache-sna10720-LGB, cache-iad-kiad7000023-IAD, cache-fra-eddf8230057-FRA
last-modified
Thu, 10 Aug 2023 01:55:26 GMT
server
nginx
x-timer
S1694273544.818804,VS0,VE2
etag
"f6465055f5a58740ba0e99c081708b1f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
63eec33fb3a724db4a34153d1e4670990054a9f7f5bef60c6998e28d0b65523d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 09 Sep 2023 15:32:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age
279384
edge-cache-tag
539264722275397693898618951167535693130,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
539264722275397693898618951167535693130,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
632
req-referer
https://www.fussballtransfers.com/
content-length
70772
x-request-id
0f5f49d196f67e62743b8b7aa48a3f6b
x-backend-name
US_nlb103
x-served-by
cache-iad-kiad7000036-IAD, cache-iad-kiad7000162-IAD, cache-lga21948-LGA, cache-iad-kcgs7200116-IAD, cache-fra-eddf8230057-FRA
last-modified
Thu, 10 Aug 2023 01:55:26 GMT
server
nginx
x-timer
S1694273544.818825,VS0,VE1
etag
"acd0bc56b0057258db7e148a76fe5165"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
562cf3be4eaa94a9e2f627265fff4e11.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/562cf3be4eaa94a9e2f627265fff4e11.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0bd6c964a0c70aae4add2037b40df14ae771299aa1b1705120d2802d8e86c790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sat, 09 Sep 2023 15:32:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/562cf3be4eaa94a9e2f627265fff4e11.jpg
age
2496063
edge-cache-tag
347810432484749821870950225620725984890,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
347810432484749821870950225620725984890,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
121
expiration
expiry-date="Tue, 29 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hoerzu.de/
content-length
13532
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100107-IAD, cache-iad-kiad7000066-IAD, cache-chi-kigq8000080-CHI, cache-iad-kiad7000119-IAD, cache-fra-eddf8230057-FRA
last-modified
Sat, 29 Jul 2023 09:18:29 GMT
server
nginx
x-timer
S1694273544.818818,VS0,VE2
etag
"653e97a98b6ddadd976dc5b50a63348d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2, 1
fcced33d44341b0ec47cb377937939f3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fcced33d44341b0ec47cb377937939f3.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3682ad3ff57003cb05702064073c0429c9c7a8677de21df73081a3cd48df53fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sat, 09 Sep 2023 15:32:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fcced33d44341b0ec47cb377937939f3.jpg
age
2426337
edge-cache-tag
373296298211063029669737339617667053320,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
373296298211063029669737339617667053320,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
261
expiration
expiry-date="Thu, 31 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://icilome.com/
content-length
39140
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100162-IAD, cache-iad-kiad7000156-IAD, cache-sna10729-LGB, cache-iad-kjyo7100124-IAD, cache-fra-eddf8230057-FRA
last-modified
Mon, 31 Jul 2023 22:52:41 GMT
server
nginx
x-timer
S1694273544.818802,VS0,VE2
etag
"49a82fc1ce97bdbab9d90c232a466f0f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 18, 1
f69798697d57836303d40015a20abc73.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f69798697d57836303d40015a20abc73.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bca0cd197c020a27755c9010fbf1f4856e50064f5aa9efdb77ba2819afa1c50e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 09 Sep 2023 15:32:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f69798697d57836303d40015a20abc73.png
age
257945
edge-cache-tag
357145662697072923397544531106118029968,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
357145662697072923397544531106118029968,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
293
req-referer
https://www.crash.net/
content-length
13512
x-request-id
10851ab0f72a3134939e614a8a3f2dd9
x-backend-name
CH_nlb804
x-served-by
cache-iad-kjyo7100154-IAD, cache-iad-kiad7000022-IAD, cache-iad-kiad7000160-IAD, cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 14:59:19 GMT
server
nginx
x-timer
S1694273544.818842,VS0,VE1
etag
"c6f6bbb018d9001636cd72e5177680cf"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
65b49723fe6a2bc561461200a0d2c434.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/65b49723fe6a2bc561461200a0d2c434.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2791315b51d5575622b3e44be08d617227c617032471a171daa38b9dff37b263

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 09 Sep 2023 15:32:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/65b49723fe6a2bc561461200a0d2c434.jpg
age
2276224
edge-cache-tag
413319482715284789409265950698655063087,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
413319482715284789409265950698655063087,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1238
req-referer
https://www.freenet.de/
content-length
12754
x-request-id
667c2ed96a6f6000c949637624ad3b6b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100129-IAD, cache-iad-kjyo7100044-IAD, cache-sna10749-LGB, cache-iad-kcgs7200163-IAD, cache-fra-eddf8230057-FRA
last-modified
Sun, 13 Aug 2023 05:37:04 GMT
server
nginx
x-timer
S1694273544.818810,VS0,VE1
etag
"a15a4e791ba212bb2158057402bfd6f6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5, 1
d5f199f3-37b2-4cf4-9d02-f6d39ec7c8ea__tMWCDVvn.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d5f199f3-37b2-4cf4-9d02-f6d39ec7c8ea__tMWCDVvn.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
472681b92529d46e3cc75519c8da89d237e5d98207f4cb245e851371f17500fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sat, 09 Sep 2023 15:32:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d5f199f3-37b2-4cf4-9d02-f6d39ec7c8ea__tMWCDVvn.jpg
age
138599
edge-cache-tag
369116046885015018519808381682602572376,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
369116046885015018519808381682602572376,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
615
req-referer
https://www.wr.de/
content-length
29574
x-request-id
f60b3e4447d88bd28c510372b61c5d49
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200039-IAD, cache-iad-kiad7000151-IAD, cache-iad-kcgs7200027-IAD, cache-fra-eddf8230057-FRA
last-modified
Thu, 07 Sep 2023 07:46:48 GMT
server
nginx
x-timer
S1694273544.845828,VS0,VE2
etag
"d2192c3de7dbd5b3c98b622a78385bb1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1
2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
91d5c929d603976d4cef2a043200c9556cc06925abd28d19ee719301ea617275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 09 Sep 2023 15:32:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age
279680
edge-cache-tag
539264722275397693898618951167535693130,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
539264722275397693898618951167535693130,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
608
expiration
expiry-date="Mon, 02 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.fussballtransfers.com/
content-length
78708
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200166-IAD, cache-iad-kiad7000105-IAD, cache-iad-kiad7000129-IAD, cache-fra-eddf8230057-FRA
last-modified
Fri, 01 Sep 2023 11:47:36 GMT
server
nginx
x-timer
S1694273544.845909,VS0,VE1
etag
"33d64e6f46762b33b7b0d79ea8388430"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
f69798697d57836303d40015a20abc73.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f69798697d57836303d40015a20abc73.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5b4320ae1f690c81114bd9987f60f99284454a6dd52593708dfb26b56956e1a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 09 Sep 2023 15:32:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f69798697d57836303d40015a20abc73.png
age
261185
edge-cache-tag
357145662697072923397544531106118029968,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
357145662697072923397544531106118029968,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
253
req-referer
https://www.t-online.de/
content-length
15680
x-request-id
5521d382f77ae460ca161c1429050e3a
x-backend-name
CH_nlb804
x-served-by
cache-iad-kcgs7200177-IAD, cache-iad-kiad7000142-IAD, cache-iad-kjyo7100177-IAD, cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 14:59:19 GMT
server
nginx
x-timer
S1694273544.850515,VS0,VE1
etag
"2a92e7f557da8249ffdc4dc569d4aa0e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
562cf3be4eaa94a9e2f627265fff4e11.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/562cf3be4eaa94a9e2f627265fff4e11.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
415d230a7f237f3aefcc12b80c273ba3a4f153478982055db5b7660951b007f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Sat, 09 Sep 2023 15:32:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/562cf3be4eaa94a9e2f627265fff4e11.jpg
age
3992961
edge-cache-tag
347810432484749821870950225620725984890,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
347810432484749821870950225620725984890,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
243
expiration
expiry-date="Fri, 28 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.richouses.com/
content-length
33488
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100107-IAD, cache-iad-kiad7000066-IAD, cache-lga21941-LGA, cache-iad-kcgs7200023-IAD, cache-fra-eddf8230057-FRA
last-modified
Tue, 27 Jun 2023 08:31:10 GMT
server
nginx
x-timer
S1694273544.850649,VS0,VE3
etag
"653e97a98b6ddadd976dc5b50a63348d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 5, 1, 2, 1
fcced33d44341b0ec47cb377937939f3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fcced33d44341b0ec47cb377937939f3.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9233e854060540506407be1a554fe1c5f568ceea94e93694c6ca4a64f8a5d01b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sat, 09 Sep 2023 15:32:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fcced33d44341b0ec47cb377937939f3.jpg
age
2766573
edge-cache-tag
373296298211063029669737339617667053320,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
373296298211063029669737339617667053320,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
358
expiration
expiry-date="Fri, 25 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
129596
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200168-IAD, cache-iad-kiad7000092-IAD, cache-iad-kiad7000053-IAD, cache-fra-eddf8230057-FRA
last-modified
Tue, 25 Jul 2023 07:53:43 GMT
server
nginx
x-timer
S1694273544.851689,VS0,VE2
etag
"44f4a8596eeea6662aa9ecf19a5dfa41"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 4, 1
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQyNzM1NDM4MzIsInBhY2tldElkIjoiMDAwMEE3MDEtM2U4ODY2NDgtYzFlOC00OTMzLTgxNzYtNDA3YjM0YzcwMTc3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZhLWh1aS1qaW4tcm9uZy1jaHVhbmcteGluLXlvdS1zaGktemhlbmcteWluLWRhbi14aWFuLXNoYW5nLXBpLWxpYW5nLXJvbmctemktZGFuLWJhby1oZS16dW8tbW8tc2hpLXR1aS1jaHUuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=2155.2000007629395
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:23 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
truncated
/ Frame 1A25 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ba429df07d3a650c76259a2c5ca23535b7e49447390e39f00b1c2dbb7e7e767

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 1A25 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQN3Fd9OoQA7ihKGWMrY8tv5vhMrGUhawtdEQC7SMB82AC0Enr7WOVFsu1e_GGoS3mU9f1ZMJJnMGx3bP1m5bl_ePr0fCBuC57PRNuL-M16EBt0zK-8N5Qw6b1gx-QKY1C667mUBrIhPdjH24Tx8q7wsyxijYG4ldM5-taphG77K7zA9pD7Ber2511xV0U2dg8Y9dSjlkw7-KvAOlmveJ_Roc6_VGw8nt9Va3c-h9nIcNqe4-9R5hKfU8xmVtrcRDuS1vrE0cCZLORpwsDQ897-eQvjrSzNyFzFvoDkz2YvfTJPDIzeqjNa7FofJLEUneVQ7zpZS4&sai=AMfl-YTwz7URTEi4Sze81PF07G868gkVqz50MYmweXft_hjBEV2hmx1ytbZEAp9asUHwxngPpvl-xBiReoxi509wTIQ4qzFtTJXTSllNkei4Oys&sig=Cg0ArKJSzDqfBlhYKwlxEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 09 Sep 2023 15:32:23 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQyNzM1NDM4ODgsInBhY2tldElkIjoiMDAwMEE3MDEtM2U4ODY2NDgtYzFlOC00OTMzLTgxNzYtNDA3YjM0YzcwMTc3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZhLWh1aS1qaW4tcm9uZy1jaHVhbmcteGluLXlvdS1zaGktemhlbmcteWluLWRhbi14aWFuLXNoYW5nLXBpLWxpYW5nLXJvbmctemktZGFuLWJhby1oZS16dW8tbW8tc2hpLXR1aS1jaHUuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=2211.8999977111816
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:23 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQyNzM1NDM4OTEsInBhY2tldElkIjoiMDAwMEE3MDEtM2U4ODY2NDgtYzFlOC00OTMzLTgxNzYtNDA3YjM0YzcwMTc3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZhLWh1aS1qaW4tcm9uZy1jaHVhbmcteGluLXlvdS1zaGktemhlbmcteWluLWRhbi14aWFuLXNoYW5nLXBpLWxpYW5nLXJvbmctemktZGFuLWJhby1oZS16dW8tbW8tc2hpLXR1aS1jaHUuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF8zMzZYMjgwXzg2MWUwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M18zMzZYMjgwXzg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlcnZpY2VzIjpbNV0sImFkVW5pdFR5cGUiOjh9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=2214.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:23 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3553257487497326&correlator=395478937526988&eid=31077747%2C31077595%2C44777901&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&arp=1&abxe=1&dt=1694273543898&lmt=1694266343&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2108848729.1694273543&ga_sid=1694273543&ga_hid=2064745187&ga_fc=false&dlt=1694273542734&idt=571&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_8_0_pv%26cluster_reporting%3Dchrome_DESKTOP_8_1_active_0_pv%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv5_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6214b8cb35a8eab87dd3348c8232d4b7a21cc863e04705c5367cd35e5eff2cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17346
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl_page_level_ads.js?cb=31077595
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9aabc95877405be6d241a9c2aac270eb9f0da56062d1cbc78c922eaf9004c8b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 18:37:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
75304
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13172
x-xss-protection
0
server
cafe
etag
7949494514302333357
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 07 Sep 2024 18:37:19 GMT
next-up-widget.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71e375d5444b117a25725466b97c277c7b7243523340f8ace4c58ad259f28982

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
16i_W0SfO4iu5HUNttGCzqfI5eyuaJk9
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Sep 2023 15:32:23 GMT
x-amz-request-id
5Z6D55KEA63Q4GDX
age
260315
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
zbA9d3vwZFWk0ANy7tqhXOmmLnCfK5m/3x33rRTsy4bo2JGe2Az9RZf1dL8FcKvA8rZnXttJGN0=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 15:13:49 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694273544.916575,VS0,VE0
etag
"206e75ae80c2530bd7615c594f84c2e4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
2
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4831
impress
ad.vidverto.io/delivery/ 		52 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&referrer=&async=1&uid=9925783220&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e2753d0d7f293d954ca2d9f45faf09744f0eb6fe10cd9fef35772758e25c2253

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sat, 09 Sep 2023 15:32:23 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQyNzM1NDM4MzIsInBhY2tldElkIjoiMDAwMEE3MDEtM2U4ODY2NDgtYzFlOC00OTMzLTgxNzYtNDA3YjM0YzcwMTc3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZhLWh1aS1qaW4tcm9uZy1jaHVhbmcteGluLXlvdS1zaGktemhlbmcteWluLWRhbi14aWFuLXNoYW5nLXBpLWxpYW5nLXJvbmctemktZGFuLWJhby1oZS16dW8tbW8tc2hpLXR1aS1jaHUuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2240.3999977111816
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:23 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 16 Sep 2023 15:32:24 GMT
sid
mug.criteo.com/ Frame C821
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=mdAS0XxCSUpwQitTdDF1OGJ6K1Q2d3hZWDFRUFAvNWMwU1dFdUdKcXhDeXRVVVFEVDNzbC9DQ2lZZWhFc2VJOFlMQi9yczlCbnFndnZMa0U0SXMyWnR6d0h4eFM0eE5TdFpoYzY2dGYzenpDQmplY0tlRTJTMG9TTW1nU2...
428 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mdAS0XxCSUpwQitTdDF1OGJ6K1Q2d3hZWDFRUFAvNWMwU1dFdUdKcXhDeXRVVVFEVDNzbC9DQ2lZZWhFc2VJOFlMQi9yczlCbnFndnZMa0U0SXMyWnR6d0h4eFM0eE5TdFpoYzY2dGYzenpDQmplY0tlRTJTMG9TTW1nU24zK3JWaVczK1VXdHhRbmozZXMrcnB5WGVrYnp6Rm5XdjBxMURnWGNndWdUQldmalpreHJGTWFVZDgrTGhUeWduQkxaUHpsZU96L3BEQnk1elRhOEVzV2IwdkdMWWtPK2pxVmVTa0FjZ0tSQW9sbFR4NU1EYUFHQjNVOTFFaVZ4ZVducUE2Q3NLUnZCSXBPYW9vOWpyVTF2WGl6VytjZz09fA&cppv=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
93ce2e2ea9326da5e65fc5354daf17b3e745653fa011bc8317dbddfd0372e9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1683583
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=mdAS0XxCSUpwQitTdDF1OGJ6K1Q2d3hZWDFRUFAvNWMwU1dFdUdKcXhDeXRVVVFEVDNzbC9DQ2lZZWhFc2VJOFlMQi9yczlCbnFndnZMa0U0SXMyWnR6d0h4eFM0eE5TdFpoYzY2dGYzenpDQmplY0tlRTJTMG9TTW1nU24zK3JWaVczK1VXdHhRbmozZXMrcnB5WGVrYnp6Rm5XdjBxMURnWGNndWdUQldmalpreHJGTWFVZDgrTGhUeWduQkxaUHpsZU96L3BEQnk1elRhOEVzV2IwdkdMWWtPK2pxVmVTa0FjZ0tSQW9sbFR4NU1EYUFHQjNVOTFFaVZ4ZVducUE2Q3NLUnZCSXBPYW9vOWpyVTF2WGl6VytjZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
276068
content-length
0
expires
0
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		110 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:30 GMT
age
337553
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32129
x-xss-protection
0
server
sffe
etag
"d5ab003501cb3fb7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:30 GMT
nameframe.html
d-27262595401722679046.ampproject.net/2308242321000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-27262595401722679046.ampproject.net/2308242321000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
63eec33fb3a724db4a34153d1e4670990054a9f7f5bef60c6998e28d0b65523d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age
279384
edge-cache-tag
539264722275397693898618951167535693130,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
539264722275397693898618951167535693130,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
632
req-referer
https://www.fussballtransfers.com/
content-length
70772
x-request-id
0f5f49d196f67e62743b8b7aa48a3f6b
x-backend-name
US_nlb103
x-served-by
cache-iad-kiad7000036-IAD, cache-iad-kiad7000162-IAD, cache-lga21948-LGA, cache-iad-kcgs7200116-IAD, cache-fra-eddf8230057-FRA
last-modified
Thu, 10 Aug 2023 01:55:26 GMT
server
nginx
x-timer
S1694273544.004200,VS0,VE0
etag
"acd0bc56b0057258db7e148a76fe5165"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
562cf3be4eaa94a9e2f627265fff4e11.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/562cf3be4eaa94a9e2f627265fff4e11.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0bd6c964a0c70aae4add2037b40df14ae771299aa1b1705120d2802d8e86c790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/562cf3be4eaa94a9e2f627265fff4e11.jpg
age
2496063
edge-cache-tag
347810432484749821870950225620725984890,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
347810432484749821870950225620725984890,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
121
expiration
expiry-date="Tue, 29 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hoerzu.de/
content-length
13532
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100107-IAD, cache-iad-kiad7000066-IAD, cache-chi-kigq8000080-CHI, cache-iad-kiad7000119-IAD, cache-fra-eddf8230057-FRA
last-modified
Sat, 29 Jul 2023 09:18:29 GMT
server
nginx
x-timer
S1694273544.005230,VS0,VE0
etag
"653e97a98b6ddadd976dc5b50a63348d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2, 2
fcced33d44341b0ec47cb377937939f3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fcced33d44341b0ec47cb377937939f3.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3682ad3ff57003cb05702064073c0429c9c7a8677de21df73081a3cd48df53fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fcced33d44341b0ec47cb377937939f3.jpg
age
2426337
edge-cache-tag
373296298211063029669737339617667053320,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
373296298211063029669737339617667053320,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
261
expiration
expiry-date="Thu, 31 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://icilome.com/
content-length
39140
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100162-IAD, cache-iad-kiad7000156-IAD, cache-sna10729-LGB, cache-iad-kjyo7100124-IAD, cache-fra-eddf8230057-FRA
last-modified
Mon, 31 Jul 2023 22:52:41 GMT
server
nginx
x-timer
S1694273544.005119,VS0,VE0
etag
"49a82fc1ce97bdbab9d90c232a466f0f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 18, 2
f69798697d57836303d40015a20abc73.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f69798697d57836303d40015a20abc73.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bca0cd197c020a27755c9010fbf1f4856e50064f5aa9efdb77ba2819afa1c50e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f69798697d57836303d40015a20abc73.png
age
257945
edge-cache-tag
357145662697072923397544531106118029968,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
357145662697072923397544531106118029968,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
293
req-referer
https://www.crash.net/
content-length
13512
x-request-id
10851ab0f72a3134939e614a8a3f2dd9
x-backend-name
CH_nlb804
x-served-by
cache-iad-kjyo7100154-IAD, cache-iad-kiad7000022-IAD, cache-iad-kiad7000160-IAD, cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 14:59:19 GMT
server
nginx
x-timer
S1694273544.005791,VS0,VE0
etag
"c6f6bbb018d9001636cd72e5177680cf"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 2
65b49723fe6a2bc561461200a0d2c434.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/65b49723fe6a2bc561461200a0d2c434.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2791315b51d5575622b3e44be08d617227c617032471a171daa38b9dff37b263

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/65b49723fe6a2bc561461200a0d2c434.jpg
age
2276224
edge-cache-tag
413319482715284789409265950698655063087,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
413319482715284789409265950698655063087,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1238
req-referer
https://www.freenet.de/
content-length
12754
x-request-id
667c2ed96a6f6000c949637624ad3b6b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100129-IAD, cache-iad-kjyo7100044-IAD, cache-sna10749-LGB, cache-iad-kcgs7200163-IAD, cache-fra-eddf8230057-FRA
last-modified
Sun, 13 Aug 2023 05:37:04 GMT
server
nginx
x-timer
S1694273544.005310,VS0,VE0
etag
"a15a4e791ba212bb2158057402bfd6f6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5, 2
d5f199f3-37b2-4cf4-9d02-f6d39ec7c8ea__tMWCDVvn.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d5f199f3-37b2-4cf4-9d02-f6d39ec7c8ea__tMWCDVvn.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
472681b92529d46e3cc75519c8da89d237e5d98207f4cb245e851371f17500fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d5f199f3-37b2-4cf4-9d02-f6d39ec7c8ea__tMWCDVvn.jpg
age
138599
edge-cache-tag
369116046885015018519808381682602572376,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
369116046885015018519808381682602572376,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
615
req-referer
https://www.wr.de/
content-length
29574
x-request-id
f60b3e4447d88bd28c510372b61c5d49
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200039-IAD, cache-iad-kiad7000151-IAD, cache-iad-kcgs7200027-IAD, cache-fra-eddf8230057-FRA
last-modified
Thu, 07 Sep 2023 07:46:48 GMT
server
nginx
x-timer
S1694273544.006269,VS0,VE0
etag
"d2192c3de7dbd5b3c98b622a78385bb1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2
2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
91d5c929d603976d4cef2a043200c9556cc06925abd28d19ee719301ea617275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age
279680
edge-cache-tag
539264722275397693898618951167535693130,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
539264722275397693898618951167535693130,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
608
expiration
expiry-date="Mon, 02 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.fussballtransfers.com/
content-length
78708
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200166-IAD, cache-iad-kiad7000105-IAD, cache-iad-kiad7000129-IAD, cache-fra-eddf8230057-FRA
last-modified
Fri, 01 Sep 2023 11:47:36 GMT
server
nginx
x-timer
S1694273544.034829,VS0,VE0
etag
"33d64e6f46762b33b7b0d79ea8388430"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2
f69798697d57836303d40015a20abc73.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f69798697d57836303d40015a20abc73.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5b4320ae1f690c81114bd9987f60f99284454a6dd52593708dfb26b56956e1a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f69798697d57836303d40015a20abc73.png
age
261185
edge-cache-tag
357145662697072923397544531106118029968,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
357145662697072923397544531106118029968,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
253
req-referer
https://www.t-online.de/
content-length
15680
x-request-id
5521d382f77ae460ca161c1429050e3a
x-backend-name
CH_nlb804
x-served-by
cache-iad-kcgs7200177-IAD, cache-iad-kiad7000142-IAD, cache-iad-kjyo7100177-IAD, cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 14:59:19 GMT
server
nginx
x-timer
S1694273544.035010,VS0,VE0
etag
"2a92e7f557da8249ffdc4dc569d4aa0e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 2
562cf3be4eaa94a9e2f627265fff4e11.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/562cf3be4eaa94a9e2f627265fff4e11.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
415d230a7f237f3aefcc12b80c273ba3a4f153478982055db5b7660951b007f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/562cf3be4eaa94a9e2f627265fff4e11.jpg
age
3992961
edge-cache-tag
347810432484749821870950225620725984890,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
347810432484749821870950225620725984890,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
243
expiration
expiry-date="Fri, 28 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.richouses.com/
content-length
33488
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100107-IAD, cache-iad-kiad7000066-IAD, cache-lga21941-LGA, cache-iad-kcgs7200023-IAD, cache-fra-eddf8230057-FRA
last-modified
Tue, 27 Jun 2023 08:31:10 GMT
server
nginx
x-timer
S1694273544.035004,VS0,VE0
etag
"653e97a98b6ddadd976dc5b50a63348d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 5, 1, 2, 2
fcced33d44341b0ec47cb377937939f3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fcced33d44341b0ec47cb377937939f3.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9233e854060540506407be1a554fe1c5f568ceea94e93694c6ca4a64f8a5d01b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fcced33d44341b0ec47cb377937939f3.jpg
age
2766573
edge-cache-tag
373296298211063029669737339617667053320,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
373296298211063029669737339617667053320,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
358
expiration
expiry-date="Fri, 25 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
129596
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200168-IAD, cache-iad-kiad7000092-IAD, cache-iad-kiad7000053-IAD, cache-fra-eddf8230057-FRA
last-modified
Tue, 25 Jul 2023 07:53:43 GMT
server
nginx
x-timer
S1694273544.035222,VS0,VE0
etag
"44f4a8596eeea6662aa9ecf19a5dfa41"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 4, 2
2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_960%2Cw_1280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_960%2Cw_1280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d45de95e45b1ed53ff4c9439986c5fb5c865c9e43e1020cc7aebf576a02e933b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_960%2Cw_1280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age
278421
edge-cache-tag
539264722275397693898618951167535693130,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
539264722275397693898618951167535693130,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
1989
req-referer
https://www.news.de/
content-length
125686
x-request-id
ea97305a5ae579c1efb737f012115025
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100159-IAD, cache-iad-kjyo7100113-IAD, cache-sna10720-LGB, cache-iad-kiad7000023-IAD, cache-fra-eddf8230057-FRA
last-modified
Thu, 10 Aug 2023 01:55:26 GMT
server
nginx
x-timer
S1694273544.035432,VS0,VE0
etag
"f6465055f5a58740ba0e99c081708b1f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi48=12611&tvi50=-50&lti=deflated&ri=16b69d770a71e09fda632ba729949d34&sd=v2_02f4ce1f0933fd647c86afc4190e2dfb_e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587_1694273543_1694273543_CNawjgYQ2YJdGNK4ytSnMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1694273543250&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1080%7D%22%2C%22eventTime%22%3A1694273544058%7D&tim=17%3A32%3A24.058&id=2288&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A32%3A24.069&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=8506&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28540
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 14:18:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Sep 2023 15:32:24 GMT
spa-detector.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e016d3df93459256a6fe9e8138adba21bfba1589672c6149fb5bbde470580c20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
KEGvtegWzhSmJ0zyOWVzsjMEuOiRrSzx
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Sep 2023 15:32:24 GMT
x-amz-request-id
5Z1CHXFC88GT13TW
age
260307
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
779
x-amz-id-2
1R6YEO9Myr91tXufEJQPPNQ2KLQnJQ8K96AKA2aZIoxRcffRrKxm7cTEbrWPZe7wMn0nAh2HBz4=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 15:13:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694273544.091261,VS0,VE0
etag
"f7cc4f6d837535cfe5c09f38624a17a0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
20
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
30177
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi48=12611&tvi50=-50&lti=deflated&ri=16b69d770a71e09fda632ba729949d34&sd=v2_02f4ce1f0933fd647c86afc4190e2dfb_e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587_1694273543_1694273543_CNawjgYQ2YJdGNK4ytSnMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1694273543250&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A32%3A24.070&id=4954&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi48=12611&tvi50=-50&lti=deflated&ri=16b69d770a71e09fda632ba729949d34&sd=v2_02f4ce1f0933fd647c86afc4190e2dfb_e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587_1694273543_1694273543_CNawjgYQ2YJdGNK4ytSnMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1694273543250&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1694273544078%7D&tim=17%3A32%3A24.078&id=4109&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi48=12611&tvi50=-50&lti=deflated&ri=16b69d770a71e09fda632ba729949d34&sd=v2_02f4ce1f0933fd647c86afc4190e2dfb_e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587_1694273543_1694273543_CNawjgYQ2YJdGNK4ytSnMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1694273543250&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A32%3A24.080&id=8380&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi48=12611&tvi50=-50&lti=deflated&ri=16b69d770a71e09fda632ba729949d34&sd=v2_02f4ce1f0933fd647c86afc4190e2dfb_e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587_1694273543_1694273543_CNawjgYQ2YJdGNK4ytSnMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1694273543250&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1694273544081%7D&tim=17%3A32%3A24.082&id=232&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
onetag-sys.com/usync/ Frame 607B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
moxplayer.css
ad.vidverto.io/js/moxplayer/ 		51 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/moxplayer/moxplayer.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-cbf7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 09 Sep 2023 16:32:24 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		358 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13c151da3c1ba1beea84e45b9a7f92f2b553c26c07615626a55745d5595cd42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126089
x-xss-protection
0
expires
Sat, 09 Sep 2023 15:32:24 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 09 Sep 2023 16:32:24 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 17:10:25 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6442c381-edf4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 09 Sep 2023 16:32:24 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		87 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?08092023
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dae0b88c1732815e47cb0d2d0d7e270b9225d316216ee4ba20ab74eea6d8525c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
last-modified
Fri, 08 Sep 2023 10:57:53 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64fafe31-15d8c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 09 Sep 2023 16:32:24 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 07:44:44 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdedec-205ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 09 Sep 2023 16:32:24 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		280 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0eabf223abecabda52f55a16a73a20e2465beacb8811cdb8d129b4e8378937b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
last-modified
Thu, 07 Sep 2023 17:02:00 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64fa0208-461ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 09 Sep 2023 16:32:24 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D0cedbfba-6b1c-4f30-872c-f321e0d521a1%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=0cedbfba-6b1c-4f30-872c-f321e0d521a1&p_id=23
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=0cedbfba-6b1c-4f30-872c-f321e0d521a1&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=0cedbfba-6b1c-4f30-872c-f321e0d521a1&p_id=23
date
Sat, 09 Sep 2023 15:32:24 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=0cedbfba-6b1c-4f30-872c-f321e0d521a1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=0cedbfba-6b1c-4f30-872c-f321e0d521a1&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=67a2d8f4-85f6-53fc-a4b9-750cc045e504&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=a2757d6e-980e-477e-9df3-05a9ba443503&p_id=15
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=a2757d6e-980e-477e-9df3-05a9ba443503&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Server
175.110.113.213 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=a2757d6e-980e-477e-9df3-05a9ba443503&p_id=15
date
Sat, 09 Sep 2023 15:32:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Sat, 16 Sep 2023 15:32:24 GMT
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi48=12611&tvi50=-50&lti=deflated&ri=ad5720f2c526fc8ea3b24959513baf23&sd=v2_02f4ce1f0933fd647c86afc4190e2dfb_e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587_1694273543_1694273543_CNawjgYQ2YJdGNK4ytSnMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1694273543250&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2218%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A32%3A24.154&id=7109&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A32%3A24.160&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-c-delta&llvl=2&id=1948&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27014
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
657 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4435
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2B7pJUxR6txdHuqJcf6Yt%2FskWLbSM788eoCNzl%2FnRnjTVbxG4I%2B%2FLqZPSvYO56NzXgqzhz7p7nz9k6ZMDSVrA1GHuscN0viLhKSrB0X5uDCT%2BG3BRc%2FoaomxDel8ttc9BVoV87S0SXazGkJScQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
80407bd34f278fe0-FRA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
ab2ca67dd2f6aea748ca0e12dbee889e28df500c319756e726ace579a18209d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
ab2ca67dd2f6aea748ca0e12dbee889e28df500c319756e726ace579a18209d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230909
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddc9142d756ee21e54f3a35794d50954db4e1e00afeca4c181a7d7a6963588f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
41492
x-jsd-version
1.0.1807
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4532-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63c-19nn2qAjh+v9PgbzMwWf/CEgP0w"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUw4NMN0YuAICPekIexJFzjqVxvOw3Y%2B681C8KiiTamBNf%2BtRWu7i8raXM3AtcRwElAccC%2F9p0cZ5Qy3wAZ7uC3rtOzfLDeagiiqvcQf%2FyU%2Fvox6iNoP5KzvIUhKw9mkRIIWZsezDUohWMTDApE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
80407bd3be633a70-FRA
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
6f7360a1dba8cf357c1970e01ebbbb4f52f6af021c67774a67741410d1c6452b

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.128.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		9 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=089cb91b-b441-4b53-83b4-d83b3f8bb85f%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E7%99%BC%E6%8F%AE%E9%87%91%E8%9E%8D%E5%89%B5%E6%96%B0%E5%84%AA%E5%8B%A2%E2%80%9C%E6%94%BF%E9%8A%80%E6%93%94%E2%80%9D%E7%B7%9A%E4%B8%8A%E6%89%B9%E9%87%8F%E8%9E%8D%E8%B3%87%E6%93%94%E4%BF%9D%E5%90%88%E4%BD%9C%E6%A8%A1%E5%BC%8F%E6%8E%A8%E5%87%BA&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=3d6fe58b-853f-4633-aac7-de583c4c1dad%3B421ccdeb-f160-4237-9567-56a149d2436c&l_pb_bid_id=2fc640477dc85b%3B3e75bffc394ba7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3d6fe58b-853f-4633-aac7-de583c4c1dad%3B421ccdeb-f160-4237-9567-56a149d2436c&rp_maxbids=1&slots=2&rand=0.6425853250971696
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a01b74752f83eb2dfd488ed8a3676543d586070b10f38c1f1377cbbbd591d9a6

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
36
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
3
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7e010ff261ce300f957a626b6b7a38452bd21ce9e153917ddee04012c8cf160b

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sat, 09 Sep 2023 15:32:24 GMT
prebid
ib.adnxs.com/ut/v3/ 		250 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3ea37b21bf97ad9260a3e8bda008d540903177a17191c77aa7d60d4337b225d4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
an-x-request-uuid
96e37d58-4cbd-4c0e-aa35-9bf6a4eb6583
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.23; 217.114.218.23; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
250
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 09 Sep 2023 15:32:24 GMT
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sat, 09 Sep 2023 15:32:24 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.110.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-110-88.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b0b6ef2f1b459715ae92912485289391fc0f5fc55958cfd6e872e7968b98e6d8

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 09 Sep 2023 15:32:24 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid-request
onetag-sys.com/ 		15 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebidjs
rtb.openx.net/openrtbb/ 		53 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
30c7055d398a58f876c3279af72362afdaca978c5f61b5d67abc510e511921d5

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
adreq
ads.servenobid.com/ 		981 B
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=2329
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
495287fe1cac500fc546807909a1918d128d0a76c6746b273d4af06adfca28dc

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d4481e93f9b0160d593215f1bd5c383a2ce72574a0e439979e991b80e3858b9

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87OMBcBZJdBkieQg9ha7kTjwHnnk7LQFdvFHtqlYzXb%2Bo8GkYZoNmlXbEPSVFXP%2FDMUg5hbN6EhoRhLeXp4Za42Dzvf4xGprjTye6GBHuBW82N7QByOKk21J5DNQzbRXkzCwS2R%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80407bd439654541-TXL
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d4481e93f9b0160d593215f1bd5c383a2ce72574a0e439979e991b80e3858b9

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w12A5sZf274Gdp%2Bdsqbc9JLcq91dF6epF%2BcOTCHPQGUgNCGLXU4cfvFaVgMXVNLyxYCwu9EAHJb%2BGFNJeDho6T%2F9gv0%2FMj6QQzTSFpvVmAJzaRC8bHpoNavL6DHuPRhb%2BTE%2FkLdt"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80407bd4396d4541-TXL
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d4481e93f9b0160d593215f1bd5c383a2ce72574a0e439979e991b80e3858b9

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6cNvRxpFptgPU4xRqXW%2FfLYfjMC%2F5z9Q2UPI4xw981Uu3HiXzugt%2ByyUotGS9waZlOduV9QrmICrv%2BY1zjFXqltjA9SqjIi5b100bAhvS2bDksWvnz%2FXh91uAkcEHehQ5lcnohV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80407bd4396b4541-TXL
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.192.168.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-168-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
accept-ch
user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=63629307612&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bf796dc7a1fbb60f5cb5579d04e7354c69d6304776b999bcf822d9c339910841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
80407bd43f7f2c62-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
80407bd43f822c62-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi48=12611&tvi50=-50&lti=deflated&ri=ad5720f2c526fc8ea3b24959513baf23&sd=v2_02f4ce1f0933fd647c86afc4190e2dfb_e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587_1694273543_1694273543_CNawjgYQ2YJdGNK4ytSnMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1694273543250&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1694273544333%7D&tim=17%3A32%3A24.333&id=8303&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
af151a855cb759cf8b068ebd9688485c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af151a855cb759cf8b068ebd9688485c.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ed6c3c38cbb3be63ba96c4508b373c54b0d811e8703d416cd1ef7651eee414b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af151a855cb759cf8b068ebd9688485c.jpg
age
173514
edge-cache-tag
400531664844616426607305448141166554864,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
400531664844616426607305448141166554864,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
207
req-referer
https://www.urlaub-in-deutschland.tv/
content-length
84538
x-request-id
9696194bc3eb1763b6a304038fd36a04
x-backend-name
US_nlb104
x-served-by
cache-iad-kjyo7100091-IAD, cache-iad-kiad7000023-IAD, cache-iad-kjyo7100093-IAD, cache-fra-eddf8230057-FRA
last-modified
Tue, 05 Sep 2023 06:58:01 GMT
server
nginx
x-timer
S1694273544.346077,VS0,VE2
etag
"8fb3d68da359888115efddd2040ed601"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
623eb7c0bc24fe71c5a6f5c26addec74.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/623eb7c0bc24fe71c5a6f5c26addec74.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
419d2379d8ab86a1cad7f6a8319fac69c3b65fb782c42b149c0593f8d175d7a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/623eb7c0bc24fe71c5a6f5c26addec74.jpg
age
964658
edge-cache-tag
509588451419215907501615154353588320252,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
509588451419215907501615154353588320252,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
106
expiration
expiry-date="Wed, 20 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://jp.goodtoknowthis.com/
content-length
14734
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000096-IAD, cache-iad-kiad7000066-IAD, cache-iad-kiad7000129-IAD, cache-fra-eddf8230057-FRA
last-modified
Sun, 20 Aug 2023 12:08:10 GMT
server
nginx
x-timer
S1694273544.346803,VS0,VE0
etag
"32fbb276063fdc35349757c039da8951"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 24, 3
fe91d8cbdda71fc208e75bb9dfb9cd93.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe91d8cbdda71fc208e75bb9dfb9cd93.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d8ba4d0c7bb96b7ba43d942c0a9d4e988c7ca26152f6595e5b85004386e207c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe91d8cbdda71fc208e75bb9dfb9cd93.png
age
4005837
edge-cache-tag
338727417614195939060249909528942215183,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
338727417614195939060249909528942215183,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
226
expiration
expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hoerzu.de/
content-length
29464
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000032-IAD, cache-iad-kcgs7200057-IAD, cache-sna10724-LGB, cache-iad-kjyo7100111-IAD, cache-fra-eddf8230057-FRA
last-modified
Sat, 15 Jul 2023 11:46:52 GMT
server
nginx
x-timer
S1694273544.346783,VS0,VE1
etag
"9d36e1067b0ce85dc936db1f2cb39a57"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 286, 1
8e1fd4943e5ccfce7073d62d1aaa6bb7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e1fd4943e5ccfce7073d62d1aaa6bb7.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
80b35fd5838ae3aaf8c3f8108511fddbd31b5af5ce5951c6dbc83af9b0b1a9b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e1fd4943e5ccfce7073d62d1aaa6bb7.jpg
age
450964
edge-cache-tag
611024549457675560463851817837133753889,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
611024549457675560463851817837133753889,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
806
req-referer
https://ibctamilnadu.com/
content-length
47314
x-request-id
7277506a87d8b6aaa15a965f5a9c425c
x-backend-name
CH_nlb804
x-served-by
cache-iad-kjyo7100031-IAD, cache-iad-kiad7000115-IAD, cache-iad-kjyo7100069-IAD, cache-fra-eddf8230057-FRA
last-modified
Fri, 01 Sep 2023 14:48:49 GMT
server
nginx
x-timer
S1694273544.347227,VS0,VE2
etag
"6f9d06e83c3d942dcfa2d61856ab0c15"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1
57d8cffb21c45ec739779d08562f7024.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/57d8cffb21c45ec739779d08562f7024.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ba38bb8bfdb8827b1f46f2dbb094fa1d88db8cc18b675d79b898109a455bc3d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/57d8cffb21c45ec739779d08562f7024.jpg
age
805116
edge-cache-tag
343665972825777486978905319226409565972,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
343665972825777486978905319226409565972,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
313
req-referer
https://www.dnaindia.com/
content-length
85124
x-request-id
cfe848d04478353353f3c3140ee7e120
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000110-IAD, cache-iad-kiad7000045-IAD, cache-iad-kcgs7200096-IAD, cache-fra-eddf8230057-FRA
last-modified
Thu, 31 Aug 2023 07:52:36 GMT
server
nginx
x-timer
S1694273544.347187,VS0,VE2
etag
"24de7fe33b550f44c7b5976b2f634b90"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 4, 1
0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4742d841247706ded62d8e6d6c81b79fd12a98489a61bbc82cb30fe9483b886f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
age
3285737
edge-cache-tag
526751286337326218232385186173385884285,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
526751286337326218232385186173385884285,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
202
expiration
expiry-date="Fri, 25 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.rundschau-online.de/
content-length
39080
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200149-IAD, cache-iad-kcgs7200094-IAD, cache-chi-klot8100033-CHI, cache-iad-kiad7000050-IAD, cache-fra-eddf8230057-FRA
last-modified
Tue, 25 Jul 2023 11:21:37 GMT
server
nginx
x-timer
S1694273544.347507,VS0,VE0
etag
"ac313dda21f591b9720208e844fa394e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 333, 2
e36b13e484d9afa3a97d76b83ae6ed66.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e36b13e484d9afa3a97d76b83ae6ed66.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c7aeec1e3bb5e3c8fef3ac65e6da2240ac566fe0b87169e8332798309a5a33a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e36b13e484d9afa3a97d76b83ae6ed66.jpg
age
173135
edge-cache-tag
617368219207503722444887339616993455168,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
617368219207503722444887339616993455168,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
503
req-referer
https://www.frankenpost.de/
content-length
33160
x-request-id
3f5f57b4b6b1b09f0aea23fb98425620
x-backend-name
US_nlb101
x-served-by
cache-iad-kjyo7100076-IAD, cache-iad-kiad7000174-IAD, cache-iad-kcgs7200166-IAD, cache-fra-eddf8230057-FRA
last-modified
Tue, 05 Sep 2023 09:04:29 GMT
server
nginx
x-timer
S1694273544.370180,VS0,VE1
etag
"e8caff5bdcff20c6385b78bfb6f47cce"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1
d8ebb859-8503-4f1d-8e1b-9f6c40c3b3e3__YqBLTREY.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d8ebb859-8503-4f1d-8e1b-9f6c40c3b3e3__YqBLTREY.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
84e83d32440ce30b13df30395ff8ac21db21ca6f555bf3cc0f071fdcfe56b142

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d8ebb859-8503-4f1d-8e1b-9f6c40c3b3e3__YqBLTREY.jpg
age
963379
edge-cache-tag
601773679419847576056873286918285906189,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
601773679419847576056873286918285906189,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
137
req-referer
https://wunderbunt.de/
content-length
71060
x-request-id
a4cbb4c0dcf2efd8784da46facc2c954
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100131-IAD, cache-iad-kiad7000081-IAD, cache-iad-kiad7000039-IAD, cache-fra-eddf8230057-FRA
last-modified
Mon, 28 Aug 2023 16:37:26 GMT
server
nginx
x-timer
S1694273544.373144,VS0,VE1
etag
"67f23af59855a2efdaa46daf6fc3adac"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
16a26b83e3779e04141d9a88aab0e0db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/16a26b83e3779e04141d9a88aab0e0db.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a440d81b059f2c7efa3eb245c14956fb8653592af53a4b0adde328566b3bea37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/16a26b83e3779e04141d9a88aab0e0db.jpg
age
1495214
edge-cache-tag
450312374228256918063083150493874644657,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
450312374228256918063083150493874644657,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
278
req-referer
https://www.hoerzu.de/
content-length
76340
x-request-id
1d532ac13682ee5c0956dac0e7cc711f
x-backend-name
US_nlb103
x-served-by
cache-iad-kjyo7100084-IAD, cache-iad-kjyo7100151-IAD, cache-lga21955-LGA, cache-iad-kjyo7100156-IAD, cache-fra-eddf8230057-FRA
last-modified
Wed, 23 Aug 2023 08:01:08 GMT
server
nginx
x-timer
S1694273544.373024,VS0,VE1
etag
"547b203b2175fac0cc75c965943d8d1e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 48, 1, 383, 1
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.31759030390073617&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.7087911009363992&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:17:17 GMT
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
908
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
-izijK1c3okT6Zhn3D8GNfE2VA3RmPldSS1PWQ7rkV6okMzjGxucHQ==
container.html
17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8FFC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:23 GMT
expires
Sun, 08 Sep 2024 15:32:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
st
imprammp.taboola.com/ Frame 693C 		577 B
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&cmcv=&pix=undefined&cb=1694273544426&uv=3334&tms=1694273544426&abt=nonrv_vA!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=226f7bca-d8bf-43e6-8a26-e0f937054f59&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef521b41617db833a493dc9fb56206d4be48e8f89eab0086173aba7726c7ebfd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sat, 09 Sep 2023 15:32:24 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230057-FRA
x-timer
S1694273544.438116,VS0,VE10
sync
am-match.taboola.com/ Frame 6001 		577 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
ef521b41617db833a493dc9fb56206d4be48e8f89eab0086173aba7726c7ebfd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sat, 09 Sep 2023 15:32:24 GMT
machineid
3408
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694273544431&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1548&pt=1617716344&tz=120&viewable=true&ddast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vD!ufrlt_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c40400a8cb60596f74414a9bc15a6a1a52f376d611201733f01c62ceceefd92f

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1469
x-cache
MISS
x-served-by
cache-fra-eddf8230057-FRA
pragma
no-cache
server
nginx
x-timer
S1694273544.441138,VS0,VE49
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&cmcv=&pix=31589837&cb=1694273544426&uv=3334&tms=1694273544426&abt=nonrv_vA!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1694273541677.7!ts:1694273544426&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-length
0
server
nginx
2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8126c066236d4b4f10bb3159a5bd66c4759458173c231a790953e49dca0784ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age
278896
edge-cache-tag
539264722275397693898618951167535693130,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
539264722275397693898618951167535693130,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
389
req-referer
https://psychicmonday.com/
content-length
8544
x-request-id
6d7ae70f4949301d5729f6392fc166e9
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200116-IAD, cache-iad-kcgs7200077-IAD, cache-lax10631-LGB, cache-iad-kcgs7200109-IAD, cache-fra-eddf8230057-FRA
last-modified
Thu, 10 Aug 2023 01:55:26 GMT
server
nginx
x-timer
S1694273544.454208,VS0,VE1
etag
"3a0559a9fa16bdb8853e198dcd7a4a75"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
f69798697d57836303d40015a20abc73.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f69798697d57836303d40015a20abc73.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
569d5b2b005f9111a6788e96b4f5c0f6f877afdf743700f2763da63d2d0e1ba9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f69798697d57836303d40015a20abc73.png
age
194291
edge-cache-tag
357145662697072923397544531106118029968,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
357145662697072923397544531106118029968,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
545
req-referer
https://ittiloot.com/
content-length
3138
x-request-id
332e96e677d2e6daa65e26e68340c117
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200020-IAD, cache-iad-kiad7000099-IAD, cache-iad-kcgs7200103-IAD, cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 14:59:19 GMT
server
nginx
x-timer
S1694273544.454420,VS0,VE1
etag
"e9f182f802c9f5cf0db9a2f43fd58a2c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
562cf3be4eaa94a9e2f627265fff4e11.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/562cf3be4eaa94a9e2f627265fff4e11.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fa185440b368fa090268f010095c9a583c578379a1e0e3db16f66a82874e0e01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/562cf3be4eaa94a9e2f627265fff4e11.jpg
age
3437840
edge-cache-tag
347810432484749821870950225620725984890,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
347810432484749821870950225620725984890,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
92
expiration
expiry-date="Mon, 21 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://nigeriaworld.com/
content-length
3588
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000115-IAD, cache-iad-kiad7000069-IAD, cache-lga21937-LGA, cache-iad-kjyo7100042-IAD, cache-fra-eddf8230057-FRA
last-modified
Fri, 21 Jul 2023 11:29:58 GMT
server
nginx
x-timer
S1694273544.454411,VS0,VE1
etag
"c886d97e92edcca8a449a5508d49b9a6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 7, 1
pd
google-bidout-d.openx.net/w/1.0/ Frame F028 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 09 Sep 2023 15:32:24 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
generic
match.adsrvr.org/track/cmf/ Frame 693C 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&cmcv=&pix=undefined&cb=1694273544426&uv=3334&tms=1694273544426&abt=nonrv_vA!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=226f7bca-d8bf-43e6-8a26-e0f937054f59&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
server
Kestrel
content-length
70
content-type
image/gif
e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 693C 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&cmcv=&pix=undefined&cb=1694273544426&uv=3334&tms=1694273544426&abt=nonrv_vA!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=226f7bca-d8bf-43e6-8a26-e0f937054f59&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:9368:3d72:e6f:ea07 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
css2
fonts.googleapis.com/ Frame 8FFC 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 14:17:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Sep 2023 15:32:24 GMT
af151a855cb759cf8b068ebd9688485c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af151a855cb759cf8b068ebd9688485c.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ed6c3c38cbb3be63ba96c4508b373c54b0d811e8703d416cd1ef7651eee414b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af151a855cb759cf8b068ebd9688485c.jpg
age
173514
edge-cache-tag
400531664844616426607305448141166554864,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
400531664844616426607305448141166554864,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
207
req-referer
https://www.urlaub-in-deutschland.tv/
content-length
84538
x-request-id
9696194bc3eb1763b6a304038fd36a04
x-backend-name
US_nlb104
x-served-by
cache-iad-kjyo7100091-IAD, cache-iad-kiad7000023-IAD, cache-iad-kjyo7100093-IAD, cache-fra-eddf8230057-FRA
last-modified
Tue, 05 Sep 2023 06:58:01 GMT
server
nginx
x-timer
S1694273545.501800,VS0,VE0
etag
"8fb3d68da359888115efddd2040ed601"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 2
623eb7c0bc24fe71c5a6f5c26addec74.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/623eb7c0bc24fe71c5a6f5c26addec74.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
419d2379d8ab86a1cad7f6a8319fac69c3b65fb782c42b149c0593f8d175d7a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/623eb7c0bc24fe71c5a6f5c26addec74.jpg
age
964658
edge-cache-tag
509588451419215907501615154353588320252,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
509588451419215907501615154353588320252,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
106
expiration
expiry-date="Wed, 20 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://jp.goodtoknowthis.com/
content-length
14734
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000096-IAD, cache-iad-kiad7000066-IAD, cache-iad-kiad7000129-IAD, cache-fra-eddf8230057-FRA
last-modified
Sun, 20 Aug 2023 12:08:10 GMT
server
nginx
x-timer
S1694273545.503598,VS0,VE0
etag
"32fbb276063fdc35349757c039da8951"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 24, 4
fe91d8cbdda71fc208e75bb9dfb9cd93.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe91d8cbdda71fc208e75bb9dfb9cd93.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d8ba4d0c7bb96b7ba43d942c0a9d4e988c7ca26152f6595e5b85004386e207c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe91d8cbdda71fc208e75bb9dfb9cd93.png
age
4005837
edge-cache-tag
338727417614195939060249909528942215183,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
338727417614195939060249909528942215183,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
226
expiration
expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hoerzu.de/
content-length
29464
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000032-IAD, cache-iad-kcgs7200057-IAD, cache-sna10724-LGB, cache-iad-kjyo7100111-IAD, cache-fra-eddf8230057-FRA
last-modified
Sat, 15 Jul 2023 11:46:52 GMT
server
nginx
x-timer
S1694273545.503139,VS0,VE0
etag
"9d36e1067b0ce85dc936db1f2cb39a57"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 286, 2
8e1fd4943e5ccfce7073d62d1aaa6bb7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e1fd4943e5ccfce7073d62d1aaa6bb7.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
80b35fd5838ae3aaf8c3f8108511fddbd31b5af5ce5951c6dbc83af9b0b1a9b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e1fd4943e5ccfce7073d62d1aaa6bb7.jpg
age
450964
edge-cache-tag
611024549457675560463851817837133753889,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
611024549457675560463851817837133753889,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
806
req-referer
https://ibctamilnadu.com/
content-length
47314
x-request-id
7277506a87d8b6aaa15a965f5a9c425c
x-backend-name
CH_nlb804
x-served-by
cache-iad-kjyo7100031-IAD, cache-iad-kiad7000115-IAD, cache-iad-kjyo7100069-IAD, cache-fra-eddf8230057-FRA
last-modified
Fri, 01 Sep 2023 14:48:49 GMT
server
nginx
x-timer
S1694273545.503574,VS0,VE0
etag
"6f9d06e83c3d942dcfa2d61856ab0c15"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2
57d8cffb21c45ec739779d08562f7024.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/57d8cffb21c45ec739779d08562f7024.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ba38bb8bfdb8827b1f46f2dbb094fa1d88db8cc18b675d79b898109a455bc3d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/57d8cffb21c45ec739779d08562f7024.jpg
age
805116
edge-cache-tag
343665972825777486978905319226409565972,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
343665972825777486978905319226409565972,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
313
req-referer
https://www.dnaindia.com/
content-length
85124
x-request-id
cfe848d04478353353f3c3140ee7e120
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000110-IAD, cache-iad-kiad7000045-IAD, cache-iad-kcgs7200096-IAD, cache-fra-eddf8230057-FRA
last-modified
Thu, 31 Aug 2023 07:52:36 GMT
server
nginx
x-timer
S1694273545.503091,VS0,VE0
etag
"24de7fe33b550f44c7b5976b2f634b90"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 4, 2
0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4742d841247706ded62d8e6d6c81b79fd12a98489a61bbc82cb30fe9483b886f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
age
3285737
edge-cache-tag
526751286337326218232385186173385884285,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
526751286337326218232385186173385884285,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
202
expiration
expiry-date="Fri, 25 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.rundschau-online.de/
content-length
39080
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200149-IAD, cache-iad-kcgs7200094-IAD, cache-chi-klot8100033-CHI, cache-iad-kiad7000050-IAD, cache-fra-eddf8230057-FRA
last-modified
Tue, 25 Jul 2023 11:21:37 GMT
server
nginx
x-timer
S1694273545.503574,VS0,VE0
etag
"ac313dda21f591b9720208e844fa394e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 333, 3
e36b13e484d9afa3a97d76b83ae6ed66.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e36b13e484d9afa3a97d76b83ae6ed66.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c7aeec1e3bb5e3c8fef3ac65e6da2240ac566fe0b87169e8332798309a5a33a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e36b13e484d9afa3a97d76b83ae6ed66.jpg
age
173135
edge-cache-tag
617368219207503722444887339616993455168,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
617368219207503722444887339616993455168,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
503
req-referer
https://www.frankenpost.de/
content-length
33160
x-request-id
3f5f57b4b6b1b09f0aea23fb98425620
x-backend-name
US_nlb101
x-served-by
cache-iad-kjyo7100076-IAD, cache-iad-kiad7000174-IAD, cache-iad-kcgs7200166-IAD, cache-fra-eddf8230057-FRA
last-modified
Tue, 05 Sep 2023 09:04:29 GMT
server
nginx
x-timer
S1694273545.524782,VS0,VE0
etag
"e8caff5bdcff20c6385b78bfb6f47cce"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2
d8ebb859-8503-4f1d-8e1b-9f6c40c3b3e3__YqBLTREY.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d8ebb859-8503-4f1d-8e1b-9f6c40c3b3e3__YqBLTREY.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
84e83d32440ce30b13df30395ff8ac21db21ca6f555bf3cc0f071fdcfe56b142

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d8ebb859-8503-4f1d-8e1b-9f6c40c3b3e3__YqBLTREY.jpg
age
963379
edge-cache-tag
601773679419847576056873286918285906189,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
601773679419847576056873286918285906189,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
137
req-referer
https://wunderbunt.de/
content-length
71060
x-request-id
a4cbb4c0dcf2efd8784da46facc2c954
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100131-IAD, cache-iad-kiad7000081-IAD, cache-iad-kiad7000039-IAD, cache-fra-eddf8230057-FRA
last-modified
Mon, 28 Aug 2023 16:37:26 GMT
server
nginx
x-timer
S1694273545.525497,VS0,VE0
etag
"67f23af59855a2efdaa46daf6fc3adac"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 2
16a26b83e3779e04141d9a88aab0e0db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/16a26b83e3779e04141d9a88aab0e0db.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a440d81b059f2c7efa3eb245c14956fb8653592af53a4b0adde328566b3bea37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/16a26b83e3779e04141d9a88aab0e0db.jpg
age
1495214
edge-cache-tag
450312374228256918063083150493874644657,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
450312374228256918063083150493874644657,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
278
req-referer
https://www.hoerzu.de/
content-length
76340
x-request-id
1d532ac13682ee5c0956dac0e7cc711f
x-backend-name
US_nlb103
x-served-by
cache-iad-kjyo7100084-IAD, cache-iad-kjyo7100151-IAD, cache-lga21955-LGA, cache-iad-kjyo7100156-IAD, cache-fra-eddf8230057-FRA
last-modified
Wed, 23 Aug 2023 08:01:08 GMT
server
nginx
x-timer
S1694273545.529835,VS0,VE0
etag
"547b203b2175fac0cc75c965943d8d1e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 48, 1, 383, 2
pixel
googleads.g.doubleclick.net/xbbe/ Frame 58B7 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiY-cHuATAB&v=APEucNWRyoY1Ulck6gh6O_EMx-Bc0tqjLv2kwMigDAWHzIueRBHja9j8TJmFlc1HkAr_C03u7Ez4B72iJhm9CuNeTlNOkw_1jUwh6NfDc4PkZZI012ARHKl94nh0qs9AqzKdagwITsUJxYhApfE1XnSNZtRJG7M1k_mf1gdgqWKuSgYXO7KFL2lCNnDEeVdHwatPn1NFx-0aZRrGSiS62zPKrY8ZcPO39g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 07FC 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 07FC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 13:30:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
7343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 13:30:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 07FC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
84910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 15:57:14 GMT
l
www.google.com/ads/measurement/ Frame 07FC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2CW8aY96hj44--7X1Nmd7OzkPiM0AhhdRM1sY6teIElv6ma48FxQnLG15bX8XPfcxleKNknbtTbouH7AmGFrkvTCQvA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 07FC 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 07FC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cz7aibX87TjBwHz4GpC_pbPMYjfRu4GrRdMtdCGfj1OnQjPzLYaygz23EsxEyhBmDKZhNFaBRJC17-5l4iLR7gGdpnKsQPLSVjTC0ER1hTDFSgt7Y
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 07FC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14076913075755644347&x=1&ct=76
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 8FFC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 14:13:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
4723
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8566
x-xss-protection
0
server
cafe
etag
5625731030761120726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 14:13:41 GMT
googleanalytics.json
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 		2 KB
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:46 GMT
age
337538
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"13417016125ec007"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:46 GMT
ga4.json
amp.analytics-debugger.com/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6474
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 09 Sep 2023 13:44:30 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5A5Ru490CBDiCNzm5TaMvhT%2FyT4bIhegYVbCUSnYAdq9iOuu5NWrkGMb2m5nU8dzXFQUp6H35iWO0nks14gY8raAjHYR66btPV51r2QCHUPnnBS3nQ3jZgsh4SIrLGWKzsxqtG9o5hIoNl3MX3ArhObr%2FygwuhWrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=86400
access-control-allow-credentials
true
x-debug-em-all-ga4amp-version
20230607
cf-ray
80407bd5a9a11c97-FRA
gtag.json
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 		3 KB
956 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:34 GMT
age
337550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
926
x-xss-protection
0
server
sffe
etag
"2053776e7f80c73d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:34 GMT
usync.html
eus.rubiconproject.com/ Frame D936 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&cmcv=&pix=undefined&cb=1694273544426&uv=3334&tms=1694273544426&abt=nonrv_vA!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=226f7bca-d8bf-43e6-8a26-e0f937054f59&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Sep 2023 15:32:24 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 6001 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
server
Kestrel
content-length
70
content-type
image/gif
e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 6001 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:9368:3d72:e6f:ea07 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_3_4/infra/ 		880 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
2733f4c9d329a470c14450dd885bf02219a19ee63d30c67439a250ebbabc107c

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-meta-mtime
1693922380
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
FPEQYM4MR0ZRP5J1
age
351037
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693922381
x-amz-meta-mode
33188
content-length
147123
x-amz-id-2
EBlzWPD6iKqbOB4H1z5wHohK8Wh0TTibYEfCs5fBpD2xxbylSU0TWKUB2Q0mV8JFlBxT6dJUGQc=
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Tue, 05 Sep 2023 13:59:42 GMT
server
AmazonS3-br
x-timer
S1694273545.586601,VS0,VE0
etag
"38ea6c5249cc72e909660623b02bf7b8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
334249
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_3_4/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_3_4/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-meta-mtime
1693922399
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
FPEY0CJZ5CP448HD
age
351037
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693922400
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
gVazDaezCRHQYY8kPxJDod2jVIgirHImf1myU/cjbP0xNs8QizH4a+tId0Tt1JKOHSNppWVNwEE=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Tue, 05 Sep 2023 14:00:01 GMT
server
AmazonS3-br
x-timer
S1694273545.586624,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
318718
2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8126c066236d4b4f10bb3159a5bd66c4759458173c231a790953e49dca0784ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age
278896
edge-cache-tag
539264722275397693898618951167535693130,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
539264722275397693898618951167535693130,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
389
req-referer
https://psychicmonday.com/
content-length
8544
x-request-id
6d7ae70f4949301d5729f6392fc166e9
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200116-IAD, cache-iad-kcgs7200077-IAD, cache-lax10631-LGB, cache-iad-kcgs7200109-IAD, cache-fra-eddf8230057-FRA
last-modified
Thu, 10 Aug 2023 01:55:26 GMT
server
nginx
x-timer
S1694273545.589763,VS0,VE0
etag
"3a0559a9fa16bdb8853e198dcd7a4a75"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
f69798697d57836303d40015a20abc73.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f69798697d57836303d40015a20abc73.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
569d5b2b005f9111a6788e96b4f5c0f6f877afdf743700f2763da63d2d0e1ba9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f69798697d57836303d40015a20abc73.png
age
194291
edge-cache-tag
357145662697072923397544531106118029968,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
357145662697072923397544531106118029968,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
545
req-referer
https://ittiloot.com/
content-length
3138
x-request-id
332e96e677d2e6daa65e26e68340c117
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200020-IAD, cache-iad-kiad7000099-IAD, cache-iad-kcgs7200103-IAD, cache-fra-eddf8230057-FRA
last-modified
Wed, 06 Sep 2023 14:59:19 GMT
server
nginx
x-timer
S1694273545.590022,VS0,VE0
etag
"e9f182f802c9f5cf0db9a2f43fd58a2c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2
562cf3be4eaa94a9e2f627265fff4e11.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/562cf3be4eaa94a9e2f627265fff4e11.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fa185440b368fa090268f010095c9a583c578379a1e0e3db16f66a82874e0e01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/562cf3be4eaa94a9e2f627265fff4e11.jpg
age
3437840
edge-cache-tag
347810432484749821870950225620725984890,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
347810432484749821870950225620725984890,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
92
expiration
expiry-date="Mon, 21 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://nigeriaworld.com/
content-length
3588
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000115-IAD, cache-iad-kiad7000069-IAD, cache-lga21937-LGA, cache-iad-kjyo7100042-IAD, cache-fra-eddf8230057-FRA
last-modified
Fri, 21 Jul 2023 11:29:58 GMT
server
nginx
x-timer
S1694273545.590004,VS0,VE0
etag
"c886d97e92edcca8a449a5508d49b9a6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 7, 2
prebid-request
onetag-sys.com/ 		15 B
357 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
pixel;r=642165431;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html;uh=e51ed6...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=642165431;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1398598017-1694273544381;pbc=089cb91b-b441-4b53-83b4-d83b3f8bb85f;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1694273544642;tzo=-120;ogl=;ses=55d77bb2-0f51-4332-8e6d-d13d1ae07213;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame D856 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Sep 2023 15:32:24 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rum
dsum-sec.casalemedia.com/ Frame 58B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITL1qS0BUZ4aMGIcrljoqk&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITL1qS0BUZ4aMGIcrljoqk&google_cver=1&C=1
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITL1qS0BUZ4aMGIcrljoqk&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiY-cHuATAB&v=APEucNWRyoY1Ulck6gh6O_EMx-Bc0tqjLv2kwMigDAWHzIueRBHja9j8TJmFlc1HkAr_C03u7Ez4B72iJhm9CuNeTlNOkw_1jUwh6NfDc4PkZZI012ARHKl94nh0qs9AqzKdagwITsUJxYhApfE1XnSNZtRJG7M1k_mf1gdgqWKuSgYXO7KFL2lCNnDEeVdHwatPn1NFx-0aZRrGSiS62zPKrY8ZcPO39g
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFj1oxZyVGfjV5%2BKK70PFSeaIEEuqU7vNj8RcAwk543W2URJzkxrBjUegTMaDx2Er0ZADfMXCJ48Hik0wOsSPVDSDNLMdFj3V2D7Nm28TOoUKgfrNfhxpbpjj3mUG3yj6wQYaU5uL8DyOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80407bdafd8b58f0-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYsquHkFGs4dqS0O%2FOS5DKINI6cAGLV%2BZ02kCOEv8yfzbEeBhAQA7f45oD4jiap9gSaf9vaiS5hb8waQrh5iZKf5gaQ5o%2F8tgmFithEylxYb7cmxBpC9dsFKOOcZoaP%2FvbVBOmRr3P2Bcg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEITL1qS0BUZ4aMGIcrljoqk&google_cver=1&C=1
cache-control
no-cache
cf-ray
80407bd7a9e84541-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 58B7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPyQCRLTghbNSmm1ps0Q9QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITL1qS0BUZ4aMGIcrljoqk&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITL1qS0BUZ4aMGIcrljoqk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiY-cHuATAB&v=APEucNWRyoY1Ulck6gh6O_EMx-Bc0tqjLv2kwMigDAWHzIueRBHja9j8TJmFlc1HkAr_C03u7Ez4B72iJhm9CuNeTlNOkw_1jUwh6NfDc4PkZZI012ARHKl94nh0qs9AqzKdagwITsUJxYhApfE1XnSNZtRJG7M1k_mf1gdgqWKuSgYXO7KFL2lCNnDEeVdHwatPn1NFx-0aZRrGSiS62zPKrY8ZcPO39g
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXt2RXYx9hUg8L8LqhmeD2PXNbdLlTKdWW4n2vG%2FVvKgCmRSF6Zw%2FXiDrfmX%2B%2FAUWg14cVkdT%2BoOlienzaujBPl9h8vwifSElHneupXJG9Ai61kPQPqvn0OvUGIGtJjPiADBvEMZEUn6xw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80407bdc2fbe58f0-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITL1qS0BUZ4aMGIcrljoqk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 58B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHKFcGvywpdl2BOjf-icaKM&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEHKFcGvywpdl2BOjf-icaKM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiY-cHuATAB&v=APEucNWRyoY1Ulck6gh6O_EMx-Bc0tqjLv2kwMigDAWHzIueRBHja9j8TJmFlc1HkAr_C03u7Ez4B72iJhm9CuNeTlNOkw_1jUwh6NfDc4PkZZI012ARHKl94nh0qs9AqzKdagwITsUJxYhApfE1XnSNZtRJG7M1k_mf1gdgqWKuSgYXO7KFL2lCNnDEeVdHwatPn1NFx-0aZRrGSiS62zPKrY8ZcPO39g
Protocol
H2
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
an-x-request-uuid
06952bde-6389-4d39-aa4d-873a006d6768
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.23; 217.114.218.23; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEHKFcGvywpdl2BOjf-icaKM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 58B7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgwMzE4NTU2MDM0MDQ4ODc0NQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgwMzE4NTU2MDM0MDQ4ODc0NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiY-cHuATAB&v=APEucNWRyoY1Ulck6gh6O_EMx-Bc0tqjLv2kwMigDAWHzIueRBHja9j8TJmFlc1HkAr_C03u7Ez4B72iJhm9CuNeTlNOkw_1jUwh6NfDc4PkZZI012ARHKl94nh0qs9AqzKdagwITsUJxYhApfE1XnSNZtRJG7M1k_mf1gdgqWKuSgYXO7KFL2lCNnDEeVdHwatPn1NFx-0aZRrGSiS62zPKrY8ZcPO39g
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
an-x-request-uuid
a900075a-2737-4ee9-9e34-6144d27c0bb8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgwMzE4NTU2MDM0MDQ4ODc0NQ%3D%3D
x-proxy-origin
217.114.218.23; 217.114.218.23; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame D936 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8ac36cb8e899f57d4673ebfc077f32281d442aaadcef023de37722dbcd809b10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 15:32:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Sep 2023 11:06:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70441
Connection
keep-alive
Content-Length
10210
Expires
Sun, 10 Sep 2023 11:06:25 GMT
usync.js
eus.rubiconproject.com/ Frame D856 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8ac36cb8e899f57d4673ebfc077f32281d442aaadcef023de37722dbcd809b10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 15:32:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Sep 2023 11:06:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70441
Connection
keep-alive
Content-Length
10210
Expires
Sun, 10 Sep 2023 11:06:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 07FC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6379382116606&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 07FC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6379382116606&version=m202307240101&ct=76&x=1&cor=14076913075755645000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 07FC 		100 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DaTRTQ2yDzI8FKhXql3Vlg8-ecw4cOTOGl6_NAnW5l2PGAs3DrVAcrCWG5v8QmEQWBCdI9prQV1gQa9ubBEW6vWOWGKCDhylRzQlS3JPaRVg-fOTyjTjQ7rvg6Pg9di8uAQkFyrZ3WjCbSCjWm6D6vaQ7TiAM8DeUVc7ZkNSiHfsvJNEg&dbm_d=AKAmf-BZb9bGujnkjj8uy9D7Bxjnsa2Glqazts9lFXcesj4C2UssIcnTWWUHJnewI_HtRErRocuQHHIkvyF1-JK0EJ2dxJI7MoHi60-Gc1eccqfVFre1Nlg7v2U7DFYDQ0lH0c1c_cf3XPzvP-2FSHTSKDAo9jZkeSMXq6pLAjLYZd_sVRyoIQY37qC9e53Wi3--6ONKDevBd_d9mkqjRc_4YCWaDbdT0NBcOvwOPL1TOpxaASDgAztgj0CTXj0nkYcqLURg3AFTfnnsCGr95YCBfaQ4qZJ0JLcH3DEk8_SyYWXG2ehUU3lMF4vg1GAcA0rIOONa77t7R-BprIMEiJb8aNK3CkyrtH03_YdisMtUyeWzwdj3_fSDEcNjQXfdT70I6rWh7o6WsJjClImhEz7smYYbXAxKLm29VoZbZ8KnaBi3nvIGxPux4MD3OSQgVn8RJ1J19KLRUQw1VnEjXQmuxhIrAoR-t8ilujHDd62lEf_u378QpnV3DVgzaZkNAWV0LaZKWJz6GxfQty25llVNGYbjIMBMOrHKVBQ_ifH5To3NOys2mC31_VVELxV9oPThOKeDbi8ElZWQgC7nwuz_8RaEizWX3-Gtzd64vtJbF9zmGTrU481NrKFWzFuhd2NhLoTwXidDunZETz9bEsjgazDFpojVcnFzJDuollUCyLRZB33vMcuH6l4b3bOtyo_zYtwx7M-ImCShazUQdTI8k1cyUYYlfk2_KwHx3Gf8F7m4RSUCJ1zxickeadrh3hM-Ovi35j6zQV2WF77Qcu5nXicwptWdO--_RrnOe3RLlJHw2jhekzEPW74XlOqaByk0dkk0kXUnDASSVKN0TmZQ8jKrJeg7sEnhbz9uTOvh7HcrLDRj-mm54QVzOOJKH69X7SuU-Jho306yx0YiRCzvWZ28zOvdT3R6Tt6mr6XvyrGPuE5hIHlXd_0Aqz2KFhpK4-UuAem2sxusTWBxi8BlrJIe1hOv0qiePhIqjHeUDyaE8RLTNNMlUcZuOcXUVTXpk5vm27tuxWHRZ2M466ITjDS5FXQS4BgkilsJY0MZsN1JdvIP2futBnZe2AvlQHwIKwtzQslqeG4ZpoqqSipEGtcN3UsuEfOrX2GtseQYb6G2DMSpDk_RnVy6IaH2RupCIxKOeFMb07DjOjNeyqcODFr9WgnicM9hXtmvHIiNgDjE3Uk2jSNBpUGr7OstiI1Zvu_SwWS-_4NCzHJtCXAKa-po3UINtabW0DCCeykEVHq7eqyvVQSTTHPtlLUokewxlpCxmMU-zfLUT2sdWWKYkfs8LUkZWJWcuJRn74BGAOMh6K821OMoASszsZPc83r3PEoDQ_KAkz1sDzXWhA52X5yW34fIoUbYNgDm8Qdlej7oiZ-EmHGwJC0BvnzDXiXWCCwWwt_5cL29nXsQPuoS3gJTCduIXVrhIRC3UgNo5Tr4IqfDNEb-tYkmnVSs49M4MNE-t5zHTGzF2scb8wDJjJgRzIFvPZ4Tz3EHFgnUejefafQDChZUxdcgJzz2TWauTTvRQqiKZRIzMdxYSnUEevNBhAMcrzyPoqZjXfKUNFmc_U16Zl-o8lGUno5hoU0awRQMYBSFTd8Inj7fqGiU3rAZU58nCvTA3m04j6JNnMvw_exXaRTQCap0bh0ah9lua2xErtQal8ZRenbWlHSna5sEmtsfq8vsqyU-i8gvWN0BW-YtZKKNhKu9LLZDWK7MtcdCTFWtEjyeYLrExQDmf7Z910Pe3YgQs7iOYg5oX3IUnWaoWZ5Hi-QovN4y5KN1_U0VSbNttReE_ifgpLt1Y6nHVTDcN_YLvZNdeLYv5onh_BOOhz_-Dkx22zx0ak3JsJ8JEEqJ71w81Mmk2bNfi_hVSv-EEEdX4ewubJL8aBAP6u14roiDcXDD3DmwV4zFJEjaCpwELS92aWJPGDFEW7LAHJIpzK91AXmoUFUy-UpgNtASRgy-QBFdbKbHJ14Y3KV1rupwmaLOAKVkjwdEpF3AwNrYzKW_BxnvOWtxV1dd6-X_kCZBVHrH0iLQ_JMraoJABRPGKDNyJZfeJehc52E5olmlzKs3ab-eNk7aaT9G9XEYd_Ji_uskQerOrNF_IsDBK2_o8upNcAxCOYkR3V4BgQk8xPGIm8ILXGxhP6T3ZzpKJDJfbIqO2P8kmRNPfyjIfuUKFpP-abbyiZvBB19kO5SdFO89rGaeCspaMeoXWtRxzCD1NTI8id0A4rOtwpJfpraFGGBMTK_f69gjOgD86O3qjBPbRHRPKW_Yupz0a4jVYKwPlVFj3lCBDtsKHCt3_jS7WUST0DdlDACgmk23QpuOKyTdmm1pUENIj8A-Qkp4JXczWRjyvfr2PUeKrQG4DlAlraG7cFDfkhTg__vp2QVFtPW2YO64EeOp7qZYenrqXo3ofrfPhCnI69c59_02pRFxhKBJBcy9Mfsd6snCIqqF07ASsHgxfo77V-JvLVX9t_MOR89Ra6e6Yd9JqEH31cCL6RRZsSWeu80YRBTU8KPBu8xo5oCa3y5O1y2HK6winv7lPPkmCJLraiuKCLl1-3vrdnBiM6e6dSw0Emp7xoaaxECOUZ1FM9ENwMuDeGFiBkfBS1hAeD3CCEm4R5RK4vMiTqZBha7CL02GNDERKuwi3XdtuaHzBwSacX0p8PHlPJ0D7h5ESWwe3IAxDuwzQ5dcxeCYrfVgNY0c4djaolRO2GvmajR44bGZ9EZMnFGM0y9XR9Qy5luYcCZzuX2irNZ8vc7Pjo2v49VDJ2_dKPeTIfHJGSUzOXBwGsD69BVBVk8cJ1EHyvpZ0hlDeeE5xQSELhYTN6eEvHkuKKk5UeZ20riFf-9XbmmkT7gQBzQ0QMFutDLXPZ7ruqMHSsE6_kxu3daIoQeZRpAGdtCq6Y7oxK007nm4MInFnqStTo_cOqo_MoOtc56b4qWr3ulTY0AbYc57kSMAGk3jGubb7lE3QAVBjDvaaC4gtmNSDQsrasTQlYmZTK4QCNbQ3JI_1IuFBZbuPheuMW4-IrJN9wN2CW3xdtW9m1JGpFC7fDbM26cmYmbGAXImUG3q0_LkzOtA42kkInYwssMwsJaNtvziW-rDnc_DKze2ndCCvSwKPjJWmLedYy7T15Y3bwC7_W32M-ISq9MaPQ5eef9V8AoKNsn8Kops6nDGaHm0pFEJN3niaho3iEPf-RtV9zp5hWQeCsdYkVWwmGteI5nRoONxgveDt20mfGN-ODBeQjflIXWFuTFSTV7TPuGL9XtScr86jH_oMnXg2e6jGbzxF6nLLTkgJ8G55ert9sZMmtuAExZwWestUvVVmIQF_di6Xsg8NUmK80NaJA3bsWFgc5VgfmvK6QPYpAqvuAUB0KwxuGjwVadq8TiksgK2x-y3B8BCCGf64H0jjt8Qpa74wIBDrHGztudYJCP6sX0huKGYUv4nmrsJaPUnzQXj2ogkJgPPfJX-Ay5eGU1iEKW6v3PXu-dHkHMv_SADYrbnwnaLBC1r0z06ht5NVi1rNsnIu6lhXx8LdeM5JOsIbBGCMd5LiB99eM2l5TauQVkJ_hMHaqBU66_vF3bdPrBY-GCsGZ9aeaqjrAMjMZZVFN6STubsTEo3WZ9uWvQC-Jdi9D_CNIe0ltXxrQ-k9hD-yC0CfnSkt4pDcBGwF0lVlZ6p6_y2ZplByP-OF-TxRk1KgVViAwG1fmRBn0ItKILFrOwY1Kk7UXrnOzFfx1pfn8vpj0auvAhT12YSnGc_8TeZb17wdpXR5Y46OH_sjPe5WSiR4d0L7ATwMPJDOvAjL-fAcZZ-rRy7zipyfH63ypKlKqIUHRlJcEbSk94D1CpU0bXgz003J9qkPoQLtkU5r4pIl2BFiwE8760srQT_k5GilRkhu0LUp68E9n7IgQNMlNkqs0g1OvaW-cBu2dXCboUK7FEIP3oahKQiF0F-z_ADum0Q3q_B0Tj-Ojyw-9TECCC-qiTodcDvBK1c5VMOmF6nBTkj0Q&cid=CAQSOwBpAlJW_eF4TgwDc6HbehZJNnx1YEFGE2PiEw_tj23VRt4OqMTcR1kYljraTSgYZrN4YQy7NSE31P_aGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=14076913075755645000&adk=929882891&idt=151&cac=0&dtd=34
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94770ce0c0b5689e565d49a98d7360f6651a9f76602ef28b724a13c7414a3124
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41180
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame B12A 		714 B
782 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
9674
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
80407bd699342c23-FRA
content-encoding
br
content-type
text/html
date
Sat, 09 Sep 2023 15:32:24 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U85kowJmSdqoeYXTU9ik0ORTX%2BXHaddssDqR6PuwIJvhrLJB54Dji3MEmQjFgeGkWx343nbRHDs0iR2AKKr%2BOy5vu8T1AM9WDN16CRRSdroodmjtrNYkqnB8H9F9PFAurMbRiH%2BE3vQtNdaIUA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1C08
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Sep 2023 15:32:24 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 09 Sep 2023 15:32:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
connection
close
content-length
35
content-type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 7BBE 		714 B
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
9674
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
80407bd6a93d2c23-FRA
content-encoding
br
content-type
text/html
date
Sat, 09 Sep 2023 15:32:24 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1C%2FERUzd826bSNbHbQA4DZL0ZvSV1VtLFMCecWAeOjb7%2Fn2vPAZwrAHOjHWR79koBtNpCa%2FzgAs14vGtcC4kKUP39vSCVDRoXRHmXLSSED79YxHWUVQNs0Q%2BJk9%2F2kgTBM6zUVXaqae620B93Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 837B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Sep 2023 15:32:24 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 09 Sep 2023 15:32:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9mYS1odWktamluLXJvbmctY2h1YW5nLXhpbi15b3Utc2hpLXpoZW5nLXlpbi1kYW4teGlhbi1zaGFuZy1waS1saWFuZy1yb25nLXppLWRhbi1iYW8taGUtenVvLW1vLXNoaS10dWktY2h1Lmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS0zZTg4NjY0OC1jMWU4LTQ5MzMtODE3Ni00MDdiMzRjNzAxNzciLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiYmFjMjcxZmEtZGQxOC00NWVkLTkxMzktM2JhYzM2YWUxMWI5IiwidGltZU9mQXVjdGlvbiI6MTY5NDI3MzU0NDI1OCwiYmlkcyI6W3siY3BtIjowLjA1MDMwNTk1ODgzNzI3MDc0LCJhZElkIjoiNzY2ZGNlOWE0NmFjMGM5Iiwib3JpZ2luYWxDcG0iOjAuMDUwMzA1OTU4ODM3MjcwNzQsImJpZGRlciI6ImNyaXRlbyIsInJldmVudWUiOjAuMDAwMDUwMzA1OTU4ODM3MjcwNzQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjIyMCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQyNzM1NDQ1MTB9LHsiY3BtIjowLjAyLCJhZElkIjoiNzdmNDFhYWY2YzAxMTJmIiwib3JpZ2luYWxDcG0iOjAuMDIsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDAyLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0NjksInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MjczNTQ0NzM1fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6ImNyaXRlbyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiNzY2ZGNlOWE0NmFjMGM5IiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDA1MDMwNTk1ODgzNzI3MDc0fSx7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJiYWMyNzFmYS1kZDE4LTQ1ZWQtOTEzOS0zYmFjMzZhZTExYjkiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk0MjczNTQ0MjU4LCJiaWRzIjpbeyJjcG0iOjAuMTM2ODgwODAwMTI3OTgzMSwiYWRJZCI6Ijc1YTg3ODkxZjMxMDIyYiIsIm9yaWdpbmFsQ3BtIjowLjEzNjg4MDgwMDEyNzk4MzEsImJpZGRlciI6ImNyaXRlbyIsInJldmVudWUiOjAuMDAwMTM2ODgwODAwMTI3OTgzMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MjE5LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDI3MzU0NDUwOX0seyJjcG0iOjAuMDE2LCJhZElkIjoiNzg5ZjcxODQ0ZmNjNDQ3Iiwib3JpZ2luYWxDcG0iOjAuMDE2LCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwMTYsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ2OSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQyNzM1NDQ3MzV9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoiY3JpdGVvIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI3NWE4Nzg5MWYzMTAyMmIiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMTM2ODgwODAwMTI3OTgzMX1dLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3062.7999992370605
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
2048413
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1694273545.807939,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
38472
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.8/ 		448 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.8/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ab26e5fdc70f81dec778eb313ee86ff75d9f2c539e406790c1ca3e664838f1be

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-meta-mtime
1693904460
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HYK8AJ9H52WB6KA4
age
369035
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693904472
x-amz-meta-mode
33188
content-length
86274
x-amz-id-2
t1lNyGed3NAQ57eXbmNV3qVCMiGjwwYQ92oCZvFfitu9WKbobo/2tqpNuGO2BTlGE6TqMOiZWNA=
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Tue, 05 Sep 2023 09:01:13 GMT
server
AmazonS3-br
x-timer
S1694273545.828371,VS0,VE0
etag
"e792bcdfdedece52c8d382e55db7d6bd"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
374977
sync
am-match.taboola.com/ Frame 7CBE 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
ef521b41617db833a493dc9fb56206d4be48e8f89eab0086173aba7726c7ebfd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sat, 09 Sep 2023 15:32:24 GMT
machineid
3401
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&cmcv=&pix=31579697&cb=1694273544824&uv=3334&tms=1694273544824&su=3&abt=nonrv_vA!ufm_vG!ufrlt_vA&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-length
0
server
nginx
amp
www.googletagmanager.com/gtag/ 		684 B
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame D936 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LMC6Q1NC-1X-DDAE
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3553257487497326&correlator=4457631457794649&eid=31077747%2C31077595%2C44777901&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&arp=1&abxe=1&dt=1694273544890&lmt=1694266344&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&ga_vid=2108848729.1694273543&ga_sid=1694273543&ga_hid=2064745187&ga_fc=false&ga_cid=amp-er-It84ly8bNYNvbtW01ug&dlt=1694273542734&idt=571&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_8_0%26cluster_reporting%3Dchrome_DESKTOP_8_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.13%26hb_ap_adid%3D75a87891f31022b%26hb_ap_bidder%3Dcriteo%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv5_c&adks=3805778231&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bc2ba92bbd7834dde35c75001163cc6396ae53649c784c371a803d03c764500
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11716
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3553257487497326&correlator=4457631457794649&eid=31077747%2C31077595%2C44777901&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&arp=1&abxe=1&dt=1694273544893&lmt=1694266344&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=2108848729.1694273543&ga_sid=1694273543&ga_hid=2064745187&ga_fc=false&ga_cid=amp-er-It84ly8bNYNvbtW01ug&dlt=1694273542734&idt=571&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_8_0%26cluster_reporting%3Dchrome_DESKTOP_8_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.05%26hb_ap_adid%3D766dce9a46ac0c9%26hb_ap_bidder%3Dcriteo%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv5_c&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a49ae647f8660cae898d2e69eedda8a1572eebf9fcb7bcb8e41f00b9d8f61a62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11439
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B12A 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e100c2d45af0aad2060e08a9af3e94ea251728b9d200af3d5df94a70acf76f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28950
x-xss-protection
0
server
cafe
etag
943 / 19609 / m202309050101 / config-hash: 18345592501010170579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:24 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7BBE 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c4987453c355753e1b3e5eb4f643360f231845a6aecd0003449053da2335e4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28950
x-xss-protection
0
server
cafe
etag
919 / 19609 / m202309050101 / config-hash: 18345592501010170579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:25 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame F913 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45b3d2966167678b72ef6c38e712dccf8bb9388b9f6aa4d95c104f860f3edd70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7897
x-xss-protection
0
server
cafe
etag
7698576391120161064
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:24 GMT
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 a6e32bd914015b20776b115cfb4ba692.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
MRS52-C1
age
1515805
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1694273545.915268,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
IIclY0Hd02bh9imcq0tMJSCTDo5LewOaeFyq25cNLCQUuYWH0yvLeA==
x-cache-hits
182408
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=12611&tvi50=-50&route=AM%3AAM%3AV&lti=deflated&bulkSize=20
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
33
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7447
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230057-FRA
pragma
no-cache
server
nginx
x-timer
S1694273545.917994,VS0,VE33
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 08:21:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdf69b-1bc07"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 09 Sep 2023 16:32:24 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.588.0_en.html
imasdk.googleapis.com/js/core/ Frame D6A0 		721 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
417409
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236614
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 19:35:35 GMT
expires
Tue, 03 Sep 2024 19:35:35 GMT
last-modified
Mon, 04 Sep 2023 19:31:10 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 15:32:25 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 065A 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 09 Sep 2023 16:22:16 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=91g%2FJ%2BnapNF%2B0IzzyRShyU1y3e%2ByCicXmzRNRzHUHdulhj4GfZhFhG%2BzkGdhveeCx5dbUhdCu35YWezkqdSguATytGAUiDgnWqYUThNXh2P2aE%2Budi5AHkC1LdgHtqkoEN4v5N2s6NjzFnwUr9u5hDeM9BC%2BiryArow7aZpLf9%2F1r%2F19kb05RZJ4MelEVWwi9I8wWdulrP7AbC1%2FPCohIalnTwYSE4MyGuoO%2BxJvyrMxRdKLr%2BIqO%2BEOftbVwIfSRW3ohZDhML7%2Bhh5bgRGQm91Fg%2BYPtPsMgBvpa10S%2BpJGgeiX7uU5geo65Lvd6oe%2B8LaLr86SsVpE%2BzQjA7U7Z76jCyS9PBsco4spANQi06dTOqJjyFKLJMpc5yiilXviQ4Oy%2BDh%2B4Uoeupl%2FhB9QE0nXb4iSpddI7uhP38fY591mG8zFuJjHO4bssIBDsYudTL8KcaQKOKOH7rlmtA1uyHAjUKPsqiWhVRqhXmWsTrN5XTIwddeWwrxIJWVYPN1AuIaS9HDR3Rtc4Ww8lR1U5Loh7dkitRkh%2BCjqE%2FPrNonznyo4eKfCZBOoI0Q7PPgp
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame 7CBE 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
server
Kestrel
content-length
70
content-type
image/gif
e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 7CBE 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:9368:3d72:e6f:ea07 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.js
eus.rubiconproject.com/ Frame 837B 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8ac36cb8e899f57d4673ebfc077f32281d442aaadcef023de37722dbcd809b10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 15:32:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Sep 2023 11:06:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70441
Connection
keep-alive
Content-Length
10210
Expires
Sun, 10 Sep 2023 11:06:25 GMT
usync.js
eus.rubiconproject.com/ Frame 1C08 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8ac36cb8e899f57d4673ebfc077f32281d442aaadcef023de37722dbcd809b10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 15:32:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Sep 2023 11:06:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70441
Connection
keep-alive
Content-Length
10210
Expires
Sun, 10 Sep 2023 11:06:25 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 07FC 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
Origin
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 07:05:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30429
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 07:05:16 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 07FC 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DaTRTQ2yDzI8FKhXql3Vlg8-ecw4cOTOGl6_NAnW5l2PGAs3DrVAcrCWG5v8QmEQWBCdI9prQV1gQa9ubBEW6vWOWGKCDhylRzQlS3JPaRVg-fOTyjTjQ7rvg6Pg9di8uAQkFyrZ3WjCbSCjWm6D6vaQ7TiAM8DeUVc7ZkNSiHfsvJNEg&dbm_d=AKAmf-BZb9bGujnkjj8uy9D7Bxjnsa2Glqazts9lFXcesj4C2UssIcnTWWUHJnewI_HtRErRocuQHHIkvyF1-JK0EJ2dxJI7MoHi60-Gc1eccqfVFre1Nlg7v2U7DFYDQ0lH0c1c_cf3XPzvP-2FSHTSKDAo9jZkeSMXq6pLAjLYZd_sVRyoIQY37qC9e53Wi3--6ONKDevBd_d9mkqjRc_4YCWaDbdT0NBcOvwOPL1TOpxaASDgAztgj0CTXj0nkYcqLURg3AFTfnnsCGr95YCBfaQ4qZJ0JLcH3DEk8_SyYWXG2ehUU3lMF4vg1GAcA0rIOONa77t7R-BprIMEiJb8aNK3CkyrtH03_YdisMtUyeWzwdj3_fSDEcNjQXfdT70I6rWh7o6WsJjClImhEz7smYYbXAxKLm29VoZbZ8KnaBi3nvIGxPux4MD3OSQgVn8RJ1J19KLRUQw1VnEjXQmuxhIrAoR-t8ilujHDd62lEf_u378QpnV3DVgzaZkNAWV0LaZKWJz6GxfQty25llVNGYbjIMBMOrHKVBQ_ifH5To3NOys2mC31_VVELxV9oPThOKeDbi8ElZWQgC7nwuz_8RaEizWX3-Gtzd64vtJbF9zmGTrU481NrKFWzFuhd2NhLoTwXidDunZETz9bEsjgazDFpojVcnFzJDuollUCyLRZB33vMcuH6l4b3bOtyo_zYtwx7M-ImCShazUQdTI8k1cyUYYlfk2_KwHx3Gf8F7m4RSUCJ1zxickeadrh3hM-Ovi35j6zQV2WF77Qcu5nXicwptWdO--_RrnOe3RLlJHw2jhekzEPW74XlOqaByk0dkk0kXUnDASSVKN0TmZQ8jKrJeg7sEnhbz9uTOvh7HcrLDRj-mm54QVzOOJKH69X7SuU-Jho306yx0YiRCzvWZ28zOvdT3R6Tt6mr6XvyrGPuE5hIHlXd_0Aqz2KFhpK4-UuAem2sxusTWBxi8BlrJIe1hOv0qiePhIqjHeUDyaE8RLTNNMlUcZuOcXUVTXpk5vm27tuxWHRZ2M466ITjDS5FXQS4BgkilsJY0MZsN1JdvIP2futBnZe2AvlQHwIKwtzQslqeG4ZpoqqSipEGtcN3UsuEfOrX2GtseQYb6G2DMSpDk_RnVy6IaH2RupCIxKOeFMb07DjOjNeyqcODFr9WgnicM9hXtmvHIiNgDjE3Uk2jSNBpUGr7OstiI1Zvu_SwWS-_4NCzHJtCXAKa-po3UINtabW0DCCeykEVHq7eqyvVQSTTHPtlLUokewxlpCxmMU-zfLUT2sdWWKYkfs8LUkZWJWcuJRn74BGAOMh6K821OMoASszsZPc83r3PEoDQ_KAkz1sDzXWhA52X5yW34fIoUbYNgDm8Qdlej7oiZ-EmHGwJC0BvnzDXiXWCCwWwt_5cL29nXsQPuoS3gJTCduIXVrhIRC3UgNo5Tr4IqfDNEb-tYkmnVSs49M4MNE-t5zHTGzF2scb8wDJjJgRzIFvPZ4Tz3EHFgnUejefafQDChZUxdcgJzz2TWauTTvRQqiKZRIzMdxYSnUEevNBhAMcrzyPoqZjXfKUNFmc_U16Zl-o8lGUno5hoU0awRQMYBSFTd8Inj7fqGiU3rAZU58nCvTA3m04j6JNnMvw_exXaRTQCap0bh0ah9lua2xErtQal8ZRenbWlHSna5sEmtsfq8vsqyU-i8gvWN0BW-YtZKKNhKu9LLZDWK7MtcdCTFWtEjyeYLrExQDmf7Z910Pe3YgQs7iOYg5oX3IUnWaoWZ5Hi-QovN4y5KN1_U0VSbNttReE_ifgpLt1Y6nHVTDcN_YLvZNdeLYv5onh_BOOhz_-Dkx22zx0ak3JsJ8JEEqJ71w81Mmk2bNfi_hVSv-EEEdX4ewubJL8aBAP6u14roiDcXDD3DmwV4zFJEjaCpwELS92aWJPGDFEW7LAHJIpzK91AXmoUFUy-UpgNtASRgy-QBFdbKbHJ14Y3KV1rupwmaLOAKVkjwdEpF3AwNrYzKW_BxnvOWtxV1dd6-X_kCZBVHrH0iLQ_JMraoJABRPGKDNyJZfeJehc52E5olmlzKs3ab-eNk7aaT9G9XEYd_Ji_uskQerOrNF_IsDBK2_o8upNcAxCOYkR3V4BgQk8xPGIm8ILXGxhP6T3ZzpKJDJfbIqO2P8kmRNPfyjIfuUKFpP-abbyiZvBB19kO5SdFO89rGaeCspaMeoXWtRxzCD1NTI8id0A4rOtwpJfpraFGGBMTK_f69gjOgD86O3qjBPbRHRPKW_Yupz0a4jVYKwPlVFj3lCBDtsKHCt3_jS7WUST0DdlDACgmk23QpuOKyTdmm1pUENIj8A-Qkp4JXczWRjyvfr2PUeKrQG4DlAlraG7cFDfkhTg__vp2QVFtPW2YO64EeOp7qZYenrqXo3ofrfPhCnI69c59_02pRFxhKBJBcy9Mfsd6snCIqqF07ASsHgxfo77V-JvLVX9t_MOR89Ra6e6Yd9JqEH31cCL6RRZsSWeu80YRBTU8KPBu8xo5oCa3y5O1y2HK6winv7lPPkmCJLraiuKCLl1-3vrdnBiM6e6dSw0Emp7xoaaxECOUZ1FM9ENwMuDeGFiBkfBS1hAeD3CCEm4R5RK4vMiTqZBha7CL02GNDERKuwi3XdtuaHzBwSacX0p8PHlPJ0D7h5ESWwe3IAxDuwzQ5dcxeCYrfVgNY0c4djaolRO2GvmajR44bGZ9EZMnFGM0y9XR9Qy5luYcCZzuX2irNZ8vc7Pjo2v49VDJ2_dKPeTIfHJGSUzOXBwGsD69BVBVk8cJ1EHyvpZ0hlDeeE5xQSELhYTN6eEvHkuKKk5UeZ20riFf-9XbmmkT7gQBzQ0QMFutDLXPZ7ruqMHSsE6_kxu3daIoQeZRpAGdtCq6Y7oxK007nm4MInFnqStTo_cOqo_MoOtc56b4qWr3ulTY0AbYc57kSMAGk3jGubb7lE3QAVBjDvaaC4gtmNSDQsrasTQlYmZTK4QCNbQ3JI_1IuFBZbuPheuMW4-IrJN9wN2CW3xdtW9m1JGpFC7fDbM26cmYmbGAXImUG3q0_LkzOtA42kkInYwssMwsJaNtvziW-rDnc_DKze2ndCCvSwKPjJWmLedYy7T15Y3bwC7_W32M-ISq9MaPQ5eef9V8AoKNsn8Kops6nDGaHm0pFEJN3niaho3iEPf-RtV9zp5hWQeCsdYkVWwmGteI5nRoONxgveDt20mfGN-ODBeQjflIXWFuTFSTV7TPuGL9XtScr86jH_oMnXg2e6jGbzxF6nLLTkgJ8G55ert9sZMmtuAExZwWestUvVVmIQF_di6Xsg8NUmK80NaJA3bsWFgc5VgfmvK6QPYpAqvuAUB0KwxuGjwVadq8TiksgK2x-y3B8BCCGf64H0jjt8Qpa74wIBDrHGztudYJCP6sX0huKGYUv4nmrsJaPUnzQXj2ogkJgPPfJX-Ay5eGU1iEKW6v3PXu-dHkHMv_SADYrbnwnaLBC1r0z06ht5NVi1rNsnIu6lhXx8LdeM5JOsIbBGCMd5LiB99eM2l5TauQVkJ_hMHaqBU66_vF3bdPrBY-GCsGZ9aeaqjrAMjMZZVFN6STubsTEo3WZ9uWvQC-Jdi9D_CNIe0ltXxrQ-k9hD-yC0CfnSkt4pDcBGwF0lVlZ6p6_y2ZplByP-OF-TxRk1KgVViAwG1fmRBn0ItKILFrOwY1Kk7UXrnOzFfx1pfn8vpj0auvAhT12YSnGc_8TeZb17wdpXR5Y46OH_sjPe5WSiR4d0L7ATwMPJDOvAjL-fAcZZ-rRy7zipyfH63ypKlKqIUHRlJcEbSk94D1CpU0bXgz003J9qkPoQLtkU5r4pIl2BFiwE8760srQT_k5GilRkhu0LUp68E9n7IgQNMlNkqs0g1OvaW-cBu2dXCboUK7FEIP3oahKQiF0F-z_ADum0Q3q_B0Tj-Ojyw-9TECCC-qiTodcDvBK1c5VMOmF6nBTkj0Q&cid=CAQSOwBpAlJW_eF4TgwDc6HbehZJNnx1YEFGE2PiEw_tj23VRt4OqMTcR1kYljraTSgYZrN4YQy7NSE31P_aGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=14076913075755645000&adk=929882891&idt=151&cac=0&dtd=34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 07:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
29971
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 07:12:53 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 07FC 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DaTRTQ2yDzI8FKhXql3Vlg8-ecw4cOTOGl6_NAnW5l2PGAs3DrVAcrCWG5v8QmEQWBCdI9prQV1gQa9ubBEW6vWOWGKCDhylRzQlS3JPaRVg-fOTyjTjQ7rvg6Pg9di8uAQkFyrZ3WjCbSCjWm6D6vaQ7TiAM8DeUVc7ZkNSiHfsvJNEg&dbm_d=AKAmf-BZb9bGujnkjj8uy9D7Bxjnsa2Glqazts9lFXcesj4C2UssIcnTWWUHJnewI_HtRErRocuQHHIkvyF1-JK0EJ2dxJI7MoHi60-Gc1eccqfVFre1Nlg7v2U7DFYDQ0lH0c1c_cf3XPzvP-2FSHTSKDAo9jZkeSMXq6pLAjLYZd_sVRyoIQY37qC9e53Wi3--6ONKDevBd_d9mkqjRc_4YCWaDbdT0NBcOvwOPL1TOpxaASDgAztgj0CTXj0nkYcqLURg3AFTfnnsCGr95YCBfaQ4qZJ0JLcH3DEk8_SyYWXG2ehUU3lMF4vg1GAcA0rIOONa77t7R-BprIMEiJb8aNK3CkyrtH03_YdisMtUyeWzwdj3_fSDEcNjQXfdT70I6rWh7o6WsJjClImhEz7smYYbXAxKLm29VoZbZ8KnaBi3nvIGxPux4MD3OSQgVn8RJ1J19KLRUQw1VnEjXQmuxhIrAoR-t8ilujHDd62lEf_u378QpnV3DVgzaZkNAWV0LaZKWJz6GxfQty25llVNGYbjIMBMOrHKVBQ_ifH5To3NOys2mC31_VVELxV9oPThOKeDbi8ElZWQgC7nwuz_8RaEizWX3-Gtzd64vtJbF9zmGTrU481NrKFWzFuhd2NhLoTwXidDunZETz9bEsjgazDFpojVcnFzJDuollUCyLRZB33vMcuH6l4b3bOtyo_zYtwx7M-ImCShazUQdTI8k1cyUYYlfk2_KwHx3Gf8F7m4RSUCJ1zxickeadrh3hM-Ovi35j6zQV2WF77Qcu5nXicwptWdO--_RrnOe3RLlJHw2jhekzEPW74XlOqaByk0dkk0kXUnDASSVKN0TmZQ8jKrJeg7sEnhbz9uTOvh7HcrLDRj-mm54QVzOOJKH69X7SuU-Jho306yx0YiRCzvWZ28zOvdT3R6Tt6mr6XvyrGPuE5hIHlXd_0Aqz2KFhpK4-UuAem2sxusTWBxi8BlrJIe1hOv0qiePhIqjHeUDyaE8RLTNNMlUcZuOcXUVTXpk5vm27tuxWHRZ2M466ITjDS5FXQS4BgkilsJY0MZsN1JdvIP2futBnZe2AvlQHwIKwtzQslqeG4ZpoqqSipEGtcN3UsuEfOrX2GtseQYb6G2DMSpDk_RnVy6IaH2RupCIxKOeFMb07DjOjNeyqcODFr9WgnicM9hXtmvHIiNgDjE3Uk2jSNBpUGr7OstiI1Zvu_SwWS-_4NCzHJtCXAKa-po3UINtabW0DCCeykEVHq7eqyvVQSTTHPtlLUokewxlpCxmMU-zfLUT2sdWWKYkfs8LUkZWJWcuJRn74BGAOMh6K821OMoASszsZPc83r3PEoDQ_KAkz1sDzXWhA52X5yW34fIoUbYNgDm8Qdlej7oiZ-EmHGwJC0BvnzDXiXWCCwWwt_5cL29nXsQPuoS3gJTCduIXVrhIRC3UgNo5Tr4IqfDNEb-tYkmnVSs49M4MNE-t5zHTGzF2scb8wDJjJgRzIFvPZ4Tz3EHFgnUejefafQDChZUxdcgJzz2TWauTTvRQqiKZRIzMdxYSnUEevNBhAMcrzyPoqZjXfKUNFmc_U16Zl-o8lGUno5hoU0awRQMYBSFTd8Inj7fqGiU3rAZU58nCvTA3m04j6JNnMvw_exXaRTQCap0bh0ah9lua2xErtQal8ZRenbWlHSna5sEmtsfq8vsqyU-i8gvWN0BW-YtZKKNhKu9LLZDWK7MtcdCTFWtEjyeYLrExQDmf7Z910Pe3YgQs7iOYg5oX3IUnWaoWZ5Hi-QovN4y5KN1_U0VSbNttReE_ifgpLt1Y6nHVTDcN_YLvZNdeLYv5onh_BOOhz_-Dkx22zx0ak3JsJ8JEEqJ71w81Mmk2bNfi_hVSv-EEEdX4ewubJL8aBAP6u14roiDcXDD3DmwV4zFJEjaCpwELS92aWJPGDFEW7LAHJIpzK91AXmoUFUy-UpgNtASRgy-QBFdbKbHJ14Y3KV1rupwmaLOAKVkjwdEpF3AwNrYzKW_BxnvOWtxV1dd6-X_kCZBVHrH0iLQ_JMraoJABRPGKDNyJZfeJehc52E5olmlzKs3ab-eNk7aaT9G9XEYd_Ji_uskQerOrNF_IsDBK2_o8upNcAxCOYkR3V4BgQk8xPGIm8ILXGxhP6T3ZzpKJDJfbIqO2P8kmRNPfyjIfuUKFpP-abbyiZvBB19kO5SdFO89rGaeCspaMeoXWtRxzCD1NTI8id0A4rOtwpJfpraFGGBMTK_f69gjOgD86O3qjBPbRHRPKW_Yupz0a4jVYKwPlVFj3lCBDtsKHCt3_jS7WUST0DdlDACgmk23QpuOKyTdmm1pUENIj8A-Qkp4JXczWRjyvfr2PUeKrQG4DlAlraG7cFDfkhTg__vp2QVFtPW2YO64EeOp7qZYenrqXo3ofrfPhCnI69c59_02pRFxhKBJBcy9Mfsd6snCIqqF07ASsHgxfo77V-JvLVX9t_MOR89Ra6e6Yd9JqEH31cCL6RRZsSWeu80YRBTU8KPBu8xo5oCa3y5O1y2HK6winv7lPPkmCJLraiuKCLl1-3vrdnBiM6e6dSw0Emp7xoaaxECOUZ1FM9ENwMuDeGFiBkfBS1hAeD3CCEm4R5RK4vMiTqZBha7CL02GNDERKuwi3XdtuaHzBwSacX0p8PHlPJ0D7h5ESWwe3IAxDuwzQ5dcxeCYrfVgNY0c4djaolRO2GvmajR44bGZ9EZMnFGM0y9XR9Qy5luYcCZzuX2irNZ8vc7Pjo2v49VDJ2_dKPeTIfHJGSUzOXBwGsD69BVBVk8cJ1EHyvpZ0hlDeeE5xQSELhYTN6eEvHkuKKk5UeZ20riFf-9XbmmkT7gQBzQ0QMFutDLXPZ7ruqMHSsE6_kxu3daIoQeZRpAGdtCq6Y7oxK007nm4MInFnqStTo_cOqo_MoOtc56b4qWr3ulTY0AbYc57kSMAGk3jGubb7lE3QAVBjDvaaC4gtmNSDQsrasTQlYmZTK4QCNbQ3JI_1IuFBZbuPheuMW4-IrJN9wN2CW3xdtW9m1JGpFC7fDbM26cmYmbGAXImUG3q0_LkzOtA42kkInYwssMwsJaNtvziW-rDnc_DKze2ndCCvSwKPjJWmLedYy7T15Y3bwC7_W32M-ISq9MaPQ5eef9V8AoKNsn8Kops6nDGaHm0pFEJN3niaho3iEPf-RtV9zp5hWQeCsdYkVWwmGteI5nRoONxgveDt20mfGN-ODBeQjflIXWFuTFSTV7TPuGL9XtScr86jH_oMnXg2e6jGbzxF6nLLTkgJ8G55ert9sZMmtuAExZwWestUvVVmIQF_di6Xsg8NUmK80NaJA3bsWFgc5VgfmvK6QPYpAqvuAUB0KwxuGjwVadq8TiksgK2x-y3B8BCCGf64H0jjt8Qpa74wIBDrHGztudYJCP6sX0huKGYUv4nmrsJaPUnzQXj2ogkJgPPfJX-Ay5eGU1iEKW6v3PXu-dHkHMv_SADYrbnwnaLBC1r0z06ht5NVi1rNsnIu6lhXx8LdeM5JOsIbBGCMd5LiB99eM2l5TauQVkJ_hMHaqBU66_vF3bdPrBY-GCsGZ9aeaqjrAMjMZZVFN6STubsTEo3WZ9uWvQC-Jdi9D_CNIe0ltXxrQ-k9hD-yC0CfnSkt4pDcBGwF0lVlZ6p6_y2ZplByP-OF-TxRk1KgVViAwG1fmRBn0ItKILFrOwY1Kk7UXrnOzFfx1pfn8vpj0auvAhT12YSnGc_8TeZb17wdpXR5Y46OH_sjPe5WSiR4d0L7ATwMPJDOvAjL-fAcZZ-rRy7zipyfH63ypKlKqIUHRlJcEbSk94D1CpU0bXgz003J9qkPoQLtkU5r4pIl2BFiwE8760srQT_k5GilRkhu0LUp68E9n7IgQNMlNkqs0g1OvaW-cBu2dXCboUK7FEIP3oahKQiF0F-z_ADum0Q3q_B0Tj-Ojyw-9TECCC-qiTodcDvBK1c5VMOmF6nBTkj0Q&cid=CAQSOwBpAlJW_eF4TgwDc6HbehZJNnx1YEFGE2PiEw_tj23VRt4OqMTcR1kYljraTSgYZrN4YQy7NSE31P_aGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=14076913075755645000&adk=929882891&idt=151&cac=0&dtd=34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 06:26:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
32735
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11585
x-xss-protection
0
server
cafe
etag
30886230758233217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 06:26:49 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 07FC 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:22:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
558596
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Sep 2024 04:22:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AE6A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84908
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 15:57:17 GMT
etag
48472445140208031
expires
Sat, 09 Sep 2023 15:57:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
480_650.mp4
cdn.vidverto.io/secured2/dQvJa33NwOkAdqKbUPmFww:1694277143/1327/video/1811/ 		112 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/dQvJa33NwOkAdqKbUPmFww:1694277143/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.123 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-123.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 09 Sep 2023 15:32:25 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16900083/16900084
Connection
keep-alive
Content-Length
16900084
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=6253&cid=amp-er-It84ly8bNYNvbtW01ug&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dr=&dt=%E7%99%BC%E6%8F%AE%E9%87%91%E8%9E%8D%E5%89%B5%E6%96%B0%E5%84%AA%E5%8B%A2%C2%A0%E2%80%9C%E6%94%BF%E9%8A%80%E6%93%94%E2%80%9D%E7%B7%9A%E4%B8%8A%E6%89%B9%E9%87%8F%E8%9E%8D%E8%B3%87%E6%93%94%E4%BF%9D%E5%90%88%E4%BD%9C%E6%A8%A1%E5%BC%8F%E6%8E%A8%E5%87%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1694273545&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-er-It84ly8bNYNvbtW01ug&aip=1&sid=1694273545&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 8E14 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Sep 2023 15:32:25 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
dcm
s.amazon-adsystem.com/ Frame D936
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VMH8HJ7SNQ0WZX6S410P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DCHJDBPS3QEP333ZQ77Q
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame D936
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VW070H6RG7AKWWE5T1NG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TVKHX2SS2QN7H3KCDZDT
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D936
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmRlZWVjMWIwYTA0OGEzY2UzZDExNzZkZWZlNWRhZDU1ZGMxODQ5ZA&gdpr=1&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmRlZWVjMWIwYTA0OGEzY2UzZDExNzZkZWZlNWRhZDU1ZGMxODQ5ZA&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmRlZWVjMWIwYTA0OGEzY2UzZDExNzZkZWZlNWRhZDU1ZGMxODQ5ZA&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D936
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1DNlExTkMtMVgtRERBRQ==&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEL_oHlEv5YLv7GrSqRVrwAo&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1DNlExTkMtMVgtRERBRQ==&google_push=&gdpr=1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1DNlExTkMtMVgtRERBRQ==&google_push=&gdpr=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1DNlExTkMtMVgtRERBRQ==&google_push=&gdpr=1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
setuid
px.ads.linkedin.com/ Frame D936
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMC6Q1NC-1X-DDAE&gdpr=1&us_privacy=1---
0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMC6Q1NC-1X-DDAE&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:24 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 9CE13301869145D4BB9822470F6E94C4 Ref B: FRAEDGE1917 Ref C: 2023-09-09T15:32:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYE7szTVK9vquW07MsBzg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMC6Q1NC-1X-DDAE&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame D936 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
server
Kestrel
content-length
70
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame D936
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEBhBmpUzRSPx4VpxT4XVURw&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEBhBmpUzRSPx4VpxT4XVURw&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEBhBmpUzRSPx4VpxT4XVURw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D936
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/aDn4W3Z2f5TyWWEfGoLUHcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-65fcoZBE2oJuADu26gmergAdRKygJIb2_j7dcQ--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-65fcoZBE2oJuADu26gmergAdRKygJIb2_j7dcQ--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 09 Sep 2023 15:32:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-65fcoZBE2oJuADu26gmergAdRKygJIb2_j7dcQ--~A
content-length
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 94E4 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3eddc6676189b7271e28067a6b18ebb43dcdb8eee0820753a8111b0b67f6d84f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7895
x-xss-protection
0
server
cafe
etag
786589715841451300
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:25 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F913 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac39710ac19304041224ce638fd2cbcca17bca744544ef5f40bf05a7dbf22deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50432
x-xss-protection
0
server
cafe
etag
6344646580416237132
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:25 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sat, 09 Sep 2023 15:32:25 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
3901
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1694273545.185895,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
37
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1879
sync.php
pixel.rubiconproject.com/exchange/ Frame 837B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LMC6Q1NC-1X-DDAE
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.js
eus.rubiconproject.com/ Frame 8E14 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8ac36cb8e899f57d4673ebfc077f32281d442aaadcef023de37722dbcd809b10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 15:32:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Sep 2023 11:06:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70440
Connection
keep-alive
Content-Length
10210
Expires
Sun, 10 Sep 2023 11:06:25 GMT
collect
www.google-analytics.com/r/ 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E7%99%BC%E6%8F%AE%E9%87%91%E8%9E%8D%E5%89%B5%E6%96%B0%E5%84%AA%E5%8B%A2%C2%A0%E2%80%9C%E6%94%BF%E9%8A%80%E6%93%94%E2%80%9D%E7%B7%9A%E4%B8%8A%E6%89%B9%E9%87%8F%E8%9E%8D%E8%B3%87%E6%93%94%E4%BF%9D%E5%90%88%E4%BD%9C%E6%A8%A1%E5%BC%8F%E6%8E%A8%E5%87%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-er-It84ly8bNYNvbtW01ug&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.6621718509653796&gjid=0.8810757082929963&_r=1&a=6253&z=0.979190075140892&gtm=45De1110
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
L2EvZmEtaHVpLWppbi1yb25nLWNodWFuZy14aW4teW91LXNoaS16aGVuZy15aW4tZGFuLXhpYW4tc2hhbmctcGktbGlhbmctcm9uZy16aS1kYW4tYmFvLWhlLXp1by1tby1zaGktdHVpLWNodS5odG1s.json
cdn.adpushup.com/42753/ 		555 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvZmEtaHVpLWppbi1yb25nLWNodWFuZy14aW4teW91LXNoaS16aGVuZy15aW4tZGFuLXhpYW4tc2hhbmctcGktbGlhbmctcm9uZy16aS1kYW4tYmFvLWhlLXp1by1tby1zaGktdHVpLWNodS5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:1786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-country
DE
date
Sat, 09 Sep 2023 15:32:25 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=30, origin; dur=93, ak_p; desc="1694273545256_389027462_108245720_12318_1851_34_0_219";dur=1
content-length
555
expires
Sat, 09 Sep 2023 16:32:25 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/ Frame B12A 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 13:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
7347
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129878
x-xss-protection
0
server
cafe
etag
7992010681825974757
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Sep 2024 13:29:58 GMT
dpixel
cms.quantserve.com/ Frame AE6A 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOgDmBLuE3piAt1epyRIPgI&google_cver=1&google_push=AXcoOmTGOxRC_KHLSWgoVC_9GjcfflIvAfqgiYX2L63zgYg7yk4VvkdQJddNPej9_VXXxvFgvA6qzJUN-4B-jQB0ayfDbq2ilsRMiLEaFn0TdzUgQnPsdi7HCAstS6U1fRIRBFnPlAhmpB8
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AE6A
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELNj8ohwbGiPuhUZWoN-XqY&google_cver=1&google_push=AXcoOmSQZUvvxm-ndIn4W4bpc6rh_28U2AKkCyoYenc9BCXsDvZiFywWjwi_PrsMzv3yCfJvYaf6dJ3NjjS...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSQZUvvxm-ndIn4W4bpc6rh_28U2AKkCyoYenc9BCXsDvZiFywWjwi_PrsMzv3yCfJvYaf6dJ3NjjSo6thRO_1UPN2tV--MJZS0FF4XZpA_Jl_QF2mJ22Jx-W8zlQy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSQZUvvxm-ndIn4W4bpc6rh_28U2AKkCyoYenc9BCXsDvZiFywWjwi_PrsMzv3yCfJvYaf6dJ3NjjSo6thRO_1UPN2tV--MJZS0FF4XZpA_Jl_QF2mJ22Jx-W8zlQyPDMZokWxUz9M&google_hm=kOP4KMMnRzCVgKrNuFRNPxc
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSQZUvvxm-ndIn4W4bpc6rh_28U2AKkCyoYenc9BCXsDvZiFywWjwi_PrsMzv3yCfJvYaf6dJ3NjjSo6thRO_1UPN2tV--MJZS0FF4XZpA_Jl_QF2mJ22Jx-W8zlQyPDMZokWxUz9M&google_hm=kOP4KMMnRzCVgKrNuFRNPxc
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AE6A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL_oHlEv5YLv7GrSqRVrwAo&google_cver=1&google_push=AXcoOmS1qtWBwI9L4pqouUHRXzFhdMMeLWGGECfYtOkRZaFBbX_2XBdM5QcygUm36COYzqtd4cO...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1DNlExTkMtMVgtRERBRQ==&google_push=AXcoOmS1qtWBwI9L4pqouUHRXzFhdMMeLWGGECfYtOkRZaFBbX_2XBdM5QcygUm36COYzqtd4cOQjcPfOfJesGV078N54nraqQzQQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1DNlExTkMtMVgtRERBRQ==&google_push=AXcoOmS1qtWBwI9L4pqouUHRXzFhdMMeLWGGECfYtOkRZaFBbX_2XBdM5QcygUm36COYzqtd4cOQjcPfOfJesGV078N54nraqQzQQnwcfQexTDqjuoMiA-a_-J1DIg7KBYqdZZ9oMEZcGA
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1DNlExTkMtMVgtRERBRQ==&google_push=AXcoOmS1qtWBwI9L4pqouUHRXzFhdMMeLWGGECfYtOkRZaFBbX_2XBdM5QcygUm36COYzqtd4cOQjcPfOfJesGV078N54nraqQzQQnwcfQexTDqjuoMiA-a_-J1DIg7KBYqdZZ9oMEZcGA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame AE6A
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPz8BQi0n1Ew5w9MBbazK_Y&google_cver=1&google_push=AXcoOmQ0dBuQZII36NOA6EY2ldAGtt8qZqNeZL6L-e_XhN7a_c9w3G3QZ0vzJklQVrPd8CnKjTAOJV0T53osyWW30...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPz8BQi0n1Ew5w9MBbazK_Y&google_cver=1&google_push=AXcoOmQ0dBuQZII36NOA6EY2ldAGtt8qZqNeZL6L-e_XhN7a_c9w3G3QZ0vzJklQVrPd8CnKjTAOJV0T53osyWW30...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ0dBuQZII36NOA6EY2ldAGtt8qZqNeZL6L-e_XhN7a_c9w3G3QZ0vzJklQVrPd8CnKjTAOJV0T53osyWW30u5jhFyVGZh-Xn6nVAJDJDs-PUFEur1h20NH6YRTdxCIY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ0dBuQZII36NOA6EY2ldAGtt8qZqNeZL6L-e_XhN7a_c9w3G3QZ0vzJklQVrPd8CnKjTAOJV0T53osyWW30u5jhFyVGZh-Xn6nVAJDJDs-PUFEur1h20NH6YRTdxCIYamzWXZ6rzA&google_hm=HSwEqGZHX1ykCr5nTfKNWEhI
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 09 Sep 2023 15:32:25 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ0dBuQZII36NOA6EY2ldAGtt8qZqNeZL6L-e_XhN7a_c9w3G3QZ0vzJklQVrPd8CnKjTAOJV0T53osyWW30u5jhFyVGZh-Xn6nVAJDJDs-PUFEur1h20NH6YRTdxCIYamzWXZ6rzA&google_hm=HSwEqGZHX1ykCr5nTfKNWEhI
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync
ssbsync.smartadserver.com/api/ Frame AE6A 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENCZtxWeTCWLhTuuYN-s90o&google_cver=1&google_push=AXcoOmQN7Uo2w_9MayklRO-q_XLT0F4gc1VGth4wDB8f6KZlcnyWyYr4FCxX7yMWt1b5EzWYz5zbljeHX2zABPk79-AdzZHUpNQ2Y0XaL9EX5XoIlpAD7q7C0N9sFM9IHktbwcwfQ6RcNhw
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame AE6A
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEM-YSODl4dTeM9J8ueSqeps&google_cver=1&google_push=AXcoOmQlg8DUBGbGVIdThDP6LzeRJh5ayQbgcRNS1_sDI8ChBjgiKFoQi...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQlg8DUBGbGVIdThDP6LzeRJh5ayQbgcRNS1_sDI8ChBjgiKFoQip2kC9byhM4AOd4Xy5sQTLB6_h7jJgyxNPFgy9n6LfdyCchswylnR1OxP6hSA3NYTBbkZzh5F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQlg8DUBGbGVIdThDP6LzeRJh5ayQbgcRNS1_sDI8ChBjgiKFoQip2kC9byhM4AOd4Xy5sQTLB6_h7jJgyxNPFgy9n6LfdyCchswylnR1OxP6hSA3NYTBbkZzh5FaP3QGOzyr0Cy6NW&google_hm=QlMuZjg0MS1hYTI5LTQ2NDgtOWE4Yg==
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQlg8DUBGbGVIdThDP6LzeRJh5ayQbgcRNS1_sDI8ChBjgiKFoQip2kC9byhM4AOd4Xy5sQTLB6_h7jJgyxNPFgy9n6LfdyCchswylnR1OxP6hSA3NYTBbkZzh5FaP3QGOzyr0Cy6NW&google_hm=QlMuZjg0MS1hYTI5LTQ2NDgtOWE4Yg==
Date
Sat, 09 Sep 2023 15:32:25 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
/
onetag-sys.com/match/ Frame AE6A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMrbjttTB8tzO6PTT-sB_Ps&google_cver=1&google_push=AXcoOmQsj1RlCibZK_kkQl3229jnIgA73KwIOdczpDFryEO9t92cJTCFqpSgvj7_an4q40Q2MkAU2O-eIjU...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQsj1RlCibZK_kkQl3229jnIgA73KwIOdczpDFryEO9t92cJTCFqpSgvj7_an4q40Q2MkAU2O-eIjUn8xX_ErSaJUUWxZv7WDQNzQS7Ff86W8lvbOgB...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame AE6A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JK_jIFGbnH_Q-0wr0VhyGljC2-xseOwSZR9LA9VplG-_hN7RGUY3rb2QjrtAuizGoH5WG3628
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/6130299874045194587/ Frame 7D4F 		178 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6130299874045194587/index.html?e=69&leftOffset=0&topOffset=0&c=tA3GDtGYaX&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b55c2d006159542f169aef9b17d21177727f8d8717fff965f051f390c020c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:25 GMT
expires
Sun, 08 Sep 2024 15:32:25 GMT
last-modified
Thu, 26 Jan 2023 09:29:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/ Frame 7BBE 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 13:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
7347
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129878
x-xss-protection
0
server
cafe
etag
7992010681825974757
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Sep 2024 13:29:58 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 23:29:48 GMT
x-content-type-options
nosniff
age
57757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 23:29:48 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 04:05:52 GMT
x-content-type-options
nosniff
age
41193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 04:05:52 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		358 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13c151da3c1ba1beea84e45b9a7f92f2b553c26c07615626a55745d5595cd42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126089
x-xss-protection
0
expires
Sat, 09 Sep 2023 15:32:25 GMT
container.html
17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C524 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:23 GMT
expires
Sun, 08 Sep 2024 15:32:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 94E4 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
304d72f47d1dd498bdcc3151838f13d95effb2f4d678552917e0175b81393aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50430
x-xss-protection
0
server
cafe
etag
13329817143810967477
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:25 GMT
css
fonts.googleapis.com/ Frame 7D4F 		8 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:700,500,600
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6130299874045194587/index.html?e=69&leftOffset=0&topOffset=0&c=tA3GDtGYaX&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fadf8e6cbd7b8b1b07184fc760be61dc5edf839c15a0d075ee489f3ddfb143d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 15:27:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Sep 2023 15:32:25 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 7D4F 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6130299874045194587/index.html?e=69&leftOffset=0&topOffset=0&c=tA3GDtGYaX&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6130299874045194587/index.html?e=69&leftOffset=0&topOffset=0&c=tA3GDtGYaX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 04:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41545
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 04:00:00 GMT
480_650.mp4
cdn.vidverto.io/secured2/dQvJa33NwOkAdqKbUPmFww:1694277143/1327/video/1811/ 		36 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/dQvJa33NwOkAdqKbUPmFww:1694277143/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.123 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-123.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 09 Sep 2023 15:32:25 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16900083/16900084
Connection
keep-alive
Content-Length
16900084
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8D77 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
540165
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 09:29:40 GMT
expires
Mon, 02 Sep 2024 09:29:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
925bb83c8c4be0dd4ef4fde8d55a2f44df3e3e48dcfcea73120f3ef1c84e7005
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90876
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Sep 2023 15:32:25 GMT
480_650.mp4
cdn.vidverto.io/secured2/dQvJa33NwOkAdqKbUPmFww:1694277143/1327/video/1811/ 		152 KB
152 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/dQvJa33NwOkAdqKbUPmFww:1694277143/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.123 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-123.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
834547203256db310a21bd6c541e05b13c741da4f7aec1c65e6d9d43f5eefef6

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range
bytes=16744448-

Response headers

Date
Sat, 09 Sep 2023 15:32:25 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16744448-16900083/16900084
Connection
keep-alive
Content-Length
155636
8nnot1AUAUWEz1Id9eWLt4hNu4mBC7SzsfayQL0cG2v%2FTeGDEImAOLqdJ%2BU4mh8SgX76b2WCi9YFyhMf9%2BKss2YiKO9pLXb9MyZ%2F1c6uIt69%2BITWLd0ILx1q9Q0glzd3zeZo1cAIT7nLo7X2u02JnWpD1I1t0hHccVL1MbAETdOsWFVZ%2FLccrylhL...
ad.vidverto.io/delivery/video/pod/ Frame D6A0 		45 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/8nnot1AUAUWEz1Id9eWLt4hNu4mBC7SzsfayQL0cG2v%2FTeGDEImAOLqdJ%2BU4mh8SgX76b2WCi9YFyhMf9%2BKss2YiKO9pLXb9MyZ%2F1c6uIt69%2BITWLd0ILx1q9Q0glzd3zeZo1cAIT7nLo7X2u02JnWpD1I1t0hHccVL1MbAETdOsWFVZ%2FLccrylhL5XIGTlnFmAdDyPbnXKdpPGb2%2BjzuSyir5b1hORgbNGcmGemgwmipUM3ySiKnA2sVRDP4299zBr4rj6Oa18bhR2Yg9%2Fu5tue2RWzQWTiFQ2ig4xz%2FwttWM05AHekzw0LcFKgAVGtbDwPlA6kal5cNgVjcmcZFGllxdm9EZChRKz58L2ZKELfU1xrJur3vrEdZ5pLcvLLnR97kDFUHMW%2BSRXAU9tt%2FiXgLeqr%2BWSfwUpPO6nxeypsYDdiKFw48C0TYgH7zlFJI8INKwjMzYbJMdxFK394LZNTGovK%2Fy5R4MttNKM%2FeLghZ5KBVSy0QWsEcgXberPXcb%2F%2BNxi5cy%2BqqzhjVuaehKqIQczdeQeIw%2F47%2FgVUYUf8CDwAGEKbrKZHM1aqeZnjuiuiE%2BP1%2FTe%2FGtOK2pEGGiscsBT4ygMJSa1rwjf4z4kyQgq0Rpbhv9OUHhXz3MOYgL3PWQLkSFsp7%2Bqjv3xTg5LIjjMuPzzaESmXZ0fca2WCC9fNwJNf%2FN34tWFt7kJqEyHUI%2B%2BALd4s7M0rTDHYYNovdnXtGM4DXFM9qIn8yQrnG%2Bcdj6rm%2FbsscYw%2BwA3a?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f4d2aa63a4741c42282bb7f0a1b268ab5febd60cb7828dab0d396791a2a170a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ Frame F913 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84df7329e1b5b8b57dca26750bdba9cebf3371f8988115f49c2069f2414e0325
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131798
x-xss-protection
0
server
cafe
etag
12088936007899483809
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:25 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/ Frame D88B 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84913
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 15:57:12 GMT
etag
8554266389219770021
expires
Fri, 22 Sep 2023 15:57:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame BDFE 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkdrzwgEwAQ&v=APEucNW7_MfIrVo5ZN0Cw5bE7K0x8AKrvm7wB-J3k_bUF9-Jf7CqBDZkPGK_X4u2giSBV44LnaXv8csf0ZP7wkijZWeuxNPDRzjLSPMgi7ajFgZX9HdCibSM6xjusq4r26U5pSMfjxTQuKJFNU4z3vOl60xV9zgTGAgtpsRyaoWP2py-5JUmnJxRIfIPs640mqdx2hblZof8aS6T9aCb6vh8AF5jQufnIw
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C524 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C524 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Df57aMfS9ql10OoFTynYs0wmhmqJI5lK_hBhNKgRCezafvgXVHJRq1lVzSWAlaSmrCOetypkUi29TGaiBMVBX6NjWaQwvzzkMgKIXDn0_K7OeSOgg
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C524 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3459143023289293620&x=1&ct=76
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame C524 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 13:30:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
7344
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 13:30:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame C524 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
84911
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 15:57:14 GMT
l
www.google.com/ads/measurement/ Frame C524 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRkLfPz9QpVddI1-s73O1y0vyvm-gGcSNHIE98D1gnC_VXDkpKs-a-jwMlZ_LkqGzPxJmKvLfNuuukk2WEuKJ8E8Bi6sQ
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C524 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:25 GMT
csi
csi.gstatic.com/ Frame D6A0 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmc6q28f&c=6638320243726&slotId=3319160121863&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4001:807::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Sep 2023 15:32:25 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
2747
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1694273546.633884,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
39
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
14101
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307272333000/ Frame 4DF8 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 19:22:21 GMT
age
331804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62092
x-xss-protection
0
server
sffe
etag
"72571316e23440c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 19:22:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 4DF8 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 06 Sep 2023 10:00:11 GMT
age
279134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5267
x-xss-protection
0
server
sffe
etag
"85c6144a0af9a6d8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Sep 2024 10:00:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 4DF8 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 05:50:45 GMT
age
380500
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29055
x-xss-protection
0
server
sffe
etag
"34be4077024c0aa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 05:50:45 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 4DF8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 16:22:50 GMT
age
342575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"a56399b21b8bf15b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 16:22:50 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 4DF8 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 10:05:13 GMT
age
365232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13018
x-xss-protection
0
server
sffe
etag
"62ea6ad255afcfa9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 10:05:13 GMT
truncated
/ Frame 4DF8 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f04dec60e317076009dadf5a037a1d105e9c67a06f1b3998ae02dda3f4b307f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
6141745990962286360
tpc.googlesyndication.com/daca_images/simgad/ Frame 4DF8 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/6141745990962286360
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323a5ba8eaa08a8f3189a13ac416634d39d5be0735244970c19e75bcd43be04a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:04:36 GMT
x-content-type-options
nosniff
age
376069
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46285
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 01:55:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 04 Sep 2024 07:04:36 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4DF8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 19:39:01 GMT
x-content-type-options
nosniff
server
cafe
age
71604
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Sat, 09 Sep 2023 19:39:01 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4DF8 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
9793
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 10 Sep 2023 12:49:12 GMT
l
www.google.com/ads/measurement/ Frame 4DF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3SW1WUYFZx8lZhz4MnrQdlWgT64wI3ytVS5_Io-Qf6FPb5Be6viptrjudJ4ahS_KJhUmDN84u3GZOHqKzliEfqfqpfg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:df54:bbc1:d058:f5d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
afr.php
ads.eu.criteo.com/delivery/r/ Frame F165 		165 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e81a49a352e4219c8e0eeb4b40eed0229c595c30b5e308e45637480d7e035a42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:25 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Pg51rfv9gX63RRxj2F8pu4dLuozJSbaVRPlm7aNm54Zyc0Bs6o-ANJCIujWtDj3uAhlUIhNx5VI-ugUsAFwxhpLUuC9ldr0Lzt-pqLYVuYIKhaZKtVftp0RtwzF3o8fA1KuYM7uD951HCS0Whhx_QmDs8tPMU_ejQeGu6pZDkBkx14zzdgB9FXtx0Ma4aaEc_-sYT0bloWon-b5gX4ua4IaEG6_3v-fF1t-J8I4jS0U_Q0b30F4Q2Hy-eG2BAQOsKVLdUg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
62895159
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 184A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Sep 2023 15:32:25 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:df54:bbc1:d058:f5d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9mYS1odWktamluLXJvbmctY2h1YW5nLXhpbi15b3Utc2hpLXpoZW5nLXlpbi1kYW4teGlhbi1zaGFuZy1waS1saWFuZy1yb25nLXppLWRhbi1iYW8taGUtenVvLW1vLXNoaS10dWktY2h1Lmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS0zZTg4NjY0OC1jMWU4LTQ5MzMtODE3Ni00MDdiMzRjNzAxNzciLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwMTYsInJlc3BvbnNlVGltZSI6NDY5LCJuZXR3b3JrUmVsYXRpb24iOjF9XSwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJ3aW5uZXIiOiJydWJpY29uIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAwMTYsIndpbm5lckFkVW5pdElkIjoiNzg5ZjcxODQ0ZmNjNDQ3IiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiMzAweDI1MCIsInByZWJpZEF1Y3Rpb25JZCI6ImJhYzI3MWZhLWRkMTgtNDVlZC05MTM5LTNiYWMzNmFlMTFiOSIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3978.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
3e7dc23b-05b1-4af7-be6e-67d17d248012
beacon-ams3.rubiconproject.com/beacon/d/ Frame 53AE 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/3e7dc23b-05b1-4af7-be6e-67d17d248012?oo=0&accountId=20616&siteId=395958&zoneId=2209398&sizeId=15&e=6A1E40E384DA563B853850426245E7EFE13F654D6BF4C8F59D1DEC505C6AC38BC776359FA90FF384E8F34FBFADDDAE917A3220A15E3EC91D14D428FDEF9104E8D5055F13D0C293E301BCD94F5EF80214EFF5095DFCDA4220444B47C392CD59A56DF44A058BDE36DF3E5B93F3D8579F833625704E2F89569BF623EBBBE4109889373B997023FC9B983F9C24DF26E72F63AB471BC9994093360D8CEF130CE913DCD9073D7564581F44D6FAD8F0F8F091D381EC6608451581C559A3009EE0271107F19B91AB766529FB82504BF9B3BDDA2FD092A6EC3342C0A4270FA4F3AE25AD31819FD4564AC46637E50EBF53FFBDAFC0AF71204A56448A18C5A7AD89FE10EDCAC20A3D0C6FE4DB34CA3E41C27253237D508AB776A72787C1CE181A98323B36A9B0D07C8522B765B9F8CE3F9E40EA5E94B7A005B3AD9176DF0B9542C09C94D4417551730646B4AC6737B970260ECE0B11F6C7B6D36EBCA58239596D39236CE47E857ED473DFAF60B7DE1047012110E6AA0850888894FFE9AEAE050B2E51613E7D2B4DBD10824385D7F4E2135FF758B376EDB5E30DE5E571099468C31356A84AAC831EBCB2B1194F84CD875C7DD3D96827100DEC5AB55045D51BA8673DD0D385CE06D008DF03D7E88FB0C3C85327ACCA40B65A7570C13B761241B2F04EE184D9074A0D1B9B89613AEB4721334A81CA743904D274C92E5A4E68134C99C15223C0CE18228C4E3F2880E300D4F645AE6497E1A705195BEE01437AB85A5AA488F008BF9856A8B5885329E2A4FA6DCA78E753AFDCD2C60C7AF73BA1A5560806207258ABD926052664C01A89C258DB581B5F61E37294C30B41EEA45692BFDC83F2FCFB5EC19EBB2C4520380919AB8426E2ABAE169D09087B2BB64879B7A68F350D4FBBA656EFBA8CC0850B287B47A266A1EA5E808576F139A2D6D199D1A6359E7D21664509BA879158EA2FAD272C1DE3F69212F90D7474C782F9F96B0DC757FF2B337F2DDF8DA0E8EC3D999E760E0B5796E5BA06D5CAF23912FF50CF5BC1663E640BB4BC76559306F3AD6278D39FC9BF8874D38EC8D621E8648DCF5F49D356FFAD0ED8C64AFAB3EEEBC0FDA4B527AF64DB3EE5F1741A656D313EB3E008C1FBBEFEAC4AED74BA85E7EDAFF711E34A423B61DF246341FF9A3FAF75111314E1CF13EF6C13C1E33DE4CB03C901F30B9BE51E6F18434D3356F1F74028DCFDC53E9A9E9D68E83BCE1BA7561587F639CDA10306204D320B
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::37 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
bridge3.588.0_en.html
imasdk.googleapis.com/js/core/ Frame 920F 		721 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
417410
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236614
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 19:35:35 GMT
expires
Tue, 03 Sep 2024 19:35:35 GMT
last-modified
Mon, 04 Sep 2023 19:31:10 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 242B 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 09 Sep 2023 16:22:16 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame B12A 		492 B
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4322213228256401&correlator=2566112042546814&eid=31076399&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694273545705&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=a9dizaydkn1v&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qO8Rq-IKWVSxM79pN1oJ6qv9WZTkXyGPiy2obXsojBzPhqqe6GrOUOK7t4YLoSJGin4p9OXhcHLCpo58zp6jLPUGSJhBSx2Aa8kPqZy75f9gpcHUOu2LnVX-_MVqQi34m8IRJYWfzhEBnXwoeMrhFbbkspjOOI3Gi9JxtEkXHFAItbKCDB_YqUwxTru4qvFsefvWrshUIoimX_a22jFQsKJN3ijTA&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1298973520.1694273546&ga_sid=1694273546&ga_hid=565051341&ga_fc=false&dlt=1694273544899&idt=665&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b24a5a22fd60398fa07091522fe514e67cf755f97c9a4943dfcbda0136f9a3ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B12A 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65e8e0565fcbdc73e1d4d16baae65fcfadf199083076d0c4aa908cc04b2bc9f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11947
x-xss-protection
0
container.html
75af943cf76591a6135a999a133351ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5EA9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://75af943cf76591a6135a999a133351ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:25 GMT
expires
Sun, 08 Sep 2024 15:32:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sd
us-u.openx.net/w/1.0/ Frame BDFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEsuEu6Ssh0MKhiUzfbDINo&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEsuEu6Ssh0MKhiUzfbDINo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkdrzwgEwAQ&v=APEucNW7_MfIrVo5ZN0Cw5bE7K0x8AKrvm7wB-J3k_bUF9-Jf7CqBDZkPGK_X4u2giSBV44LnaXv8csf0ZP7wkijZWeuxNPDRzjLSPMgi7ajFgZX9HdCibSM6xjusq4r26U5pSMfjxTQuKJFNU4z3vOl60xV9zgTGAgtpsRyaoWP2py-5JUmnJxRIfIPs640mqdx2hblZof8aS6T9aCb6vh8AF5jQufnIw
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEsuEu6Ssh0MKhiUzfbDINo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame BDFE 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkdrzwgEwAQ&v=APEucNW7_MfIrVo5ZN0Cw5bE7K0x8AKrvm7wB-J3k_bUF9-Jf7CqBDZkPGK_X4u2giSBV44LnaXv8csf0ZP7wkijZWeuxNPDRzjLSPMgi7ajFgZX9HdCibSM6xjusq4r26U5pSMfjxTQuKJFNU4z3vOl60xV9zgTGAgtpsRyaoWP2py-5JUmnJxRIfIPs640mqdx2hblZof8aS6T9aCb6vh8AF5jQufnIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame BDFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEIAwKDldxZo-8uKBFBcizyw&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEIAwKDldxZo-8uKBFBcizyw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkdrzwgEwAQ&v=APEucNW7_MfIrVo5ZN0Cw5bE7K0x8AKrvm7wB-J3k_bUF9-Jf7CqBDZkPGK_X4u2giSBV44LnaXv8csf0ZP7wkijZWeuxNPDRzjLSPMgi7ajFgZX9HdCibSM6xjusq4r26U5pSMfjxTQuKJFNU4z3vOl60xV9zgTGAgtpsRyaoWP2py-5JUmnJxRIfIPs640mqdx2hblZof8aS6T9aCb6vh8AF5jQufnIw
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires
Sat, 09 Sep 2023 15:32:26 GMT
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEIAwKDldxZo-8uKBFBcizyw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame BDFE 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkdrzwgEwAQ&v=APEucNW7_MfIrVo5ZN0Cw5bE7K0x8AKrvm7wB-J3k_bUF9-Jf7CqBDZkPGK_X4u2giSBV44LnaXv8csf0ZP7wkijZWeuxNPDRzjLSPMgi7ajFgZX9HdCibSM6xjusq4r26U5pSMfjxTQuKJFNU4z3vOl60xV9zgTGAgtpsRyaoWP2py-5JUmnJxRIfIPs640mqdx2hblZof8aS6T9aCb6vh8AF5jQufnIw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires
Sat, 09 Sep 2023 15:32:26 GMT
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 184A 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8ac36cb8e899f57d4673ebfc077f32281d442aaadcef023de37722dbcd809b10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 15:32:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Sep 2023 11:06:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70440
Connection
keep-alive
Content-Length
10210
Expires
Sun, 10 Sep 2023 11:06:25 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 7BBE 		492 B
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1051207930293623&correlator=1303122011706923&eid=31077647%2C31077747%2C31077483%2C20222282%2C21065725&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694273545766&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=1r1okb9otx5c&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qO8Rq-IKWVSxM79pN1oJ6qv9WZTkXyGPiy2obXsojBzPhqqe6GrOUOK7t4YLoSJGin4p9OXhcHLCpo58zp6jLPUGSJhBSx2Aa8kPqZy75f9gpcHUOu2LnVX-_MVqQi34m8IRJYWfzhEBnXwoeMrhFbbkspjOOI3Gi9JxtEkXHFAItbKCDB_YqUwxTru4qvFsefvWrshUIoimX_a22jFQsKJN3ijTA&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=157704238.1694273546&ga_sid=1694273546&ga_hid=148496806&ga_fc=false&dlt=1694273544900&idt=695&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a01861491a20c7db08bb7721f8666131c59f378dcaea51c0c1b9c6b83362de37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7BBE 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a091b62393cbbd56920ae6acb1dc7f90e08b6fd6a922b8be5fb65fa7b3eafb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11681
x-xss-protection
0
container.html
0680a2e874d6ba6d9e127aab8b3d807e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6EFA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0680a2e874d6ba6d9e127aab8b3d807e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:25 GMT
expires
Sun, 08 Sep 2024 15:32:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ Frame 94E4 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4eeb2aaccd30126487836d039ae95177e5d924f1100a5bd706bd86940adc4d31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131799
x-xss-protection
0
server
cafe
etag
16367937935032625331
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:25 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D6A0 		105 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4443904339125561&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FdQvJa33NwOkAdqKbUPmFww%3A1694277143%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=9A55787D-B33A-4087-AE59-3C015E957C57&a3p=EhkKCnB1YmNpZC5vcmcYhrrK1KcxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKK5ytSnMUgAUgIIZBIZCgp1aWRhcGkuY29tGKK5ytSnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lTWEZHYldKTE16WlNSbWxyYVZkVWIwTktRbk5aWnowOUluMD0YjcLK1KcxSAASGwoMaWQ1LXN5bmMuY29tGPW8ytSnMUgAUgIIag..&nel=0&eid=44770823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dt=1694273545826&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&scor=2545298771895375&ged=ve4_td3_tt1_pd3_la3000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59376d134138f7c027cab95abb748f6380c46945a53bc5db414e34f3bea4f1d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18567
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D6A0 		106 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4443904339125561&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FdQvJa33NwOkAdqKbUPmFww%3A1694277143%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=9A55787D-B33A-4087-AE59-3C015E957C57&a3p=EhkKCnB1YmNpZC5vcmcYhrrK1KcxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKK5ytSnMUgAUgIIZBIZCgp1aWRhcGkuY29tGKK5ytSnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lTWEZHYldKTE16WlNSbWxyYVZkVWIwTktRbk5aWnowOUluMD0YjcLK1KcxSAASGwoMaWQ1LXN5bmMuY29tGPW8ytSnMUgAUgIIag..&nel=0&eid=44770823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dt=1694273545829&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&scor=2545298771895375&ged=ve4_td3_tt1_pd3_la3000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
290365d365f756a57f1bbc1baec6089a29a1075c3582e4347e91816c8c758977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18737
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adx3.adform.net/adx/ Frame D6A0 		65 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
pubads.g.doubleclick.net/gampad/live/ Frame D6A0 		111 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4443904339125561&cust_params=mt_fln%3D1.8&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FdQvJa33NwOkAdqKbUPmFww%3A1694277143%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=9A55787D-B33A-4087-AE59-3C015E957C57&a3p=EhkKCnB1YmNpZC5vcmcYhrrK1KcxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKK5ytSnMUgAUgIIZBIZCgp1aWRhcGkuY29tGKK5ytSnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lTWEZHYldKTE16WlNSbWxyYVZkVWIwTktRbk5aWnowOUluMD0YjcLK1KcxSAASGwoMaWQ1LXN5bmMuY29tGPW8ytSnMUgAUgIIag..&nel=0&eid=44770823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dt=1694273545832&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&scor=2545298771895375&ged=ve4_td3_tt1_pd3_la3000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
9ddc1e3dc8aec7238e1d6f705a82e19129ecc8a58fe126b90da0ce08cf8bd3a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21911
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D6A0 		105 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4443904339125561&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FdQvJa33NwOkAdqKbUPmFww%3A1694277143%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=9A55787D-B33A-4087-AE59-3C015E957C57&a3p=EhkKCnB1YmNpZC5vcmcYhrrK1KcxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKK5ytSnMUgAUgIIZBIZCgp1aWRhcGkuY29tGKK5ytSnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lTWEZHYldKTE16WlNSbWxyYVZkVWIwTktRbk5aWnowOUluMD0YjcLK1KcxSAASGwoMaWQ1LXN5bmMuY29tGPW8ytSnMUgAUgIIag..&nel=0&eid=44770823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dt=1694273545834&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&scor=2545298771895375&ged=ve4_td3_tt1_pd3_la3000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25d073aa756388dae127e3f29cbbb1fd8fb63584010ef58eebef63598e249c92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18527
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame D6A0 		109 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4443904339125561&cust_params=mt_fln%3D1.3&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FdQvJa33NwOkAdqKbUPmFww%3A1694277143%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=9A55787D-B33A-4087-AE59-3C015E957C57&a3p=EhkKCnB1YmNpZC5vcmcYhrrK1KcxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKK5ytSnMUgAUgIIZBIZCgp1aWRhcGkuY29tGKK5ytSnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lTWEZHYldKTE16WlNSbWxyYVZkVWIwTktRbk5aWnowOUluMD0YjcLK1KcxSAASGwoMaWQ1LXN5bmMuY29tGPW8ytSnMUgAUgIIag..&nel=0&eid=44770823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dt=1694273545837&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&scor=2545298771895375&ged=ve4_td3_tt1_pd3_la3000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
995fe68ddec5efb6677a72e2bdca4ddf3a55d7e8b2798f65541b72d8d6183741
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21185
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D6A0 		106 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4443904339125561&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FdQvJa33NwOkAdqKbUPmFww%3A1694277143%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=9A55787D-B33A-4087-AE59-3C015E957C57&a3p=EhkKCnB1YmNpZC5vcmcYhrrK1KcxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKK5ytSnMUgAUgIIZBIZCgp1aWRhcGkuY29tGKK5ytSnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lTWEZHYldKTE16WlNSbWxyYVZkVWIwTktRbk5aWnowOUluMD0YjcLK1KcxSAASGwoMaWQ1LXN5bmMuY29tGPW8ytSnMUgAUgIIag..&nel=0&eid=44770823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dt=1694273545839&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&scor=2545298771895375&ged=ve4_td3_tt1_pd3_la3000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6c8e5d8f9dfdf80e504334c395c434604c490eb99e566ed22925d554a325114
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18722
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0BAB 		27 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5b218a113bb8af7b9a3f9b1fe7c93efb1d55f15f0c0c69386063355d84c690f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
11723
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 8D77 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
84910
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 15:57:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C524 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4907111182581&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C524 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4907111182581&version=m202307240101&ct=76&x=1&cor=3459143023289294000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C524 		100 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DrD8O3C5YCjRuP4R-jg2O8u9oXwjIXs-RUKtFcy1QtGyfBbRD550EAlr83XPV6todo_htKakAUxiU__HKNYgmo2_X7leSOAj02qtGWV4fbQgkwvo4pxgvCycUJirz3HG36Zu6QkC3oW_z8qQM1BEdEm3-Bpd6S176x_0aOMUDwKXMxR3A&dbm_d=AKAmf-CYjXcRhgBElEbF5rQYd0Eg96EJJ7QhsRedzjEg22MKQWfozbXDmV7sKkIA5qDGSoywDCBImtFT31CTdcUMtxaiqraxe4Zo8VwF7ayl2FMwv4-7Kop5y3a7QZjdHC7ECGBGxqG_O2_F9oWa6W9qv3Uxt9vqcQIOHwDYTBMFkiJLXj5PgXmMmX-mHT4pmdZHRXh267wzZ9FczLTln_q3DaNkNvGFSasuMoQxqsqnLde-yTatBIFp_HjksY5U-fqE_NMLZgS_XyL8eywvPidQTa0ra5ZuEqSC8EAudzSDINxeSxVTtmZ39Psl_DKl0CWc6maXty-6h9_1NaawEPFcDcEvfeq0RifFzNUIdsMePS-PF4tH5JYRBx5NwieKw2tEE-bee6xQ0uc1URe8x14XufgOCHGbH4faQOECGduyKO7u00ZD5BDV26BFrwId3EPlcsE3MI7yCDap_EMWu74Dhe19bcSLZrJKJgO3Qg1bJfo2JrnWYX8dT55U1Nt2XgOODnwQNLjBKbcx4IY2vqbTECZt4FnVSk4shA8VnhZWHZ0pdsBV0jMxsXH2YDHaQ6t8Li3ylBmC7GEfPbJJeBBrzIfa3inB4i7Sanqt8TIZ03e_SFP5SKHNq8Z-m1rr4PTDoz-mlRWgK3kLQNalW2Yhk03F4SFs5YuuANoiIWUjZ-vmFVDcTSpSVpVs1ISn9kmFyIr-_rrrY6M4UFT4OJp8HAOjYXGVkWKk3Zum-FYhafKSE5IhE9aIUj421F9YLn-TyUWpohy91PiijU-UTsqLOBinwmLnVU085yImqg9Q3n4JRyA_O5_SC__GeA1xKlw0d7fInQmAkgRtOSr_gNkV8wrrti0cdf4tC6ZNNbWZaLnRd0R6B8X5vjJqpYd69gk0mhEJXzBweULhuocZ505z6ZkJP92pvmTw-tL010jmVklYZdi6OqzD10pYSKpuV8yp-5ZQcCpZInwd0eQ2seJdVxzyXvg3BCm7rwoS-LsmTsU68W0EkB5tf8r7H6l383CXqmHBTseNYwzEXmSIvRoBhFYASsmfb_PiYsbp_3oO30NY-nK6gq2co5r1saMjdxfDcumE1WOhn-EboqsE1aNWrvARg_sfcSrTcFkd18EGLTK3-rClB02u5Bb3QQGdb_-8mcpktERyCDqhEiESV2nshtaRE99deQ8BKIp1QIGiNT56b3Tk3j6MnBt9qYFbUOd7OesGsyQVcNvjYQmxu4oGLyrK7EcfpTisD5zsvdSFVOjjlRChF1g9f4tTuq-84TXUETdyxVg-EhpdHUs77SPClTaFj5Z0ifuGdiIEp9ULvy9hEutZ174r_dbwfKEqp1Ahll-9FoeOdpEX1FX-58dxTJWHxwoAMobiwLU6Cb_ToM--DyPjRlXljdAw5XhNQQnM18RFbgtEmT489lWKuZb6G6ZDemn0gfb4X7MhjD2zJZq-vLJkdaVgV9Y6GnqK6K98NNczbmfeShULx8-0FzB97Ax6HFbaswdtl03sOdQ9jAoL8bwDDEV0g-NEJ7Hbd9C0nOFAlB-TRUA0HlecHMKN_zaf-X5SOAbpYybSSbRI8E3UktrVhjVlwfbHEyMP4LcU0Of-GSEiJ3t9XqUQ2ZxIdDQQ8o34QVsZ5cA4twyucLLcHlEMlqFYqsl9LrF_FMBn3_icVTQDSJjru3SkowgrVhpJ7oyt-LhIXnB1dgu4UgH3N8SCg3OWHdVUeHE0aSD0Fa7xsXc0sK1a1RpA5uRvxeEOWp_opRFkkB2bmtafBbAJNmPlrEXWa3ce7-4LJzJLmpMIowxdq1nOBAWIgwlcOGSaPDa2DK6n6uWFRj7lFoz6zsp7ubr57kZdFJW-RFwMUjOd7KYI_A25IHpr_x9ehZmxbxuBXJwJdwHJfekur-EUw_261L_C0DxXsu_6t74AE7LFFD4JSj4kFka1caBtsxdmhw3r-5oGkCKAaK3-TnBwreaFS4wH39XRHZ6IpCHOvbyNl7ttBkSOCaHa2hE0gwth-LGlBV56yVtgkNraDjaXQIn1NQt9D-vBRhMBKhuKrsctv78TSgUQaXcKozHLF6qVH9SQ0KgK4XQ7B82W4Jy0ixUbF0IK3dIjPQ4nFdQgOVmc7zDimOJGQBJcIqlefrZSqCr3JmVoHYQZ77iybeq6OksLMB5LvtKL5btc3foqF3ziHYBkOTQJ9sEHK8A2iQM_C3fOJ3xy6LUVEdiEWaCM080UBY1CS1blkbvLUbQ1nH6UvvybKqA7bYofFgqedL-1um9OPo5vfQzlrm0GQ0vhAZWw85Iu8I1iVjwWaUArpiULl8c1SwoWW5Zgzlm7Xn7WlpCBV2Vlwtvarsfi9M6mIGdhzH5uf1KLqDm-5XQSnJJ9Z0oUqhHVy5hOicDaItAmRkVYMH3ND0FJVPTEjOEfCHQP5G9mzvD0Dw9b0g3WQwLs7qRFCBKOqlLTeiY6HZShVDtiSDB35x2vPjWnCoWFB_SPPDsFswOI1TxED6Tyg_yZCvzFMoWCSI9f3H9rF7lmsFWVbBCwvYwKv4V8n2jOLeLamv3JxlXkTcdPKiOTcluhb8P8-IgGfoAaGJjQJfUbzAW9Dc5SMaMcU44AZYlFLzh1bZOyjjeGmDbgxzt7HWEJ4w44vil29pnYn5L1yteRr4jEmX1Lxs0aDhMNTIi_ddhgOr1Dr5xfAowN8y2kf3v-5hcXqSBo8IsstIlPaFFsW5dgf9vcIoTC70MPXetRSgydqi343p416b92zKzsXQvi-K37x_Z0sXNVR7K8k8YfMPA_0UCTxU_WJeog59Xpsu7DImaOzYUmcrM_LHBVVTiGH3lfC9D_S-xcNl0KLcY4OSDA_0zzIidGuG_hksxZm43e-YpTR0AFkMmRcfR27e3uvuZ1xnwtQcPcZBlE07st7Rt0ZXRSqFYGvzYV2_Dbw3L8WJm6vFFJybEPSE9tvsAHSpqyxOwN2pSd-TLkvEzU__WK5P7YCoeTSbpaGYVBozfu_CbT7fqzZ8CWLlhibwJ1VmF5sZqD5Z8c3lXJmB7ffjrLta-zFG7uXaa3Opj1q9rOHrsLAn2ThG_J17ZUflkWpQe-IeLljod6Fxtnl54oWd32EwVJ8JykJfmR1F6kOG0KeDRWD-d_8uTtYnapt8suFs7tXTS7t5dQ2JBAL7_sMBDe5oIIAsqmAAijC3HwUDIDD1UhNYnpvtpNLP8XzEug6bnlmK0OVFcUX6ayFkAWZSAfgK-BpSdpxhV_cQ-zFSAqdYAF6fSjyme8Vq2BJHMvNcPy0DHuv57N2jBHB4I-axAogzzVdJh29UdlUHSbdybeovfkhY2Po2Vv1ISQY1KQ2KMnCeTFuz36P1mQK78EVsCSIW6H2ZPd8NpflGolYlGTpfZxGieowjf5qv_fnmuUcJMu0VZLvr1vvkXDmFUgTPfTKwJTg6bhJFqPZyN9UJUrSz0VQb_4BRSPFnahWDpScKVg-eaoHqpLhDLwGuCAgolYyp1_R7tazJNE1_ZRHYqvL936HQfYTtiTBqavCx22mtVMf_vsHabSisKSFF9ObchCT4JG_SV70YOUFOzMDRwfYefY-nQduWjQdDR7ZqBd80a_VhorcfXyz1JG0v3VjKzQvz9QriOQ4pcKsg-mOuZS8xUVKfG4u-YJnYUniqWbky0JznRhtUI5no08pbh11_wKr7dSrrQQlUltLmVsUucd8a3mtgv33z_-ugvYBo6Q9kvYEm_7TkPBF3KNFqxloXgtALHXOmf_6t_va5CYIjlvbn0IHbXjBfrK8zVKSTo8WLdsFcmqV6RhsknKUZPL3tglmDYbqB_q6d3Teu8nPm-FjyD5KtMAjSxBQU1zAEBMpoHpRRywMZN31f4XyZK1W3uwZef520QbP-nzDMvmAhO6x0Ws4n1WUGC8oadWqCBH3mdMZLhP4VnQdoQwc_L0q-4a5_yi5Z3ldTdJmUBfWBKPIRhQoPm9EIBG_AFlZWuyCa36&cid=CAQSOwBpAlJWOwEOeVWVzBRuNgIMEGjF9j3_ZAgXdejfUAiICnonz4Wap3yyoCIMegoickCM8JxxfvCDYHsRGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=3459143023289294000&adk=496764934&idt=110&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c213a8d70c80b971b86f687c07e47113c6917f8d524b9fc73bc4c94437f79e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame F913 		210 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ae6ab32ecd3e3734c41074d1099f782a4efb96bab188ddde635f7d7fef801c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
197
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 008F 		28 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ac1f9339ae0ce4a4cf9e4fe5bb034a40ca1f2343c7b8c8b64875658584af3f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12579
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame F165 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 03 Sep 2024 15:32:26 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame F165 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 03 Sep 2024 15:32:26 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame F165 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 03 Sep 2024 15:32:26 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame F165 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 03 Sep 2024 15:32:26 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame F165 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=nvXJclE5riLzHwpVRwpN_hdA0BNg_k9D6kd8WbrnBR6wj28v0WPTh9JyHPP2U3V-aCqABWY44JHE4nk9zxIXVYFpdrpNx74HPl3bmSV-71wNxJOtsCars7P1rKus9bCvenjGwqz0pL6sd1jM3TEpG1C-natQDa1XHO8AqL_cGPWIcNoEBrDZzMt3FkjllUewYdkidJuUMY7gGeuMl2Ugsn_8btnfmjwAFltODZBZKr6TbUpMkyoRWr5gZxbJdPyaVmveRcLJpR3wqnuabfyqgoCEhRDVxlkEZvENM2aaSP_zYxPuGvC1bZGzUT4xnH2pwcEPd720w6oYGwrWesNz_7SnGtg1Yk4rj63qfX32GLAXoUE0r0Zg3wdOWvW_4UkcOC7ANVUpLsP5rCyM45rVncIhr568UplDTk62uYxZpNM-IA6g-nWNtZRTIA2TT7haJ5EIy4PnCvVWFs4iNj1luJotoQ_mssYQd-1x3ks8txOz_7hJmKQw8Yvz-T4klj7lhmcQclVmH-79Av9Ot2YJXL-KSxO6x2RQNW-ly-vUw8-xSjgUUuiszm54_xGlGyhHF9PL8FijAqO94Vt2HKtrK7sVZD4
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2420627
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
pips.taboola.com/ 		4 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230131-FRA
date
Sat, 09 Sep 2023 15:32:26 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B12A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Sep 2023 15:32:26 GMT
dis.aspx
widget.nl3.eu.criteo.com/dis/ Frame 79A9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=7944&cb=64fc900919e9c0d0360c9a84cbadfdf4&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6de184fb019d6a0ae817458788d73e440c75f9baa8a0a80f692b9f85426c8db4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Sat, 09 Sep 2023 15:32:26 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2953277
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
animejs.js
static.criteo.net/animejs/ Frame F165 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 03 Sep 2024 15:32:26 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=e037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Sep 2023 15:32:26 GMT
cache-control
no-store
server
nginx
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4DF8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Redirect headers

date
Sat, 09 Sep 2023 15:32:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3960&_p=2064745187&cid=2108848729.1694273543&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694273546&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dt=%E7%99%BC%E6%8F%AE%E9%87%91%E8%9E%8D%E5%89%B5%E6%96%B0%E5%84%AA%E5%8B%A2%C2%A0%E2%80%9C%E6%94%BF%E9%8A%80%E6%93%94%E2%80%9D%E7%B7%9A%E4%B8%8A%E6%89%B9%E9%87%8F%E8%9E%8D%E8%B3%87%E6%93%94%E4%BF%9D%E5%90%88%E4%BD%9C%E6%A8%A1%E5%BC%8F%E6%8E%A8%E5%87%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7BBE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Sep 2023 15:32:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7D4F 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1322dd3cfb4302331a028eac04164f003f2d7567eba0cb79f9ff0fa885bc40de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5857
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame C524 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
Origin
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 07:05:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 07:05:16 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame C524 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DrD8O3C5YCjRuP4R-jg2O8u9oXwjIXs-RUKtFcy1QtGyfBbRD550EAlr83XPV6todo_htKakAUxiU__HKNYgmo2_X7leSOAj02qtGWV4fbQgkwvo4pxgvCycUJirz3HG36Zu6QkC3oW_z8qQM1BEdEm3-Bpd6S176x_0aOMUDwKXMxR3A&dbm_d=AKAmf-CYjXcRhgBElEbF5rQYd0Eg96EJJ7QhsRedzjEg22MKQWfozbXDmV7sKkIA5qDGSoywDCBImtFT31CTdcUMtxaiqraxe4Zo8VwF7ayl2FMwv4-7Kop5y3a7QZjdHC7ECGBGxqG_O2_F9oWa6W9qv3Uxt9vqcQIOHwDYTBMFkiJLXj5PgXmMmX-mHT4pmdZHRXh267wzZ9FczLTln_q3DaNkNvGFSasuMoQxqsqnLde-yTatBIFp_HjksY5U-fqE_NMLZgS_XyL8eywvPidQTa0ra5ZuEqSC8EAudzSDINxeSxVTtmZ39Psl_DKl0CWc6maXty-6h9_1NaawEPFcDcEvfeq0RifFzNUIdsMePS-PF4tH5JYRBx5NwieKw2tEE-bee6xQ0uc1URe8x14XufgOCHGbH4faQOECGduyKO7u00ZD5BDV26BFrwId3EPlcsE3MI7yCDap_EMWu74Dhe19bcSLZrJKJgO3Qg1bJfo2JrnWYX8dT55U1Nt2XgOODnwQNLjBKbcx4IY2vqbTECZt4FnVSk4shA8VnhZWHZ0pdsBV0jMxsXH2YDHaQ6t8Li3ylBmC7GEfPbJJeBBrzIfa3inB4i7Sanqt8TIZ03e_SFP5SKHNq8Z-m1rr4PTDoz-mlRWgK3kLQNalW2Yhk03F4SFs5YuuANoiIWUjZ-vmFVDcTSpSVpVs1ISn9kmFyIr-_rrrY6M4UFT4OJp8HAOjYXGVkWKk3Zum-FYhafKSE5IhE9aIUj421F9YLn-TyUWpohy91PiijU-UTsqLOBinwmLnVU085yImqg9Q3n4JRyA_O5_SC__GeA1xKlw0d7fInQmAkgRtOSr_gNkV8wrrti0cdf4tC6ZNNbWZaLnRd0R6B8X5vjJqpYd69gk0mhEJXzBweULhuocZ505z6ZkJP92pvmTw-tL010jmVklYZdi6OqzD10pYSKpuV8yp-5ZQcCpZInwd0eQ2seJdVxzyXvg3BCm7rwoS-LsmTsU68W0EkB5tf8r7H6l383CXqmHBTseNYwzEXmSIvRoBhFYASsmfb_PiYsbp_3oO30NY-nK6gq2co5r1saMjdxfDcumE1WOhn-EboqsE1aNWrvARg_sfcSrTcFkd18EGLTK3-rClB02u5Bb3QQGdb_-8mcpktERyCDqhEiESV2nshtaRE99deQ8BKIp1QIGiNT56b3Tk3j6MnBt9qYFbUOd7OesGsyQVcNvjYQmxu4oGLyrK7EcfpTisD5zsvdSFVOjjlRChF1g9f4tTuq-84TXUETdyxVg-EhpdHUs77SPClTaFj5Z0ifuGdiIEp9ULvy9hEutZ174r_dbwfKEqp1Ahll-9FoeOdpEX1FX-58dxTJWHxwoAMobiwLU6Cb_ToM--DyPjRlXljdAw5XhNQQnM18RFbgtEmT489lWKuZb6G6ZDemn0gfb4X7MhjD2zJZq-vLJkdaVgV9Y6GnqK6K98NNczbmfeShULx8-0FzB97Ax6HFbaswdtl03sOdQ9jAoL8bwDDEV0g-NEJ7Hbd9C0nOFAlB-TRUA0HlecHMKN_zaf-X5SOAbpYybSSbRI8E3UktrVhjVlwfbHEyMP4LcU0Of-GSEiJ3t9XqUQ2ZxIdDQQ8o34QVsZ5cA4twyucLLcHlEMlqFYqsl9LrF_FMBn3_icVTQDSJjru3SkowgrVhpJ7oyt-LhIXnB1dgu4UgH3N8SCg3OWHdVUeHE0aSD0Fa7xsXc0sK1a1RpA5uRvxeEOWp_opRFkkB2bmtafBbAJNmPlrEXWa3ce7-4LJzJLmpMIowxdq1nOBAWIgwlcOGSaPDa2DK6n6uWFRj7lFoz6zsp7ubr57kZdFJW-RFwMUjOd7KYI_A25IHpr_x9ehZmxbxuBXJwJdwHJfekur-EUw_261L_C0DxXsu_6t74AE7LFFD4JSj4kFka1caBtsxdmhw3r-5oGkCKAaK3-TnBwreaFS4wH39XRHZ6IpCHOvbyNl7ttBkSOCaHa2hE0gwth-LGlBV56yVtgkNraDjaXQIn1NQt9D-vBRhMBKhuKrsctv78TSgUQaXcKozHLF6qVH9SQ0KgK4XQ7B82W4Jy0ixUbF0IK3dIjPQ4nFdQgOVmc7zDimOJGQBJcIqlefrZSqCr3JmVoHYQZ77iybeq6OksLMB5LvtKL5btc3foqF3ziHYBkOTQJ9sEHK8A2iQM_C3fOJ3xy6LUVEdiEWaCM080UBY1CS1blkbvLUbQ1nH6UvvybKqA7bYofFgqedL-1um9OPo5vfQzlrm0GQ0vhAZWw85Iu8I1iVjwWaUArpiULl8c1SwoWW5Zgzlm7Xn7WlpCBV2Vlwtvarsfi9M6mIGdhzH5uf1KLqDm-5XQSnJJ9Z0oUqhHVy5hOicDaItAmRkVYMH3ND0FJVPTEjOEfCHQP5G9mzvD0Dw9b0g3WQwLs7qRFCBKOqlLTeiY6HZShVDtiSDB35x2vPjWnCoWFB_SPPDsFswOI1TxED6Tyg_yZCvzFMoWCSI9f3H9rF7lmsFWVbBCwvYwKv4V8n2jOLeLamv3JxlXkTcdPKiOTcluhb8P8-IgGfoAaGJjQJfUbzAW9Dc5SMaMcU44AZYlFLzh1bZOyjjeGmDbgxzt7HWEJ4w44vil29pnYn5L1yteRr4jEmX1Lxs0aDhMNTIi_ddhgOr1Dr5xfAowN8y2kf3v-5hcXqSBo8IsstIlPaFFsW5dgf9vcIoTC70MPXetRSgydqi343p416b92zKzsXQvi-K37x_Z0sXNVR7K8k8YfMPA_0UCTxU_WJeog59Xpsu7DImaOzYUmcrM_LHBVVTiGH3lfC9D_S-xcNl0KLcY4OSDA_0zzIidGuG_hksxZm43e-YpTR0AFkMmRcfR27e3uvuZ1xnwtQcPcZBlE07st7Rt0ZXRSqFYGvzYV2_Dbw3L8WJm6vFFJybEPSE9tvsAHSpqyxOwN2pSd-TLkvEzU__WK5P7YCoeTSbpaGYVBozfu_CbT7fqzZ8CWLlhibwJ1VmF5sZqD5Z8c3lXJmB7ffjrLta-zFG7uXaa3Opj1q9rOHrsLAn2ThG_J17ZUflkWpQe-IeLljod6Fxtnl54oWd32EwVJ8JykJfmR1F6kOG0KeDRWD-d_8uTtYnapt8suFs7tXTS7t5dQ2JBAL7_sMBDe5oIIAsqmAAijC3HwUDIDD1UhNYnpvtpNLP8XzEug6bnlmK0OVFcUX6ayFkAWZSAfgK-BpSdpxhV_cQ-zFSAqdYAF6fSjyme8Vq2BJHMvNcPy0DHuv57N2jBHB4I-axAogzzVdJh29UdlUHSbdybeovfkhY2Po2Vv1ISQY1KQ2KMnCeTFuz36P1mQK78EVsCSIW6H2ZPd8NpflGolYlGTpfZxGieowjf5qv_fnmuUcJMu0VZLvr1vvkXDmFUgTPfTKwJTg6bhJFqPZyN9UJUrSz0VQb_4BRSPFnahWDpScKVg-eaoHqpLhDLwGuCAgolYyp1_R7tazJNE1_ZRHYqvL936HQfYTtiTBqavCx22mtVMf_vsHabSisKSFF9ObchCT4JG_SV70YOUFOzMDRwfYefY-nQduWjQdDR7ZqBd80a_VhorcfXyz1JG0v3VjKzQvz9QriOQ4pcKsg-mOuZS8xUVKfG4u-YJnYUniqWbky0JznRhtUI5no08pbh11_wKr7dSrrQQlUltLmVsUucd8a3mtgv33z_-ugvYBo6Q9kvYEm_7TkPBF3KNFqxloXgtALHXOmf_6t_va5CYIjlvbn0IHbXjBfrK8zVKSTo8WLdsFcmqV6RhsknKUZPL3tglmDYbqB_q6d3Teu8nPm-FjyD5KtMAjSxBQU1zAEBMpoHpRRywMZN31f4XyZK1W3uwZef520QbP-nzDMvmAhO6x0Ws4n1WUGC8oadWqCBH3mdMZLhP4VnQdoQwc_L0q-4a5_yi5Z3ldTdJmUBfWBKPIRhQoPm9EIBG_AFlZWuyCa36&cid=CAQSOwBpAlJWOwEOeVWVzBRuNgIMEGjF9j3_ZAgXdejfUAiICnonz4Wap3yyoCIMegoickCM8JxxfvCDYHsRGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=3459143023289294000&adk=496764934&idt=110&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 07:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
29973
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 07:12:53 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame C524 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DrD8O3C5YCjRuP4R-jg2O8u9oXwjIXs-RUKtFcy1QtGyfBbRD550EAlr83XPV6todo_htKakAUxiU__HKNYgmo2_X7leSOAj02qtGWV4fbQgkwvo4pxgvCycUJirz3HG36Zu6QkC3oW_z8qQM1BEdEm3-Bpd6S176x_0aOMUDwKXMxR3A&dbm_d=AKAmf-CYjXcRhgBElEbF5rQYd0Eg96EJJ7QhsRedzjEg22MKQWfozbXDmV7sKkIA5qDGSoywDCBImtFT31CTdcUMtxaiqraxe4Zo8VwF7ayl2FMwv4-7Kop5y3a7QZjdHC7ECGBGxqG_O2_F9oWa6W9qv3Uxt9vqcQIOHwDYTBMFkiJLXj5PgXmMmX-mHT4pmdZHRXh267wzZ9FczLTln_q3DaNkNvGFSasuMoQxqsqnLde-yTatBIFp_HjksY5U-fqE_NMLZgS_XyL8eywvPidQTa0ra5ZuEqSC8EAudzSDINxeSxVTtmZ39Psl_DKl0CWc6maXty-6h9_1NaawEPFcDcEvfeq0RifFzNUIdsMePS-PF4tH5JYRBx5NwieKw2tEE-bee6xQ0uc1URe8x14XufgOCHGbH4faQOECGduyKO7u00ZD5BDV26BFrwId3EPlcsE3MI7yCDap_EMWu74Dhe19bcSLZrJKJgO3Qg1bJfo2JrnWYX8dT55U1Nt2XgOODnwQNLjBKbcx4IY2vqbTECZt4FnVSk4shA8VnhZWHZ0pdsBV0jMxsXH2YDHaQ6t8Li3ylBmC7GEfPbJJeBBrzIfa3inB4i7Sanqt8TIZ03e_SFP5SKHNq8Z-m1rr4PTDoz-mlRWgK3kLQNalW2Yhk03F4SFs5YuuANoiIWUjZ-vmFVDcTSpSVpVs1ISn9kmFyIr-_rrrY6M4UFT4OJp8HAOjYXGVkWKk3Zum-FYhafKSE5IhE9aIUj421F9YLn-TyUWpohy91PiijU-UTsqLOBinwmLnVU085yImqg9Q3n4JRyA_O5_SC__GeA1xKlw0d7fInQmAkgRtOSr_gNkV8wrrti0cdf4tC6ZNNbWZaLnRd0R6B8X5vjJqpYd69gk0mhEJXzBweULhuocZ505z6ZkJP92pvmTw-tL010jmVklYZdi6OqzD10pYSKpuV8yp-5ZQcCpZInwd0eQ2seJdVxzyXvg3BCm7rwoS-LsmTsU68W0EkB5tf8r7H6l383CXqmHBTseNYwzEXmSIvRoBhFYASsmfb_PiYsbp_3oO30NY-nK6gq2co5r1saMjdxfDcumE1WOhn-EboqsE1aNWrvARg_sfcSrTcFkd18EGLTK3-rClB02u5Bb3QQGdb_-8mcpktERyCDqhEiESV2nshtaRE99deQ8BKIp1QIGiNT56b3Tk3j6MnBt9qYFbUOd7OesGsyQVcNvjYQmxu4oGLyrK7EcfpTisD5zsvdSFVOjjlRChF1g9f4tTuq-84TXUETdyxVg-EhpdHUs77SPClTaFj5Z0ifuGdiIEp9ULvy9hEutZ174r_dbwfKEqp1Ahll-9FoeOdpEX1FX-58dxTJWHxwoAMobiwLU6Cb_ToM--DyPjRlXljdAw5XhNQQnM18RFbgtEmT489lWKuZb6G6ZDemn0gfb4X7MhjD2zJZq-vLJkdaVgV9Y6GnqK6K98NNczbmfeShULx8-0FzB97Ax6HFbaswdtl03sOdQ9jAoL8bwDDEV0g-NEJ7Hbd9C0nOFAlB-TRUA0HlecHMKN_zaf-X5SOAbpYybSSbRI8E3UktrVhjVlwfbHEyMP4LcU0Of-GSEiJ3t9XqUQ2ZxIdDQQ8o34QVsZ5cA4twyucLLcHlEMlqFYqsl9LrF_FMBn3_icVTQDSJjru3SkowgrVhpJ7oyt-LhIXnB1dgu4UgH3N8SCg3OWHdVUeHE0aSD0Fa7xsXc0sK1a1RpA5uRvxeEOWp_opRFkkB2bmtafBbAJNmPlrEXWa3ce7-4LJzJLmpMIowxdq1nOBAWIgwlcOGSaPDa2DK6n6uWFRj7lFoz6zsp7ubr57kZdFJW-RFwMUjOd7KYI_A25IHpr_x9ehZmxbxuBXJwJdwHJfekur-EUw_261L_C0DxXsu_6t74AE7LFFD4JSj4kFka1caBtsxdmhw3r-5oGkCKAaK3-TnBwreaFS4wH39XRHZ6IpCHOvbyNl7ttBkSOCaHa2hE0gwth-LGlBV56yVtgkNraDjaXQIn1NQt9D-vBRhMBKhuKrsctv78TSgUQaXcKozHLF6qVH9SQ0KgK4XQ7B82W4Jy0ixUbF0IK3dIjPQ4nFdQgOVmc7zDimOJGQBJcIqlefrZSqCr3JmVoHYQZ77iybeq6OksLMB5LvtKL5btc3foqF3ziHYBkOTQJ9sEHK8A2iQM_C3fOJ3xy6LUVEdiEWaCM080UBY1CS1blkbvLUbQ1nH6UvvybKqA7bYofFgqedL-1um9OPo5vfQzlrm0GQ0vhAZWw85Iu8I1iVjwWaUArpiULl8c1SwoWW5Zgzlm7Xn7WlpCBV2Vlwtvarsfi9M6mIGdhzH5uf1KLqDm-5XQSnJJ9Z0oUqhHVy5hOicDaItAmRkVYMH3ND0FJVPTEjOEfCHQP5G9mzvD0Dw9b0g3WQwLs7qRFCBKOqlLTeiY6HZShVDtiSDB35x2vPjWnCoWFB_SPPDsFswOI1TxED6Tyg_yZCvzFMoWCSI9f3H9rF7lmsFWVbBCwvYwKv4V8n2jOLeLamv3JxlXkTcdPKiOTcluhb8P8-IgGfoAaGJjQJfUbzAW9Dc5SMaMcU44AZYlFLzh1bZOyjjeGmDbgxzt7HWEJ4w44vil29pnYn5L1yteRr4jEmX1Lxs0aDhMNTIi_ddhgOr1Dr5xfAowN8y2kf3v-5hcXqSBo8IsstIlPaFFsW5dgf9vcIoTC70MPXetRSgydqi343p416b92zKzsXQvi-K37x_Z0sXNVR7K8k8YfMPA_0UCTxU_WJeog59Xpsu7DImaOzYUmcrM_LHBVVTiGH3lfC9D_S-xcNl0KLcY4OSDA_0zzIidGuG_hksxZm43e-YpTR0AFkMmRcfR27e3uvuZ1xnwtQcPcZBlE07st7Rt0ZXRSqFYGvzYV2_Dbw3L8WJm6vFFJybEPSE9tvsAHSpqyxOwN2pSd-TLkvEzU__WK5P7YCoeTSbpaGYVBozfu_CbT7fqzZ8CWLlhibwJ1VmF5sZqD5Z8c3lXJmB7ffjrLta-zFG7uXaa3Opj1q9rOHrsLAn2ThG_J17ZUflkWpQe-IeLljod6Fxtnl54oWd32EwVJ8JykJfmR1F6kOG0KeDRWD-d_8uTtYnapt8suFs7tXTS7t5dQ2JBAL7_sMBDe5oIIAsqmAAijC3HwUDIDD1UhNYnpvtpNLP8XzEug6bnlmK0OVFcUX6ayFkAWZSAfgK-BpSdpxhV_cQ-zFSAqdYAF6fSjyme8Vq2BJHMvNcPy0DHuv57N2jBHB4I-axAogzzVdJh29UdlUHSbdybeovfkhY2Po2Vv1ISQY1KQ2KMnCeTFuz36P1mQK78EVsCSIW6H2ZPd8NpflGolYlGTpfZxGieowjf5qv_fnmuUcJMu0VZLvr1vvkXDmFUgTPfTKwJTg6bhJFqPZyN9UJUrSz0VQb_4BRSPFnahWDpScKVg-eaoHqpLhDLwGuCAgolYyp1_R7tazJNE1_ZRHYqvL936HQfYTtiTBqavCx22mtVMf_vsHabSisKSFF9ObchCT4JG_SV70YOUFOzMDRwfYefY-nQduWjQdDR7ZqBd80a_VhorcfXyz1JG0v3VjKzQvz9QriOQ4pcKsg-mOuZS8xUVKfG4u-YJnYUniqWbky0JznRhtUI5no08pbh11_wKr7dSrrQQlUltLmVsUucd8a3mtgv33z_-ugvYBo6Q9kvYEm_7TkPBF3KNFqxloXgtALHXOmf_6t_va5CYIjlvbn0IHbXjBfrK8zVKSTo8WLdsFcmqV6RhsknKUZPL3tglmDYbqB_q6d3Teu8nPm-FjyD5KtMAjSxBQU1zAEBMpoHpRRywMZN31f4XyZK1W3uwZef520QbP-nzDMvmAhO6x0Ws4n1WUGC8oadWqCBH3mdMZLhP4VnQdoQwc_L0q-4a5_yi5Z3ldTdJmUBfWBKPIRhQoPm9EIBG_AFlZWuyCa36&cid=CAQSOwBpAlJWOwEOeVWVzBRuNgIMEGjF9j3_ZAgXdejfUAiICnonz4Wap3yyoCIMegoickCM8JxxfvCDYHsRGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=3459143023289294000&adk=496764934&idt=110&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 06:26:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
32737
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11585
x-xss-protection
0
server
cafe
etag
30886230758233217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 06:26:49 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C524 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:22:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
558598
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Sep 2024 04:22:28 GMT
img
imageproxy.eu.criteo.net/img/ Frame F165 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=10309&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F10309%2F220824%2F5b44df92fd9c4c2c9b451ccf8c233203_flaconi.png&v=3&w=596&s=rujd3E6LrmDNl9YhhhoL8yKk
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3b23c34796d7e2664380db6ca1cf32ca82fd73a7577e7a77fb10df44bf111e86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
7063
expires
Sun, 01 Sep 2024 07:55:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame F165 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=10309&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F10309%2F201126%2Fc3c2eec9ad8f4fa0888c1626bb8aa970_img_vertical_1.jpg&v=3&w=1200&s=YeeP64HHPnDx2du7vWHlm-Ne
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5736f198debdd806858ff4a7488a57e5ef17b8b21d4fe08f5311cb044694da0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
73526
expires
Thu, 29 Aug 2024 08:54:31 GMT
img
imageproxy.eu.criteo.net/img/ Frame F165 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fh%2Fu%2Fhugo-boss-boss-bottled-eau-de-toilette-50-ml-737052351018.jpg&v=3&w=400&s=OdJFuMXBV4A4z54Ow7PCBlMz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a704924431ae2551fbbd061b6eedd63637245955911095c27fca7819d5ed07d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86400
content-length
4460
expires
Sat, 09 Sep 2023 21:01:50 GMT
img
imageproxy.eu.criteo.net/img/ Frame F165 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fh%2Fu%2Fhugo-boss-alive-eau-de-parfum-30ml-3616302811137.jpg&v=3&w=400&s=MTiOi9UCuK7JQEUWOIz5ZD0p&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f2e2d070a3553851e9e37c3fdd36eb0a80dee8b87371e34ecfb718188e971fc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86400
content-length
2144
expires
Sun, 10 Sep 2023 12:22:49 GMT
img
imageproxy.eu.criteo.net/img/ Frame F165 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2F3%2F6%2F3614273760713.jpg&v=3&w=400&s=k1e94bQt2KqYd93xB_KkZoSt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a170dc28f20c2aa1b8ac2566d5525075b59140223cb6aff0798ceada64b83b85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86400
content-length
6764
expires
Sun, 10 Sep 2023 15:18:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame F165 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fy%2Fv%2Fyves-saint-laurent-black-opium-eau-de-parfum-30-ml-3365440787858.jpg&v=3&w=400&s=fiNl1l0S_JUEoPI_rWj6Bxye&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8e095b319fa58a7ee8a3b853b538aca3b285e9e9364125694b4f0bdfee743932
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86400
content-length
12460
expires
Sun, 10 Sep 2023 13:50:16 GMT
img
imageproxy.eu.criteo.net/img/ Frame F165 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fg%2Fi%2Fgiorgio-armani-emporio-armani-eau-de-parfum-30-ml-3614272225695.jpg&v=3&w=400&s=fwVn1Q9Hu3VI0T9_6pz3SoMp&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b8b6b5a81c0b406bb33f14b1d0710c222ee352c1cef2337570648a74e2978287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86400
content-length
7176
expires
Sun, 10 Sep 2023 13:30:48 GMT
img
imageproxy.eu.criteo.net/img/ Frame F165 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fy%2Fv%2Fyves-saint-laurent-libre-eau-de-parfum-30-ml-3614272648401.jpg&v=3&w=400&s=I5rdY_DewTbuRvAq7AtKGu8i&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
92d26eeaa6218e446d5142a63cbd4618b5578dd1a49933d731779576bb810628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86400
content-length
7156
expires
Sun, 10 Sep 2023 13:44:40 GMT
img
imageproxy.eu.criteo.net/img/ Frame F165 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fc%2Fh%2Fchloe-chloe-eau-de-parfum-30-ml-688575201901.jpg&v=3&w=400&s=gidzw-U6HAQb7tsF3VWRVwLY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4b8d78e8d552042fa1656bf8bac2281ac6929573811ce4d968eb85d339af6903
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86400
content-length
4110
expires
Sun, 10 Sep 2023 14:09:29 GMT
img
imageproxy.eu.criteo.net/img/ Frame F165 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fz%2Fa%2Fzadig-and-voltaire-this-is-her-eau-de-parfum-30-ml-3423474891658.jpg&v=3&w=400&s=jP1AR5ZFOE_EJIiBFAc-KGNr&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
830103620c091313a2e6f63fa3dae05753dbba978c6e9660850c05fd8f96cdaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86400
content-length
4220
expires
Sun, 10 Sep 2023 06:38:07 GMT
img
imageproxy.eu.criteo.net/img/ Frame F165 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fd%2Fs%2Fdsquared2-2-wood-eau-de-toilette-30-ml-8011003864232.jpg&v=3&w=400&s=zVNiDQonJxSVzML8jx8IactQ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2de8e237804790e8b8355f65667cb101e0ef40dc8ce0eb7d458415138e14863f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86400
content-length
5370
expires
Sun, 10 Sep 2023 07:00:06 GMT
all
csm.eu.criteo.net/ Frame F165 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Pg51rfv9gX63RRxj2F8pu4dLuozJSbaVRPlm7aNm54Zyc0Bs6o-ANJCIujWtDj3uAhlUIhNx5VI-ugUsAFwxhpLUuC9ldr0Lzt-pqLYVuYIKhaZKtVftp0RtwzF3o8fA1KuYM7uD951HCS0Whhx_QmDs8tPMU_ejQeGu6pZDkBkx14zzdgB9FXtx0Ma4aaEc_-sYT0bloWon-b5gX4ua4IaEG6_3v-fF1t-J8I4jS0U_Q0b30F4Q2Hy-eG2BAQOsKVLdUg&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 09 Sep 2023 15:32:25 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F165 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 03 Sep 2024 15:32:26 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame F165 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 03 Sep 2024 15:32:26 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 94E4 		210 B
262 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245adf3d443ee1cc05a719c01b6831e6fb12c53b5c09b85dd60849477330281f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
197
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1A63 		76 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4d497b7c8628086afa7dafea39f53141b29a568988a8e714e9528d8fbdba80b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
32343
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4AB4 		1 KB
647 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84909
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 15:57:17 GMT
etag
48472445140208031
expires
Sat, 09 Sep 2023 15:57:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C524 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9a24f9dfb05a77991f0a2412563106e79d909f8e384cfe06c881fce9fc95ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame D6A0 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmc6q2ky&c=6638320243726&slotId=3319160121863&ghmsh_eids=44770823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=UceJ8jNgc1o&hghme=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4001:807::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D6A0 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lmc6q37j&c=6638320243726&slotId=3319160121863&met.4=ghmsh_s.lmc6q37k~ghmsh_s.lmc6q37l~ghmsh_s.lmc6q37m&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=OvJuI1iZTXlt06GN
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4001:807::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
60022945_20230105035714662_Logo.png
s0.2mdn.net/ads/richmedia/studio/60022945/ Frame 7D4F 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60022945/60022945_20230105035714662_Logo.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c8b32cae16b2422e22ee40637ffef2902def7ebf9124067643058fecde8699b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6130299874045194587/index.html?e=69&leftOffset=0&topOffset=0&c=tA3GDtGYaX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:52:27 GMT
x-content-type-options
nosniff
age
16799
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9730
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 11:57:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 10:52:27 GMT
60022945_20230105035717981_hintergrund.jpg
s0.2mdn.net/ads/richmedia/studio/60022945/ Frame 7D4F 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60022945/60022945_20230105035717981_hintergrund.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56528ce794748a6b7c6ff89114422c304b953c444670748adef43e5506bc8a80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6130299874045194587/index.html?e=69&leftOffset=0&topOffset=0&c=tA3GDtGYaX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 17:30:19 GMT
x-content-type-options
nosniff
age
79327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27682
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 11:57:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 17:30:19 GMT
60022945_20230102065332786_SIM_Telefonica.png
s0.2mdn.net/ads/richmedia/studio/60022945/ Frame 7D4F 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60022945/60022945_20230102065332786_SIM_Telefonica.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fc46b277a3650003611509d8364e2ce364a01b107ee15eaed5d760e719697a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6130299874045194587/index.html?e=69&leftOffset=0&topOffset=0&c=tA3GDtGYaX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 04:36:21 GMT
x-content-type-options
nosniff
age
39365
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52802
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 14:53:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 04:36:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7D4F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Sep 2023 15:32:26 GMT
csi
csi.gstatic.com/ Frame D6A0 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lmc6q37q&c=6638320243726&slotId=3319160121863&met.4=ghmsh_s.lmc6q37q~ghmsh_s.lmc6q37q~ghmsh_s.lmc6q37q&cpn=O7NFiBYk6TEMH3cl
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4001:807::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D6A0 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lmc6q38f&c=6638320243726&slotId=3319160121863&met.4=ghmsh_s.lmc6q39e~ghmsh_s.lmc6q39e~ghmsh_s.lmc6q39e&cpn=4mdaGSqha9TDD3ZJ&ytext_viu=0&ytext_hd=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4001:807::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D0F9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2678
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 14:47:48 GMT
expires
Sun, 08 Sep 2024 14:47:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BB8F 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d209044eee95f250ceb2df603ecbcb0254db0d89c24de59953a9b74cdf75c73e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-o4kQXmauSoZ1gqu2sEsOSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-o4kQXmauSoZ1gqu2sEsOSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:26 GMT
expires
Sat, 09 Sep 2023 15:32:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E65 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2678
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 14:47:48 GMT
expires
Sun, 08 Sep 2024 14:47:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C2F6 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
92593c6a28aae40c8316f1aab2b56e8f1a5c24d5bc2341e3a28e6aab9448fe7c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--LBufS6hlCJREJ-4y6Xfag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce--LBufS6hlCJREJ-4y6Xfag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:26 GMT
expires
Sat, 09 Sep 2023 15:32:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 53ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-j3ymTBem5QrYVbhsopcMJQyz6BJ6Vl9EI1Gevg&google_cm&google_hm=ay1qM3ltVEJlbTVRcllWYmhzb3BjTUpReXo2Qko2Vmw5R...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-j3ymTBem5QrYVbhsopcMJQyz6BJ6Vl9EI1Gevg&google_gid=CAESEHDAHT2dqlCCtmfJaiW3-vg&google_cver=1&google_ula=913071,0
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-j3ymTBem5QrYVbhsopcMJQyz6BJ6Vl9EI1Gevg&google_gid=CAESEHDAHT2dqlCCtmfJaiW3-vg&google_cver=1&google_ula=913071,0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
761295
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-j3ymTBem5QrYVbhsopcMJQyz6BJ6Vl9EI1Gevg&google_gid=CAESEHDAHT2dqlCCtmfJaiW3-vg&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 53ED 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-MplRmxem5QrYVbhsopcMJQyz6BJ2GB4K82h2Kw&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.138.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-138-245.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 53ED
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5803185560340488745
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5803185560340488745
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1248243
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
an-x-request-uuid
8fe8e858-0f2d-4734-ba54-1a8fe504a29f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5803185560340488745
x-proxy-origin
217.114.218.23; 217.114.218.23; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
secure.adnxs.com/ Frame 53ED 		43 B
900 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-krWY5xem5QrYVbhsopcMJQyz6BJYKwEcA-ygKw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
an-x-request-uuid
637376b3-45cb-4c08-8c32-d2f00cd38f4a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.23; 217.114.218.23; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 53ED 		53 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-9QW1mhem5QrYVbhsopcMJQyz6BIJx9swubc45g
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 09 Sep 2023 15:32:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sat, 09 Sep 2023 15:32:26 GMT
tap.php
pixel.rubiconproject.com/ Frame 53ED 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-mKYhMRem5QrYVbhsopcMJQyz6BJm1XFWgWDHzA&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame 53ED 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-AwobVhem5QrYVbhsopcMJQyz6BK6AZi4r03z0w
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.134.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 53ED 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-lJOLPxem5QrYVbhsopcMJQyz6BKarKuVcbpHVg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 53ED 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-zuhZGxem5QrYVbhsopcMJQyz6BKlijjnmDXVFg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
26635
um
criteo-sync.teads.tv/ Frame 53ED 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k--FRzvhem5QrYVbhsopcMJQyz6BJSpPfPBSHkCg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires
Sat, 09 Sep 2023 15:32:26 GMT
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 53ED 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-0VIA1Bem5QrYVbhsopcMJQyz6BJUAXfQvzXFmA&dongle=013b
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 53ED 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-29AwYhem5QrYVbhsopcMJQyz6BIlfxREFEE-_g
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame 53ED 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-dnqi9xem5QrYVbhsopcMJQyz6BIa5TSAWcT-dA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:22 GMT
last-modified
Mon, 14 Nov 2022 09:52:50 GMT
server
nginx
accept-ranges
bytes
etag
"63720ff2-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 53ED 		49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-pO74ARem5QrYVbhsopcMJQyz6BKVqgTzp2jCyQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 53ED 		43 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Lb5LMRem5QrYVbhsopcMJQyz6BLBVz2m8hBWsg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P86v3bGvYxqyw7Zbi7xRzAnYU88PRqU6yFeUY9OCKjNBvpMGGOc3aL7fX1PUHzS25V4t8dGrKcSMb5AITsB2D8mI3hsTGL6upceqZauH7IFShNp4Z3N1wEYjGSMM5iQvb9Dz"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80407be2ed0b4541-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
demconf.jpg
dpm.demdex.net/ Frame 53ED
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=0ycpRwI6M5TzBPfTenF5_Y1gVcK6EVMg
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=0ycpRwI6M5TzBPfTenF5_Y1gVcK6EVMg
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=0ycpRwI6M5TzBPfTenF5_Y1gVcK6EVMg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
HTTP/1.1
Server
34.250.238.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-238-79.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-077f06c9c.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
0lfkR2XsTyc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v050-077f06c9c.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ETrgXG74Qbo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=0ycpRwI6M5TzBPfTenF5_Y1gVcK6EVMg
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ad.360yield.com/ Frame 53ED 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-H0kAaRem5QrYVbhsopcMJQyz6BKrK60FkutvzQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.246.32.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-32-191.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Sep 2023 15:32:26 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 53ED 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-CVFeJxem5QrYVbhsopcMJQyz6BJvk4fMJgU1YA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 53ED 		0
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-OckRFhem5QrYVbhsopcMJQyz6BJYpRfWWlCNEA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.188.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-188-50.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame 53ED 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ESTvnBem5QrYVbhsopcMJQyz6BIzz6ZIBwV8Fw&initiator=partner
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 15:32:27 GMT
Cache-Control
no-cache
X-TraceId
0d153283ae0c56770c9533606391854b
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 53ED 		42 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-P1YgCRem5QrYVbhsopcMJQyz6BJB0BteiHMiyA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 09 Sep 2023 15:32:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame 53ED 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-OxX3rxem5QrYVbhsopcMJQyz6BKGpKkgygdmMw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:9d4e:6678:22fa:de31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 09 Sep 2023 15:32:26 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 53ED 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-tfbjmhem5QrYVbhsopcMJQyz6BLMOYSKkx-EHg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Sep 2023 15:32:26 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame 53ED 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-W9-i6Bem5QrYVbhsopcMJQyz6BK1P555jZ9hfQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-192.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:26 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Fri, 08 Sep 2023 15:32:26 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 53ED 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-4GaNUhem5QrYVbhsopcMJQyz6BLqe62BSvxyhw&pn_id=criteo&ext=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.244.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-244-27.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-length
0
put
e1.emxdgt.com/ Frame 53ED 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-B-ga9xem5QrYVbhsopcMJQyz6BKLW4zXpIuDeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.31.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-31-96.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
server
awselb/2.0
pixel
googleads.g.doubleclick.net/xbbe/ Frame FF69 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNU2Au188RirC67Zu3Fj04ekHgIGLWCUuP9lRVisLyWf7xXeYrRMr3eGlujKOMDisZn5aPyHPdx5vpTHxNU_2CGrlDJZmaVBj6GGCrxhc2dpCyFoUgNUHlU_2IUlgQTTh1gxdDn-xD94hJSLsTigaIWWm-vt5nL3dMeB8I_BqzxwmembcwU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7D40 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 7D40 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 13:30:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
7345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 13:30:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 7D40 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
84912
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 15:57:14 GMT
l
www.google.com/ads/measurement/ Frame 7D40 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIGOCPAevrPFGVntwmP96vMFs_86QHwC6ntPhruuaYLhmT73OxLUJGRuvVc7ycmc1wfybT3uxQfv8FrCBJEQKI5F-Epw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D40 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D40 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bxd8bduKAJ5YGUNnreAm6WmjehfV3yGMsEvSQJJGRbTaivKOI0Nw2M-KpYdwxXHXT1vSlsj_Tnhwqa_0Nw3fCw8AaQgXljrCt2Dj0nb5Uh9h60U-g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D40 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8140931646919189995&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/6426159062837453930/ Frame 7906 		671 B
435 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=YEaMD8hqE1&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cbd24d65fca9b12a04b7d93a5c7f8facd8e872fb3e6a8b4071f2df07a496ac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
407
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:26 GMT
expires
Sun, 08 Sep 2024 15:32:26 GMT
last-modified
Fri, 01 Sep 2023 16:26:06 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C524 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKEO70nNSsMuZf1wIhl1rn_Sg-yU7CgsW8j09rUgHyqrQrPBnujVpg_9XObSc3BejlhOnIcRMHBlGwfgktzbjkVRyrXueF0cVBdwHMXQvVFwOlIqRnOGUF3peQ674uELoGVAeoR7KHx5dxbs-MYHIWDeMwAG8bJUx6evPjzWw171ZlDOuFB-KkFOsh4LJ9rR-o_DwrydB2wnOz_Iq6WvvpMIUiPF0zMTxs4a_YmrE45sYnCr3JKZ0zVcVeg0QRdhhj9DVvyiNcNU_4gx3SolAsG6y2TzfemGZslTtWn1SSCigOwWAhoJr6wFPlEj8b7VBM_Vp1q2lXV3YKv32HT-ruPshT0UY5cRD_Tq5epg5y88nL05mb2zS9Qeh3qTYK470Czk3KT62XlEZaHPwyvI9YIKHP92GGjvbLs6b2Q1bl4FFBPHQtALUy3esMir8XHp5YLx93zU3KL5MdUpHThj8fM_3Z4qmPfhVFYZ9QdPemm5wIGNevCY_jnxl1tjNHWQjzsQbedWNJaiLM0J-LdXfW8_8uPQlW8cHhuUgm2hWTDvhl5GFIejClPk1pydqL1NTQuP19qObFfGiLUB0hPwdH7NJ3qTRy9Ts5_XzPuByP4IFyDiKGgjuxM2NlOY9dHbXNDRoYBHfjYhN3ofk9khkAHp_1YjWJLqhTddUYQ4Yu89HGM9tngG3jsoKrODzqWoGgs0Akeon84BIljcuG4UuCRnppKIPoosAsMuFLI4fg2I4RmlOOa5On4aw7wB_ZJDZK4xcuwdDf1dgmcxhWI-pHtNA0bp3r8xbsFU7ECEhI2R4ftaBcQG46AqvrFc-Q2LToAX6g51NDYVfo46vnBwfMZj-OA0bIZF6fMMc9M3_hLcPHfFjP1lR6yAPx-H8kZNPkCHLeLFS799_wRDunvKRm8l1LoGB3vFpYLNJ2eNxWMqLNtB3KP4m474q3MxyfRNuGTDAb_LPfGMPjS8GIm3U8_ZOFJnfM0WQpgU37A1gxwolBcWU8DDfZZ1RanGLg105pJik9JoK-817VlHq1khN55wtULVsI7QzWw9sQ25MhnV6-K-Y0DmduGPbR_lnYTu16xWhMHY2uOR3oiiYQKjACgiSb5x1XWInrU89uz6qahvq40_u_EIzQM73W_xWGOoDQlbrsTBywRbZmPfRrJT69LoM5UL2nibgwEALqfcj3UP4HCtt33kt0qbMyJDlhacvNBORPIu9sQTwvL9u4TolY9oDW0dQCHwaldvXN7RcphTFPEVWei1SqIBAGCf6hErmxGsfXe3s0bDcuDlVWsfnHYSGoaIoa4zGau26XJz8AAKoYLrkGPku77CzfjRyo3YqwltcgQUCcyYuvkxkv3t-GQMUm-DfSV07ydGes&sai=AMfl-YQkAoB3opEn7U7AarfdLy6FKlvlBi-lm-3oibChGhg312lZocLyV6Ibb6bacUHX3pJXPnp22HfKjD9OZRIrJ5tx5ca5AhQmhuLTOor3TnDz8HhQv423ZfOWpRJ7YQMGitB9t9dUeLao25z3zy_SV607w4Lq1RX-MkkXt0UiH_vNcdR3nAS_LMjLhHLlwlOYqWQ-gEcTOVqJme6-zuaKxse8UCc7Ra2ekNaVwDYzn3ItOTObAar_87AR8sRhVBsrNZwC&sig=Cg0ArKJSzHRQdsbpQQcSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=382&cbvp=1&cstd=375&cisv=r20230906.62128&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 09 Sep 2023 15:32:26 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:26 GMT
480_650.mp4
cdn.vidverto.io/secured2/dQvJa33NwOkAdqKbUPmFww:1694277143/1327/video/1811/ 		160 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/dQvJa33NwOkAdqKbUPmFww:1694277143/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.123 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-123.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range
bytes=98304-

Response headers

Date
Sat, 09 Sep 2023 15:32:26 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 98304-16900083/16900084
Connection
keep-alive
Content-Length
16801780
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4C23 		398 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJSMhfMBMAE&v=APEucNW7voJ4JyUgr_03xpHI8Ej_-2QKlEaHQ2Kreb86BQrdAqOtCdTdF5Y7IANE_13nFzQ2VsAP14WiFxnnKr70vAWYVATVcmbujSgV3cRbjvfTPiz_Q_lc3hssgdUYrcB9dLDUYId1DkdhR1iESM-UL5Z1tvRGGeAdEIqK3PdByjKTkCTt2Eo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 268E 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 268E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 13:30:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
7345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 13:30:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 268E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
84912
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 15:57:14 GMT
l
www.google.com/ads/measurement/ Frame 268E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKAL99Jmw_dAioy3T57In2s_7VJFBmRaoHdhDhraBvYSHmG0GVkt1aR8cYRLWEtzgQxSM8d5wuqUQWiVvc9x9nX6LBYA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 268E 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 268E 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CHBcNyFGTj-w0AWkBwQ8aH7vxVMQsbw0LhSRMr5Sio88iISqu1jYtKJd88nL-nboUXU6B5MsH6X8IFP1W16JrnX2eIpLVNhul2uyJDk5WKU_07eKc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 268E 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7070455800893467228&x=1&ct=119
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
pagead2.googlesyndication.com/pagead/ Frame F913 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
csi
csi.gstatic.com/ Frame D6A0 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~lmc6q3a4&c=6638320243726&slotId=3319160121863&met.4=ghmsh_s.lmc6q3a4~ghmsh_s.lmc6q3a4~ghmsh_s.lmc6q3a4&ghmsh_vi=134%2C136%2C243%2C247%2C&cpn=ZT1NPXUU2-sKdjca
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4001:807::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D6A0 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=7~lmc6q3d4&c=6638320243726&slotId=3319160121863&met.4=ghmsh_s.lmc6q3d4~ghmsh_s.lmc6q3d5~ghmsh_s.lmc6q3d5&cpn=6J6OeatTHVIyj2iB
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4001:807::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame D6A0 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
current
dclk-match.dotomi.com/match/bounce/ Frame 4AB4 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJIPnR1Q-1e6b-r1lfzCGHw&google_cver=1&google_push=AXcoOmTuYYJSC6_nBNS5NJv6xkLD8PftVphlsctuv5KbgGMQv-uuRE9JHKAUDol-trtZvoZ9eclCn6z8hvvmc6eXDQxGk4rP5scB
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 4AB4
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPpzuyYW-9yZGZK3SCJxsP0&google_cver=1&google_push=AXcoOmQcNJxu7jULh5D-atxkEQMWvgL3AIPbXMxpLf5ynCvPsgVvIYUqZWB8y_Czx8blsZ-QT_FKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQcNJxu7jULh5D-atxkEQMWvgL3AIPbXMxpLf5ynCvPsgVvIYUqZWB8y_Czx8blsZ-QT_FKkJcU3qedq9hEqLZsuryIHpo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQcNJxu7jULh5D-atxkEQMWvgL3AIPbXMxpLf5ynCvPsgVvIYUqZWB8y_Czx8blsZ-QT_FKkJcU3qedq9hEqLZsuryIHpo
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Sep 2023 15:32:26 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2413B6443CA64095863E26C3C14FDF6F Ref B: FRAEDGE1917 Ref C: 2023-09-09T15:32:26Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQcNJxu7jULh5D-atxkEQMWvgL3AIPbXMxpLf5ynCvPsgVvIYUqZWB8y_Czx8blsZ-QT_FKkJcU3qedq9hEqLZsuryIHpo
x-li-proto
http/2
content-length
0
x-li-uuid
AAYE7szoX6efzHisz/CMzw==
pixel
cm.g.doubleclick.net/ Frame 4AB4
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEPNHEELUyg9oGgS5IlMjSSM&google_cver=1&google_push=AXcoOmSjgtS5o5bmAMHgHC-DhavKQQMUNxBgPVcShFRDE-b0rpL6va9OYkjm3t4Ipid4xXu8V-0Hvj42zVaT3-gUYug1QyBxx9kb
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=eGVNNWt4S1NDa3FNUkk0MEM1RDhaQQ%3D%3D&google_push=AXcoOmSjgtS5o5bmAMHgHC-DhavKQQMUNxBgPVcShFRDE-b0rpL6va9OYkjm3t4Ipid4xXu8V-0Hvj42zVaT3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=eGVNNWt4S1NDa3FNUkk0MEM1RDhaQQ%3D%3D&google_push=AXcoOmSjgtS5o5bmAMHgHC-DhavKQQMUNxBgPVcShFRDE-b0rpL6va9OYkjm3t4Ipid4xXu8V-0Hvj42zVaT3-gUYug1QyBxx9kb
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Sep 2023 15:32:27 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=eGVNNWt4S1NDa3FNUkk0MEM1RDhaQQ%3D%3D&google_push=AXcoOmSjgtS5o5bmAMHgHC-DhavKQQMUNxBgPVcShFRDE-b0rpL6va9OYkjm3t4Ipid4xXu8V-0Hvj42zVaT3-gUYug1QyBxx9kb
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
243
pixel
cm.g.doubleclick.net/ Frame 4AB4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHjOlQDqf2GDl5PrdepRQe8&google_cver=1&google_push=AXcoOmQnHppYk4wdUknsWsvMmFjVG_BXJP5MFMzYu1BdfgkUFbBQk_OvGHavnIIezioEkKHsAQTIP9nS...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHjOlQDqf2GDl5PrdepRQe8&google_cver=1&google_push=AXcoOmQnHppYk4wdUknsWsvMmFjVG_BXJP5MFMzYu1BdfgkUFbBQk_OvGHavnIIezioEkKHsAQT...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjE4NzE0NDM4MzY5ODkxMjAzMA&google_push=AXcoOmQnHppYk4wdUknsWsvMmFjVG_BXJP5MFMzYu1BdfgkUFbBQk_OvGHavnIIezioEkKHsAQTIP9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjE4NzE0NDM4MzY5ODkxMjAzMA&google_push=AXcoOmQnHppYk4wdUknsWsvMmFjVG_BXJP5MFMzYu1BdfgkUFbBQk_OvGHavnIIezioEkKHsAQTIP9nSSv-HU2Pb7MR1xJUATdPS
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjE4NzE0NDM4MzY5ODkxMjAzMA&google_push=AXcoOmQnHppYk4wdUknsWsvMmFjVG_BXJP5MFMzYu1BdfgkUFbBQk_OvGHavnIIezioEkKHsAQTIP9nSSv-HU2Pb7MR1xJUATdPS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ebda
match.360yield.com/match/ Frame 4AB4 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEPr4ZGTCf0DpDkucbyLrg14&google_cver=1&google_push=AXcoOmRmoLgGOsuMh1mMXN0Ih4uxvcFwd3m58nxNLHmv1NFbyvZ-3eSzVV4kevh5g0py2vFqD45eBVSx7FncIB4ithiOlDd-YTYg
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.81.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-152-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Sep 2023 15:32:26 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 4AB4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQZtvAo2OZkoR0glCgiZAMN1ppzo02dYXuuHhALC1uirz4zQ5OMsuTqgvcqfWT8d3hQ7j2MLcsO3W-bzaWgayvfXGL2z1Kw&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-cac6fb04-2920-4a19-aebe-4adeb4403511-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQZtvAo2OZkoR0glCgiZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQZtvAo2OZkoR0glCgiZAMN1ppzo02dYXuuHhALC1uirz4zQ5OMsuTqgvcqfWT8d3hQ7j2MLcsO3W-bzaWgayvfXGL2z1Kw&google_hm=A8rG-wQpIEoZrr5K3rRANRE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQZtvAo2OZkoR0glCgiZAMN1ppzo02dYXuuHhALC1uirz4zQ5OMsuTqgvcqfWT8d3hQ7j2MLcsO3W-bzaWgayvfXGL2z1Kw&google_hm=A8rG-wQpIEoZrr5K3rRANRE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQZtvAo2OZkoR0glCgiZAMN1ppzo02dYXuuHhALC1uirz4zQ5OMsuTqgvcqfWT8d3hQ7j2MLcsO3W-bzaWgayvfXGL2z1Kw&google_hm=A8rG-wQpIEoZrr5K3rRANRE
date
Sat, 09 Sep 2023 15:32:26 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXcac6fb0429204a19aebe4adeb4403511003
content-type
text/html
v1
match.sharethrough.com/E4rooAtA/ Frame 4AB4 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEKGX74noKPsOE9Hnzy5KRjU&google_cver=1&google_push=AXcoOmS1sY6w12T4-cqeg5ZwWinWHG-HgQbeCTA-fLOyw0o5beY0_gFBWJQUqI_IoXuS6U5CmbprS8CDONgdP0oiNH-HgfxLFRHbRg
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.134.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4AB4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JYH3yBFl0AeWuus1HYR5X8Y_gze2skwiJpSUEsV8UYtOIiyMC7GAb__pW2PHM1mlL4oaxgMg
Requested by
Host: 17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
URL: https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
partner
sync.search.spotxchange.com/ Frame FF69
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPEZ-X6uSqXNdiQ6iSHEWHE&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame FF69 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame FF69 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNU2Au188RirC67Zu3Fj04ekHgIGLWCUuP9lRVisLyWf7xXeYrRMr3eGlujKOMDisZn5aPyHPdx5vpTHxNU_2CGrlDJZmaVBj6GGCrxhc2dpCyFoUgNUHlU_2IUlgQTTh1gxdDn-xD94hJSLsTigaIWWm-vt5nL3dMeB8I_BqzxwmembcwU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 7906 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=YEaMD8hqE1&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=YEaMD8hqE1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 06:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 06:12:14 GMT
template-489be870.js
s0.2mdn.net/sadbundle/6426159062837453930/ Frame 7906 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6426159062837453930/template-489be870.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=YEaMD8hqE1&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfcce6fbc676bcdc4c9f2e2cbdd40cee40a4b9066f829f4e9e400cbe142183f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=YEaMD8hqE1&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116829
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14187
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 16:26:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Sep 2024 07:05:17 GMT
index-be1f7599.css
s0.2mdn.net/sadbundle/6426159062837453930/ Frame 7906 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6426159062837453930/index-be1f7599.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=YEaMD8hqE1&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be1f75994e53be710e621d9552d7cc796a347e85622acc435325d94e076b6996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=YEaMD8hqE1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116829
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1385
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 16:26:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Sep 2024 07:05:17 GMT
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 89AA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
84911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 15:57:15 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8314 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
540166
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 09:29:40 GMT
expires
Mon, 02 Sep 2024 09:29:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 4DF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CnbBGCZD8ZOayC7_bmLAPprac4AGHqb7uctbfgYnLEfHB5u2OOBABILqEwDNglYKAgKwHoAHNhZPzAsgBAuACAKgDAcgDCKoE5wJP0P36NHCHXk75C2B5HnBxXmReWc6ADg2ZPVz5VdaN3ofQqw22I6paUf62UGClMU6R9hakFOguB2w0I-4JUA4SxZh0FhUSte8VY3lpYs1-gmT2trrmH1AlWB46z_ohZwBnlLOXyKSKlp7yvCL1ODus2arKhAJtOGA9Jflo1WvR4ENBx1rnQUJY300T6v1aOlRRw6JZ099r7EVV1a-cENqOcYwIpldUQiKiCYGxQ50BuQ7HRXfR5cw5ZOX0VCCjyWzcBNT2pkvTVvy2wVyfMYj-RzsSGDaTdwRMOApZmuGf7ReDuxWBKOyfCDl-KdVkZrYYaqtUJGJe8tNQUbAO7goEZiOANXq-XpHtGYI3XOUsKKNANsABw5oof_6xui_rFXRsL03pX08BKbsjUtvKPX4PJAprK7HcZ5qdGRjwgUd_ATgCPdZS_XLUGtPjTJ9CAPCSJ3B0hAxc6ZG0e270Nvqt5nT_l6W3acAEt7zrpawE4AQBiAWC7pTYS5IFBAgEGAGSBQQIBRgEoAYCgAfc8cXmA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKmHC9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCaCdgBaHR0cHM6Ly9oNS5nMTIzLmpwL2dhbWUvZ2luZWk_cGxhdGZvcm09YXV0byZ1dG1fc291cmNlPWdvb2dsZSZ1dG1fY2FtcGFpZ249Z2luZWlfemgtVFdfTmV3RGlzcGxheUNyZWF0ZXJvbGVPcHRpbWl6ZV9hZG5fYWxsJnV0bV9hZGdyb3VwPWNyX25vcm1hbF9wYXlfc2ltaWxhcl9hbGx0aXRsZV9wYyZ1dG1fY29udGVudD1naW5laTIwMjMwNzIxX3poLVRXX2EyXzMwMC0yNTAuanBngAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=JXR0JXBASyY&uach_m=[]&ase=2&cid=CAQSOwBpAlJWO2qr2FZPrx_Y7_ggE5iQPQJ0GbZVhOHjC4MW_-MNbKTjmn9BM9W6mEFBsNqN2frhWLBcFKxOGAE&cbvp=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
/
rtb-csync.smartadserver.com/redir/ Frame 4C23
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEL1TNCu3gi2b1c7g8Mj0N3M&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEL1TNCu3gi2b1c7g8Mj0N3M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJSMhfMBMAE&v=APEucNW7voJ4JyUgr_03xpHI8Ej_-2QKlEaHQ2Kreb86BQrdAqOtCdTdF5Y7IANE_13nFzQ2VsAP14WiFxnnKr70vAWYVATVcmbujSgV3cRbjvfTPiz_Q_lc3hssgdUYrcB9dLDUYId1DkdhR1iESM-UL5Z1tvRGGeAdEIqK3PdByjKTkCTt2Eo
Protocol
HTTP/1.1
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEL1TNCu3gi2b1c7g8Mj0N3M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 4C23 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJSMhfMBMAE&v=APEucNW7voJ4JyUgr_03xpHI8Ej_-2QKlEaHQ2Kreb86BQrdAqOtCdTdF5Y7IANE_13nFzQ2VsAP14WiFxnnKr70vAWYVATVcmbujSgV3cRbjvfTPiz_Q_lc3hssgdUYrcB9dLDUYId1DkdhR1iESM-UL5Z1tvRGGeAdEIqK3PdByjKTkCTt2Eo
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
transfer-encoding
chunked
content-type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame BB8F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309050101&jk=1051207930293623&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame C2F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309050101&jk=4322213228256401&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D40 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3805440908017&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D40 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3805440908017&version=m202307240101&ct=76&x=1&cor=8140931646919190000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7D40 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A7_TQ-AQaYeb8-CZM73QqJ1yCAYd6H9a9r9WjjfhFE2MMllw-r7HtrGzmTIeSJ-zq0oRcDUsCG36838k9XzPAXiLneljJ5tUmcxzTj3NE89odAyJ6gkD1yVPRJIJ2Z1Ol7Qt7vrBfz07uV8cV6zQTyTaAqfmLdKkHOME6RVXHf53z2Np0&dbm_d=AKAmf-C_Nxf6I_6XiYvBo49SpSKprDVbRimFYjaaOwHfC9UBUAg47u3a4B-8n0ypACxaQ48gXFplVn3cjAaJCqbHUaVtG5ZBjEPaZz0iTy8YfoRNIfQG12ERJ5ruPI2gfuw338BSOkxqiTgkwPqx1ua4AuHmRvKVDMDTsJav1MoEfWjGHJw1uDvmR6kX5zWm2_jaV3E-pLYnDOvwL3Mr7oBzGbScm4BzP2LS1QrsRfUzlw5FTfjoStgoLKYiiv4n5xMDoPExNoUaUmvo3y-_hU4SjxZCoOEO1J0HHn9TgAbXDTBKsEUAF1M4o_ldQ9gQevuiqlAJkB7T-I1HCORKCVpzQv9nhCC3ACi-_OkrlsrpXo6JS8CAuGp7lZ27eS6gI59nK6mGp9WEgYzSA47rI-bielfYyH3-IeSvekG9iaj81YQ_oe0QkiMBUAjKcoMyHvWEvqomESGkd-MwMRbrieR0PJIm-QAeIIZEsEX4mqxy_cWaDWaHBONONWpKbRm4BkOcTMQVpMPm6jffY7jQh4uhLkmUSxYoxZSS0xVQ7-EHx25e1_ZjrVUvfMpMeZhJzDt1AJomBYtjcRTyDeDp7_ObW4VjZ_oqzHEyVgbH7tuv8CnZj2E5pYnmOzpczzILYMONQGkQrlasDaxUJOxsqel42MGkVi5ep43Wu0nmOJpgxiY6MldvxUZEGBPOj-jI5Vs8VGZCVZRH9cshCe_ZfElFjj1Se3rU1VcZv1OYepBe4TCq-oLoqXZp8_j1-Zj6FgtEGZMf7lc77WL85eBEPNyrGrzzBKhUC3kYGfsjBmSh3hRY2O8sKRkWCiLrXoHTME16I0QzjbtpOm8HOgWSpjiUBSCz4yClvpUZ1XTLJBoxdm8slD7X8Kuea0Bd_7c8WhYCITQOiRAAPq5w5cLdv76at1FuAZ3Xnco_3F1rkw-V36sf-f4hnMAoEYmF99oRIXZLgMS16duU6FliUTtKZoxqK0LXRQ_KNO2VWjsALQdv8nhNKnD4n-DymfFQt7yg5gn6fR37jHvGPMYCPhFKvPoP90SpfCHmG76kazsmN-8BPazV28cl3CG9fIzVNnZ_fj3WlfMwriQ3DzOkD7nupwkLXbtzQTiWYy0TZlQr5HsaoDi3R5f1UukhteRgCvuGZWzV_6LX0d-hg8J8VeHNgwOTlR5KCFZRBHqZHrb9pKvUcaPyPENnBYLWd3E3QuiuFCqWpa85kBqq2drcaCyKLI0JLXtSLIanlV6h4th-cQvOXfKx0PaNJhuhsSsptikt_lHP9xfsWKuNYED1SV2RG-X_prWRUFuWJlmiQLG22aK85bKIRSioRIvOXpEAaTLHK99F8I2HqB2_pcdPV6CL1km5hljQYR9yYtFPdCsPNMpZg4d7RHS3PL1Jd3ytBpcMK5wfOIXETESfkRIwyzlO-NWbmK7JgSVatxX7JQgWdB9oJS3UjruFt805MAcaFdLUSMlua_blDn5RKfpa-WiFpn4qatyU_OX-0Mzj5g0CkKxVDVuUiq9-j1A-glCJuE6KD4vBZWC9EQbzkmltraonIhfLE0CocFL5ztuix98Rs6l2DcuKFu8w-9hqp0POfkA479TDF0BqFPDdvVUlgTiBNo27lUdKAjwVwveYxbGu7fKcX1q0EZInZGtRRF5pV7005hSbZntaW9Twl7KdqyLNGIrnBz6FFw3cCr2Z_Aqqezve_lYKqOotggvUV_2h2SJ5NyPjRrctjCU36G_qP7kgGUnKuZZ71pwbqjc8ATefkAiMgW8YUVixW-AecrFn-K0QyBEdmwwH9PsCC2qRsQleXEhq2_tIHS60QTAn0Vfr-7R4TcTy1CG6B_oQCSNi5h8Z2u0Yg85tpKgGxAEmRkenTPovc7I137WTLIAQXMHgjt0gZXdxTQgif6Sd_IUr6KPZbiUiGturvazVk8VKesCVMusgD5UhqbXbId2Jk2a1Airw7Xjdx2EXq3YFDylkZPsZil5MqhUqGjPPU0ucLkruHesirBHpymtJUZAMyOyIhWKciQ3N-ynZ3u2kuR620NYLx8FlRNTL3GOsEKKHu4s645CWXxlKenkS9EQc5lslvPS81XGcF_XT3P4FbtIefhUhUBY-B0ld4kWBW8dKoV0s4eS70OPZi1VXiWPe0oM3BUI_TmVutW0cvovtzeoH_ZzDgD0HW3buod8Rh8D5Y8flCf1rO1wiTeKcqk11hWloAqA6H7xXnUiEcFaQ7lQFnUbH-HGW59zxav0det6DF5jdoLNA4vhBkLaB_7UCLt0S8PHrfrNgLbPM26ggKgHWhCjPQnK7M4CQie0ZYDfskXM68fmyrnwmuUbwHPTpogweNVYRZuxIJeqYXAiT6QkB6f1u7BAuuq_vpurJTgjXkW8BqKRGmhhw92vZoKdB8wSVOyIpiA_ZKVxIWFKkhT2vDIubDrfx8GHnWN2oz0Xy-M1M5A-tsFfgKRm2ouTG4rrz1nYLGYzfsW-gyIcUd6P4ERvjo19sEta3gCzIHMCfT_SATq-98KphK587WSK5NgF5opFzWYxrUiuYuaXDTWvt4Hidu6Ky2Po2go_zRdmG322cjxrFt-VZeR68Qzfa_QNSPVnye2IHFuyHw3zdHX79GnGuK8CFFjycYmfoHwKpEylrJMJ7fxKGEgzvFWjLOxtjwkUT3QsFjd2tM-Jd3T1Z-wWMpjFm7KIw6Ge48Hg6-I-b6vuVqK9O9nWY-Wxl8gR-NUou5ZSsg8vvCDjFxtfz_OaxLB-xxa1xJcoM13NwwEImHf83VxPrWM9f6e7PzOAkLSYyV9J23oFz8UhMygF_eXGQ39w8n9zrslafbhD8R6yphCBHNR8NrzBEhFP1ePEOj7Ay_Ns3hSFn2NCmAUv4Omwej31wGAgdulfHtXSRuZ0HsNcuUeYpamvofV6xwMmDCwxB1TWenJvLwCFGF3sQ1GwnT0APhJTstE_qJW63Qo7hT-09-M0AdTgmeFqPNrlXcH9DSBiatGvuMCHkXelM0sXTI0wRUM0UfKsiJt4bUUqVSv52ZBFsvdvl1B5SkJBd9cIsHowwQ7Xzd42M93uGlozLwFWHgETOvHKm9ExxdFs5cD1mlUKEBsBEHKUEoKnP6_qeiB6lvhHE5kzCczV02Rt8CjU-8uj82WO7QZP0yBzz8NHDFwJNf1W7IblFqWlfPedxacUa6YLRifo_M5X7daAKEOePFJSlSwan_Ws-XiLX9zHsJ8I2WaYw7Y8IkMa1AUUbXap16VUDznYCLWAsdspl3hUwvfktqazfDzSZUt9f_byFukVjFiscWbCx1pthBkZKMhMgfFWUGsgdDZwGGq8xkdycuYLmywzPK3PzmYVKS69VRlEdFdMXbZDb45z6_e0jwZD6NHKYB62QtTWZfYSgBV2XtlhHvXYYZScENGQxLN82o3kP72yehXY6sXOeRaHVFJyDxqPVugw0zB89_rkB40Rs2Fwh3xUbClWj-_4cuEWQFPvMiiqSEXdxWWW0sbCU2_N8fXWzkE77C9cUEbWzqQuygFO2PX9HB8TxW8oHE6f67d4Ov_UJCjGLXHH8DLt84fqENDwuLbQYhCupEmSNmUBMDFmTCFXWdWM2PpdFzAwBIZhmdCj4rHEZOEc6exluPgYLWZuef-eQsUuDH5nnynvonv1HaTCo1hKTUG-MSVFt-D1Ovm81EW_zcrMERr1eeuVUTVVZ27r9682E1RBccQmQrADpjdN1JfHw9mE6j8O45qlP3coJ9Cg7Ses3iaTdk3T7kpYNTFmR3DldsNP8eNtrlSP78j5X&cid=CAQSKQBpAlJWauCVYyK5M1QrSl_VqI0lmT4zA0BYs2Mrl3RIytBHjWcBWbKxGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=8140931646919190000&adk=2245616035&idt=182&cac=0&dtd=26
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e20f266b578a95dac40e2431daf0327994e5384635021792a1320a1d8cfce2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40452
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
480_650.mp4
cdn.vidverto.io/secured2/dQvJa33NwOkAdqKbUPmFww:1694277143/1327/video/1811/ 		156 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/dQvJa33NwOkAdqKbUPmFww:1694277143/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.123 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-123.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range
bytes=229376-

Response headers

Date
Sat, 09 Sep 2023 15:32:26 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 229376-16900083/16900084
Connection
keep-alive
Content-Length
16670708
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame D0F9 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
84911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 15:57:15 GMT
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 5E65 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
84911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 15:57:15 GMT
3m8HFB-ShPtDzcYempcQY_ASUwv-AHBHVawPPC3Nvm0.js
pagead2.googlesyndication.com/bg/ Frame 8314 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3m8HFB-ShPtDzcYempcQY_ASUwv-AHBHVawPPC3Nvm0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6f07141f9284fb43cdc61e9a971063f012530bfe00704755ac0f3c2dcdbe6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:26:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
119157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14740
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 06:26:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C524 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKEO70nNSsMuZf1wIhl1rn_Sg-yU7CgsW8j09rUgHyqrQrPBnujVpg_9XObSc3BejlhOnIcRMHBlGwfgktzbjkVRyrXueF0cVBdwHMXQvVFwOlIqRnOGUF3peQ674uELoGVAeoR7KHx5dxbs-MYHIWDeMwAG8bJUx6evPjzWw171ZlDOuFB-KkFOsh4LJ9rR-o_DwrydB2wnOz_Iq6WvvpMIUiPF0zMTxs4a_YmrE45sYnCr3JKZ0zVcVeg0QRdhhj9DVvyiNcNU_4gx3SolAsG6y2TzfemGZslTtWn1SSCigOwWAhoJr6wFPlEj8b7VBM_Vp1q2lXV3YKv32HT-ruPshT0UY5cRD_Tq5epg5y88nL05mb2zS9Qeh3qTYK470Czk3KT62XlEZaHPwyvI9YIKHP92GGjvbLs6b2Q1bl4FFBPHQtALUy3esMir8XHp5YLx93zU3KL5MdUpHThj8fM_3Z4qmPfhVFYZ9QdPemm5wIGNevCY_jnxl1tjNHWQjzsQbedWNJaiLM0J-LdXfW8_8uPQlW8cHhuUgm2hWTDvhl5GFIejClPk1pydqL1NTQuP19qObFfGiLUB0hPwdH7NJ3qTRy9Ts5_XzPuByP4IFyDiKGgjuxM2NlOY9dHbXNDRoYBHfjYhN3ofk9khkAHp_1YjWJLqhTddUYQ4Yu89HGM9tngG3jsoKrODzqWoGgs0Akeon84BIljcuG4UuCRnppKIPoosAsMuFLI4fg2I4RmlOOa5On4aw7wB_ZJDZK4xcuwdDf1dgmcxhWI-pHtNA0bp3r8xbsFU7ECEhI2R4ftaBcQG46AqvrFc-Q2LToAX6g51NDYVfo46vnBwfMZj-OA0bIZF6fMMc9M3_hLcPHfFjP1lR6yAPx-H8kZNPkCHLeLFS799_wRDunvKRm8l1LoGB3vFpYLNJ2eNxWMqLNtB3KP4m474q3MxyfRNuGTDAb_LPfGMPjS8GIm3U8_ZOFJnfM0WQpgU37A1gxwolBcWU8DDfZZ1RanGLg105pJik9JoK-817VlHq1khN55wtULVsI7QzWw9sQ25MhnV6-K-Y0DmduGPbR_lnYTu16xWhMHY2uOR3oiiYQKjACgiSb5x1XWInrU89uz6qahvq40_u_EIzQM73W_xWGOoDQlbrsTBywRbZmPfRrJT69LoM5UL2nibgwEALqfcj3UP4HCtt33kt0qbMyJDlhacvNBORPIu9sQTwvL9u4TolY9oDW0dQCHwaldvXN7RcphTFPEVWei1SqIBAGCf6hErmxGsfXe3s0bDcuDlVWsfnHYSGoaIoa4zGau26XJz8AAKoYLrkGPku77CzfjRyo3YqwltcgQUCcyYuvkxkv3t-GQMUm-DfSV07ydGes&sai=AMfl-YQkAoB3opEn7U7AarfdLy6FKlvlBi-lm-3oibChGhg312lZocLyV6Ibb6bacUHX3pJXPnp22HfKjD9OZRIrJ5tx5ca5AhQmhuLTOor3TnDz8HhQv423ZfOWpRJ7YQMGitB9t9dUeLao25z3zy_SV607w4Lq1RX-MkkXt0UiH_vNcdR3nAS_LMjLhHLlwlOYqWQ-gEcTOVqJme6-zuaKxse8UCc7Ra2ekNaVwDYzn3ItOTObAar_87AR8sRhVBsrNZwC&sig=Cg0ArKJSzHRQdsbpQQcSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=650&vt=11&dtpt=268&dett=3&cstd=375&cisv=r20230906.62128&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 09 Sep 2023 15:32:26 GMT
14088653803332865834
tpc.googlesyndication.com/daca_images/simgad/ Frame 1A63 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14088653803332865834
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c20160bd3fef104ddaddeb061d723f4dd9f645eb90d601f3f06a8ceea295207a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:30:34 GMT
x-content-type-options
nosniff
age
349312
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56121
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 01:58:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 04 Sep 2024 14:30:34 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 1A63 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
84911
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 15:57:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 1A63 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 13:30:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
7345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 13:30:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 1A63 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
84912
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 15:57:14 GMT
l
www.google.com/ads/measurement/ Frame 1A63 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTH-GfIMdFZOIzDm5CTYQvM1Fz3MgA8m6WX8_TxAniT59e7DAqtYEpCMP9R-W-DjAro1S1Rq6EmEFvslxZLnpnmlDZrzQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A63 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:26 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 1A63 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e216ef6426028ff54f8706b86c8ea7243a5cdbecbbbcf72ecac62b5a8541c0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 14:13:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
4725
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14480
x-xss-protection
0
server
cafe
etag
10657407632856047895
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 14:13:41 GMT
csi
csi.gstatic.com/ Frame D6A0 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=8~lmc6q3dd&c=6638320243726&slotId=3319160121863&faa=1&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4001:807::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 268E 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9010626395255&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 268E 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9010626395255&version=m202307240101&ct=119&x=1&cor=7070455800893468000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 268E 		88 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPtcOnoihVTILqckShDLonZJlHAVdECveC76Ael4jW10I_B4WFZ1VMapQD7gv-OxHxG5GZfefuqjOIdqI2Eb7K9uqRUCLB6x2lI_vPWEPFdxBUnxoSDSsIaoszjNJ5C-2xyfMeF9fe6P6lg4992Tb0yJXPfBNX9b3PV2doc_G90mO_1Dc&cry=1&dbm_d=AKAmf-DS4qes2t4hbuka5ypZpJbw9iDO-3_cwfyFrF9k3bp_2o-ny8NUPijPyzKKXhN9LSQ7Qv03WuYjs2DAmOPY37j-G_slSIySZPONQ8PGxkJi0BXo-c_DanH6cbxmgv5gzN0JUyHxUfvexiJP1ptKhtxFgEqfqbP90iNuZsc-FZ_ksVdxU3tBYSxVAkxf33A97uWumJiJvqFYW4eB5NYEs4sipjkMtb9dCxkVRIhE5nawV1Wi1m6YKx_0nfaxcGBhk6Nn0Yw0OcFka5cH44XF5WTZPW3fanKbCj8l444ITEEtG6DHF26FJGAP3PGNrILP4U2F7k4_Q-aph7ricuG1XV7xSMBlL_lzRk7RldRkDEs2syYDsfH3aG-Jz3vbdqtxsyBSr3dTn3L7gkwgbRHYamioB-8pl6jYasy4N8e1DkNWinxJQsRI0Y0IL840lCpAAulYTvYnQ8og7WsVXqIq8fR_RiudkHTBLR7KXA0p0pY817cjFpGpOzQNb5l2pi87c2TB236eAlfEe_hdRBthYTVCqTMjmNl2T1ldMwXyKQxt0RBYO-ZCJoQeGg7bDbQPCDx06u7r3SviUtap7JW_O-fYFuwDpJQLtW08dbw622VZRP4a-PUpAdEiqxgRmQJmWpIdXpmFNf2KfGAb56HIZXrFvriKuSA150CH9qq66--71-C_pbB0ZYTWviVX0vFYcLHWYi_RpydZYNJXPQ21s_DXVmAetrCH6tFmR2uG9eOkmvJjKcKcNW-EwGlBNbi4pEk5wuZAagpbTnbudCKCfQ56s_kP4l5Il85j4vSqJfyGoI346EX4ElJ9z1gmh9169ZWvjhkgdupuUqDuRaAO70x_V5qLV0IrQT2q46m_bqBZcT7272OO5NE9xeL-NE2hPGxcOC8T7fab-fyxihugXJ9DWCPt-cdGVXx2k4FA_UHS5Ukz1tnusVHbXh5XZVytZiqEUBVN6Wkkzoih_71QwCHYecQ20iuMrBSclLG81i_XY4plqRRzc5oEfhCCWbx5t568aFPtC1zMqVFP6-5I8UsoVa6L7KIAqsLky5PNXVGRF2uztZvlJ__HeETck7UD8z0KK_iuPsLeEIULo27OYyNcojfbZZMU_aI4FuMi_e1fPukLN86QFZEZJsq99MLiCun3R7tzMFtiWH0_KD6_YT2JrRHfwYjvUrzVZN4iXTZTkK14QUTZ7oWhAsI84d1Wc9_2XzuM7wfuhTn94kB23wW-YSFAlRE4tU1TWvqowKlcfxWHP-bz7DepYC8Jaj4AeEJpJ2uXV28D4RRuu_AQoTwsjKJq49_Hdeed2LHOlHWPawgoLfoNz0WMMy71b2j5UwlnXrrMIVElqps7WaJ1cJmYI6HfR8RbfNX0U9UWSCdAa3dSIbBTjMEOXXl6-mDBWJpHUewQv0Eqy8AmaBbpWh71Kpe9cbvv3Yu5kJ2JGfpU3jZYeWgPpZFNkgUUiU_P9sm1FQpQre2xNx1F_Fuunwk1UbXz41r5fSu0cb_UbBBXkCCeSb6yilZeSY3OZwpkGCvwuQWCwzuSNVsqnaTEQZB0GgCIaie6CXLDrQuCxSVOHwnU_MHDJL3SsYu_PHKdMilZcsm4LUB-sbxP_7JbHZGlfYLOl3DPIMippDTs9lZeQ9Z3oNlrjyF2D2D8g4eIPlRjakM5wiPXDoslA5vIM8at2LOMLnZHqpBHrVEAN662UIxWUmEVDYKICBNcgGKFbXpC3pTQU8RyH3522oY0T7yYVmYuhcddbdgd0GCbZGiYSo0fWHvqGwBSf74WD2Q1DVGzbC6p8VLX8X8gJ5BNVEmUFA_JJITt9srK-TCnV917Gd_zaZVJKL5WPACxMIvmb-2uTtLEi5gB4cxmAf6awqkqmtmxL0PT-qWs_NPpBfcGIH5DRi8kZzs8m9ZnjvzIQfUHiQwU-kDcieD6d2lEzIzYb162Dhg7JhW8O0f-A-rDDrSljgg27AL5oW8looM3i2t4yL_jhn5OV0YyK_rOa17uRItCwuxTgt0ofp7u03tqWbclNa0wsc4ZkesCToEd1-EPf9UJpY48Mq29P050K4BS4XyOCZzZru1YVffJR3HLz-LdPZsXAzM_Qt6-3VBWlgIbqyV2vH4ZUQIx2qWZRndARIgFnpQ7jSl1DUCHMh4fo09NJcdItidWtPWsbeJMbN4qr8ctIY-WerfV6z3Z9EM3UQsKwM4FzqVE9jTRHW7TRLoD3o1uEvie_ee7wb199_m0pCbsh_rSfiNG3RTznvG8xiQYN33Id6vxONVWBqOySU1olKl3YBG9K7gTUH6zb_Mp2pFAEmKG4Q96aPz6XlcVj53d7XZW-SZw3TZxiYUSWcxbHvvKb1JdcZsfuE6eEz5jDyh62HSuPMPSR8OM1oD0l8zmx_GQnYt5My3f6kmmi5_nEk1CAUem4cJ10b3EK8W41WrHZPoW0a4H1XfzBteWnGq92eOyMw4X2rbQfUB7RLIviwO-oTQczeZJ2t5w3wDNJ9fSw98t1gcfdEVFwC1iAWzzZSjtqWeQDmAo8m8N2trkRr9VLWMHTe3swDZxqVm4fkzQy211J3fkvlg3Prb8AKOYrjz3H4p5p0f2ofI5YLsGCaQBwDRZ7m8itYATb4veKL1tjXlyrWbTNqhivetjQRKlb5t3h4R1zY75igoOTqZ0NaM7EWf_9-_cJy-NdVCh2V9KVm3Z2dOgkQTsPeM2xFDaYRrvp5quIw6x8HDqJOkxB2YMb710qIkg8ZDuxuQvquNeEQbEMpO9bhJkrEjh5T0pAnsqQWNPA5im2ZflC4XGFMtnfyi0do_oPzazFo_PTTw4y-DfgXOTPEQqOebgaIfUKB4nQ1VevRuPJVocFiVsnu_mpV6BDZPMUxu6vOeIGbfSrCc3mfcatHxGCkus7qTvkx9KhE0OLJIwaedWeBLXOPEPDFHN4IbpTazMCzmJ69kyOoDrU647s3TvU4dAW9ofYOZi1SfqX9b3cnyYdvI3wmkmFb4WLynx2HEZtlvybNWdcguYqFXY5ugL6kNL4q1qGvW7gLyX_IpTpXM9jJ6uBhXbRzPrD6gItu1_bsY47j27YHcWBH-oT8FRD7wzTDVANSyED5Rl_LJ3-Xi30e0oMStiBswFaVFpThNWETwuJpMacSBgYEz-O6R15QLvhGqlQzyigsx-nyhq-rf5OxARgmexpjjQWBkqr0umq2WwZYWw5HysobVpK18Ad4QtEjRF2e0xuqFWgsl5scnQ2ow6fnFoSIwksLEEy55v2zpYqpMaIlStmh-GerjNiM8dBBPAKGJ_ZizxFEo5x9S7AJrOkdFP38yQmLbtsuHfRx5eQy3zxeF1llBvkUDayxzYq29tqwloPNCECyhZl17j69vZA-3S1jvYqRT0fMRrIMqMphJ7s0sXmJHS4Yw0UF25DpJ3Tbvn_lH2jxmA5xnjym8uE39CvA4Odd7SJpKRN1QcDvkrG_wagIH6wBvfB_gY-V0eA0mmu_X2KEKrxRuOV4uXs2Kbz1QyeFL_YpErfTXxdZOYyxtbKUxXFjcULPwv0AW4FlKHCBrTMb0WsNEIay2cgI1OjhNz5Rm9kdQ93e8kTzQqCidWwN92yC3FGedV_Ab_VEUbvoD4yVFwpyzP6lwqYUMgJ92BCzFJKRD6CU9DCHfZgbDtFCJaLq_uOxHhFTptIEe9aaiWW4p2Xl1CqjL5-9tFUBNiGSK6Gpnq3-nX9sTDxpkSH2nnBQ7EUK-_5SERFmTKA7ann1tj9BdK2SCXW53CtARXGYZ9cclTpHhLMiYuyprCSUuFAQ_Visu64UkYx4UbjqIR7sFOQzdujabR-1BaO7EHUZudCKLecPLbiLw3g-krl6yyRgXueCpEgxpreETYu-1AruY7aktu67IudmgDgg6L-u6OxUhwTCRlCacFNKOm2uJ8f0ToxAFdsJ_d21HAYkLqwG6WXlYiTL3CXAGEttVv2wd8ndjeIlQBkGiSgOvG51UI6zHZ3_GV0tjWWjsyV6FIJfNwRbGKccB62IbayIvX5a2SjQTC3dbC4Z9w&cid=CAQSOwBpAlJW6STbz8fKczpy_cpuzEwe0F39zkaHxZId583qXlIpdqEowLfwpvfHE72dkWXshmloc1fJGJl7GAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=7070455800893468000&adk=1278077692&idt=210&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
922f436265cc66b14ddb4a84abbcc328c10f1c892425ce6c9330f13ed1b50cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37680
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame E025 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
523
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1984 		1 KB
647 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84909
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 15:57:17 GMT
etag
48472445140208031
expires
Sat, 09 Sep 2023 15:57:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d34083a65ff0e36a3d645ece2161f69414caf9f8aed2d21e288e7607c5ddd6dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame 7D40 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-3216231935713038&ias_chanId=1&ias_placementId=20343400544&bidurl=https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hEshQW7qCrtU3UtkuRBuvm
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.13.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-13-244.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
099e460bf2d1515f5d21db2d4c07dc6efe4de8f92a7c493e04b3c76ad48abd3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 7D40 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 16:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83554
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 16:19:52 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 7D40 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A7_TQ-AQaYeb8-CZM73QqJ1yCAYd6H9a9r9WjjfhFE2MMllw-r7HtrGzmTIeSJ-zq0oRcDUsCG36838k9XzPAXiLneljJ5tUmcxzTj3NE89odAyJ6gkD1yVPRJIJ2Z1Ol7Qt7vrBfz07uV8cV6zQTyTaAqfmLdKkHOME6RVXHf53z2Np0&dbm_d=AKAmf-C_Nxf6I_6XiYvBo49SpSKprDVbRimFYjaaOwHfC9UBUAg47u3a4B-8n0ypACxaQ48gXFplVn3cjAaJCqbHUaVtG5ZBjEPaZz0iTy8YfoRNIfQG12ERJ5ruPI2gfuw338BSOkxqiTgkwPqx1ua4AuHmRvKVDMDTsJav1MoEfWjGHJw1uDvmR6kX5zWm2_jaV3E-pLYnDOvwL3Mr7oBzGbScm4BzP2LS1QrsRfUzlw5FTfjoStgoLKYiiv4n5xMDoPExNoUaUmvo3y-_hU4SjxZCoOEO1J0HHn9TgAbXDTBKsEUAF1M4o_ldQ9gQevuiqlAJkB7T-I1HCORKCVpzQv9nhCC3ACi-_OkrlsrpXo6JS8CAuGp7lZ27eS6gI59nK6mGp9WEgYzSA47rI-bielfYyH3-IeSvekG9iaj81YQ_oe0QkiMBUAjKcoMyHvWEvqomESGkd-MwMRbrieR0PJIm-QAeIIZEsEX4mqxy_cWaDWaHBONONWpKbRm4BkOcTMQVpMPm6jffY7jQh4uhLkmUSxYoxZSS0xVQ7-EHx25e1_ZjrVUvfMpMeZhJzDt1AJomBYtjcRTyDeDp7_ObW4VjZ_oqzHEyVgbH7tuv8CnZj2E5pYnmOzpczzILYMONQGkQrlasDaxUJOxsqel42MGkVi5ep43Wu0nmOJpgxiY6MldvxUZEGBPOj-jI5Vs8VGZCVZRH9cshCe_ZfElFjj1Se3rU1VcZv1OYepBe4TCq-oLoqXZp8_j1-Zj6FgtEGZMf7lc77WL85eBEPNyrGrzzBKhUC3kYGfsjBmSh3hRY2O8sKRkWCiLrXoHTME16I0QzjbtpOm8HOgWSpjiUBSCz4yClvpUZ1XTLJBoxdm8slD7X8Kuea0Bd_7c8WhYCITQOiRAAPq5w5cLdv76at1FuAZ3Xnco_3F1rkw-V36sf-f4hnMAoEYmF99oRIXZLgMS16duU6FliUTtKZoxqK0LXRQ_KNO2VWjsALQdv8nhNKnD4n-DymfFQt7yg5gn6fR37jHvGPMYCPhFKvPoP90SpfCHmG76kazsmN-8BPazV28cl3CG9fIzVNnZ_fj3WlfMwriQ3DzOkD7nupwkLXbtzQTiWYy0TZlQr5HsaoDi3R5f1UukhteRgCvuGZWzV_6LX0d-hg8J8VeHNgwOTlR5KCFZRBHqZHrb9pKvUcaPyPENnBYLWd3E3QuiuFCqWpa85kBqq2drcaCyKLI0JLXtSLIanlV6h4th-cQvOXfKx0PaNJhuhsSsptikt_lHP9xfsWKuNYED1SV2RG-X_prWRUFuWJlmiQLG22aK85bKIRSioRIvOXpEAaTLHK99F8I2HqB2_pcdPV6CL1km5hljQYR9yYtFPdCsPNMpZg4d7RHS3PL1Jd3ytBpcMK5wfOIXETESfkRIwyzlO-NWbmK7JgSVatxX7JQgWdB9oJS3UjruFt805MAcaFdLUSMlua_blDn5RKfpa-WiFpn4qatyU_OX-0Mzj5g0CkKxVDVuUiq9-j1A-glCJuE6KD4vBZWC9EQbzkmltraonIhfLE0CocFL5ztuix98Rs6l2DcuKFu8w-9hqp0POfkA479TDF0BqFPDdvVUlgTiBNo27lUdKAjwVwveYxbGu7fKcX1q0EZInZGtRRF5pV7005hSbZntaW9Twl7KdqyLNGIrnBz6FFw3cCr2Z_Aqqezve_lYKqOotggvUV_2h2SJ5NyPjRrctjCU36G_qP7kgGUnKuZZ71pwbqjc8ATefkAiMgW8YUVixW-AecrFn-K0QyBEdmwwH9PsCC2qRsQleXEhq2_tIHS60QTAn0Vfr-7R4TcTy1CG6B_oQCSNi5h8Z2u0Yg85tpKgGxAEmRkenTPovc7I137WTLIAQXMHgjt0gZXdxTQgif6Sd_IUr6KPZbiUiGturvazVk8VKesCVMusgD5UhqbXbId2Jk2a1Airw7Xjdx2EXq3YFDylkZPsZil5MqhUqGjPPU0ucLkruHesirBHpymtJUZAMyOyIhWKciQ3N-ynZ3u2kuR620NYLx8FlRNTL3GOsEKKHu4s645CWXxlKenkS9EQc5lslvPS81XGcF_XT3P4FbtIefhUhUBY-B0ld4kWBW8dKoV0s4eS70OPZi1VXiWPe0oM3BUI_TmVutW0cvovtzeoH_ZzDgD0HW3buod8Rh8D5Y8flCf1rO1wiTeKcqk11hWloAqA6H7xXnUiEcFaQ7lQFnUbH-HGW59zxav0det6DF5jdoLNA4vhBkLaB_7UCLt0S8PHrfrNgLbPM26ggKgHWhCjPQnK7M4CQie0ZYDfskXM68fmyrnwmuUbwHPTpogweNVYRZuxIJeqYXAiT6QkB6f1u7BAuuq_vpurJTgjXkW8BqKRGmhhw92vZoKdB8wSVOyIpiA_ZKVxIWFKkhT2vDIubDrfx8GHnWN2oz0Xy-M1M5A-tsFfgKRm2ouTG4rrz1nYLGYzfsW-gyIcUd6P4ERvjo19sEta3gCzIHMCfT_SATq-98KphK587WSK5NgF5opFzWYxrUiuYuaXDTWvt4Hidu6Ky2Po2go_zRdmG322cjxrFt-VZeR68Qzfa_QNSPVnye2IHFuyHw3zdHX79GnGuK8CFFjycYmfoHwKpEylrJMJ7fxKGEgzvFWjLOxtjwkUT3QsFjd2tM-Jd3T1Z-wWMpjFm7KIw6Ge48Hg6-I-b6vuVqK9O9nWY-Wxl8gR-NUou5ZSsg8vvCDjFxtfz_OaxLB-xxa1xJcoM13NwwEImHf83VxPrWM9f6e7PzOAkLSYyV9J23oFz8UhMygF_eXGQ39w8n9zrslafbhD8R6yphCBHNR8NrzBEhFP1ePEOj7Ay_Ns3hSFn2NCmAUv4Omwej31wGAgdulfHtXSRuZ0HsNcuUeYpamvofV6xwMmDCwxB1TWenJvLwCFGF3sQ1GwnT0APhJTstE_qJW63Qo7hT-09-M0AdTgmeFqPNrlXcH9DSBiatGvuMCHkXelM0sXTI0wRUM0UfKsiJt4bUUqVSv52ZBFsvdvl1B5SkJBd9cIsHowwQ7Xzd42M93uGlozLwFWHgETOvHKm9ExxdFs5cD1mlUKEBsBEHKUEoKnP6_qeiB6lvhHE5kzCczV02Rt8CjU-8uj82WO7QZP0yBzz8NHDFwJNf1W7IblFqWlfPedxacUa6YLRifo_M5X7daAKEOePFJSlSwan_Ws-XiLX9zHsJ8I2WaYw7Y8IkMa1AUUbXap16VUDznYCLWAsdspl3hUwvfktqazfDzSZUt9f_byFukVjFiscWbCx1pthBkZKMhMgfFWUGsgdDZwGGq8xkdycuYLmywzPK3PzmYVKS69VRlEdFdMXbZDb45z6_e0jwZD6NHKYB62QtTWZfYSgBV2XtlhHvXYYZScENGQxLN82o3kP72yehXY6sXOeRaHVFJyDxqPVugw0zB89_rkB40Rs2Fwh3xUbClWj-_4cuEWQFPvMiiqSEXdxWWW0sbCU2_N8fXWzkE77C9cUEbWzqQuygFO2PX9HB8TxW8oHE6f67d4Ov_UJCjGLXHH8DLt84fqENDwuLbQYhCupEmSNmUBMDFmTCFXWdWM2PpdFzAwBIZhmdCj4rHEZOEc6exluPgYLWZuef-eQsUuDH5nnynvonv1HaTCo1hKTUG-MSVFt-D1Ovm81EW_zcrMERr1eeuVUTVVZ27r9682E1RBccQmQrADpjdN1JfHw9mE6j8O45qlP3coJ9Cg7Ses3iaTdk3T7kpYNTFmR3DldsNP8eNtrlSP78j5X&cid=CAQSKQBpAlJWauCVYyK5M1QrSl_VqI0lmT4zA0BYs2Mrl3RIytBHjWcBWbKxGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=8140931646919190000&adk=2245616035&idt=182&cac=0&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 07:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
29973
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 07:12:53 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 7D40 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A7_TQ-AQaYeb8-CZM73QqJ1yCAYd6H9a9r9WjjfhFE2MMllw-r7HtrGzmTIeSJ-zq0oRcDUsCG36838k9XzPAXiLneljJ5tUmcxzTj3NE89odAyJ6gkD1yVPRJIJ2Z1Ol7Qt7vrBfz07uV8cV6zQTyTaAqfmLdKkHOME6RVXHf53z2Np0&dbm_d=AKAmf-C_Nxf6I_6XiYvBo49SpSKprDVbRimFYjaaOwHfC9UBUAg47u3a4B-8n0ypACxaQ48gXFplVn3cjAaJCqbHUaVtG5ZBjEPaZz0iTy8YfoRNIfQG12ERJ5ruPI2gfuw338BSOkxqiTgkwPqx1ua4AuHmRvKVDMDTsJav1MoEfWjGHJw1uDvmR6kX5zWm2_jaV3E-pLYnDOvwL3Mr7oBzGbScm4BzP2LS1QrsRfUzlw5FTfjoStgoLKYiiv4n5xMDoPExNoUaUmvo3y-_hU4SjxZCoOEO1J0HHn9TgAbXDTBKsEUAF1M4o_ldQ9gQevuiqlAJkB7T-I1HCORKCVpzQv9nhCC3ACi-_OkrlsrpXo6JS8CAuGp7lZ27eS6gI59nK6mGp9WEgYzSA47rI-bielfYyH3-IeSvekG9iaj81YQ_oe0QkiMBUAjKcoMyHvWEvqomESGkd-MwMRbrieR0PJIm-QAeIIZEsEX4mqxy_cWaDWaHBONONWpKbRm4BkOcTMQVpMPm6jffY7jQh4uhLkmUSxYoxZSS0xVQ7-EHx25e1_ZjrVUvfMpMeZhJzDt1AJomBYtjcRTyDeDp7_ObW4VjZ_oqzHEyVgbH7tuv8CnZj2E5pYnmOzpczzILYMONQGkQrlasDaxUJOxsqel42MGkVi5ep43Wu0nmOJpgxiY6MldvxUZEGBPOj-jI5Vs8VGZCVZRH9cshCe_ZfElFjj1Se3rU1VcZv1OYepBe4TCq-oLoqXZp8_j1-Zj6FgtEGZMf7lc77WL85eBEPNyrGrzzBKhUC3kYGfsjBmSh3hRY2O8sKRkWCiLrXoHTME16I0QzjbtpOm8HOgWSpjiUBSCz4yClvpUZ1XTLJBoxdm8slD7X8Kuea0Bd_7c8WhYCITQOiRAAPq5w5cLdv76at1FuAZ3Xnco_3F1rkw-V36sf-f4hnMAoEYmF99oRIXZLgMS16duU6FliUTtKZoxqK0LXRQ_KNO2VWjsALQdv8nhNKnD4n-DymfFQt7yg5gn6fR37jHvGPMYCPhFKvPoP90SpfCHmG76kazsmN-8BPazV28cl3CG9fIzVNnZ_fj3WlfMwriQ3DzOkD7nupwkLXbtzQTiWYy0TZlQr5HsaoDi3R5f1UukhteRgCvuGZWzV_6LX0d-hg8J8VeHNgwOTlR5KCFZRBHqZHrb9pKvUcaPyPENnBYLWd3E3QuiuFCqWpa85kBqq2drcaCyKLI0JLXtSLIanlV6h4th-cQvOXfKx0PaNJhuhsSsptikt_lHP9xfsWKuNYED1SV2RG-X_prWRUFuWJlmiQLG22aK85bKIRSioRIvOXpEAaTLHK99F8I2HqB2_pcdPV6CL1km5hljQYR9yYtFPdCsPNMpZg4d7RHS3PL1Jd3ytBpcMK5wfOIXETESfkRIwyzlO-NWbmK7JgSVatxX7JQgWdB9oJS3UjruFt805MAcaFdLUSMlua_blDn5RKfpa-WiFpn4qatyU_OX-0Mzj5g0CkKxVDVuUiq9-j1A-glCJuE6KD4vBZWC9EQbzkmltraonIhfLE0CocFL5ztuix98Rs6l2DcuKFu8w-9hqp0POfkA479TDF0BqFPDdvVUlgTiBNo27lUdKAjwVwveYxbGu7fKcX1q0EZInZGtRRF5pV7005hSbZntaW9Twl7KdqyLNGIrnBz6FFw3cCr2Z_Aqqezve_lYKqOotggvUV_2h2SJ5NyPjRrctjCU36G_qP7kgGUnKuZZ71pwbqjc8ATefkAiMgW8YUVixW-AecrFn-K0QyBEdmwwH9PsCC2qRsQleXEhq2_tIHS60QTAn0Vfr-7R4TcTy1CG6B_oQCSNi5h8Z2u0Yg85tpKgGxAEmRkenTPovc7I137WTLIAQXMHgjt0gZXdxTQgif6Sd_IUr6KPZbiUiGturvazVk8VKesCVMusgD5UhqbXbId2Jk2a1Airw7Xjdx2EXq3YFDylkZPsZil5MqhUqGjPPU0ucLkruHesirBHpymtJUZAMyOyIhWKciQ3N-ynZ3u2kuR620NYLx8FlRNTL3GOsEKKHu4s645CWXxlKenkS9EQc5lslvPS81XGcF_XT3P4FbtIefhUhUBY-B0ld4kWBW8dKoV0s4eS70OPZi1VXiWPe0oM3BUI_TmVutW0cvovtzeoH_ZzDgD0HW3buod8Rh8D5Y8flCf1rO1wiTeKcqk11hWloAqA6H7xXnUiEcFaQ7lQFnUbH-HGW59zxav0det6DF5jdoLNA4vhBkLaB_7UCLt0S8PHrfrNgLbPM26ggKgHWhCjPQnK7M4CQie0ZYDfskXM68fmyrnwmuUbwHPTpogweNVYRZuxIJeqYXAiT6QkB6f1u7BAuuq_vpurJTgjXkW8BqKRGmhhw92vZoKdB8wSVOyIpiA_ZKVxIWFKkhT2vDIubDrfx8GHnWN2oz0Xy-M1M5A-tsFfgKRm2ouTG4rrz1nYLGYzfsW-gyIcUd6P4ERvjo19sEta3gCzIHMCfT_SATq-98KphK587WSK5NgF5opFzWYxrUiuYuaXDTWvt4Hidu6Ky2Po2go_zRdmG322cjxrFt-VZeR68Qzfa_QNSPVnye2IHFuyHw3zdHX79GnGuK8CFFjycYmfoHwKpEylrJMJ7fxKGEgzvFWjLOxtjwkUT3QsFjd2tM-Jd3T1Z-wWMpjFm7KIw6Ge48Hg6-I-b6vuVqK9O9nWY-Wxl8gR-NUou5ZSsg8vvCDjFxtfz_OaxLB-xxa1xJcoM13NwwEImHf83VxPrWM9f6e7PzOAkLSYyV9J23oFz8UhMygF_eXGQ39w8n9zrslafbhD8R6yphCBHNR8NrzBEhFP1ePEOj7Ay_Ns3hSFn2NCmAUv4Omwej31wGAgdulfHtXSRuZ0HsNcuUeYpamvofV6xwMmDCwxB1TWenJvLwCFGF3sQ1GwnT0APhJTstE_qJW63Qo7hT-09-M0AdTgmeFqPNrlXcH9DSBiatGvuMCHkXelM0sXTI0wRUM0UfKsiJt4bUUqVSv52ZBFsvdvl1B5SkJBd9cIsHowwQ7Xzd42M93uGlozLwFWHgETOvHKm9ExxdFs5cD1mlUKEBsBEHKUEoKnP6_qeiB6lvhHE5kzCczV02Rt8CjU-8uj82WO7QZP0yBzz8NHDFwJNf1W7IblFqWlfPedxacUa6YLRifo_M5X7daAKEOePFJSlSwan_Ws-XiLX9zHsJ8I2WaYw7Y8IkMa1AUUbXap16VUDznYCLWAsdspl3hUwvfktqazfDzSZUt9f_byFukVjFiscWbCx1pthBkZKMhMgfFWUGsgdDZwGGq8xkdycuYLmywzPK3PzmYVKS69VRlEdFdMXbZDb45z6_e0jwZD6NHKYB62QtTWZfYSgBV2XtlhHvXYYZScENGQxLN82o3kP72yehXY6sXOeRaHVFJyDxqPVugw0zB89_rkB40Rs2Fwh3xUbClWj-_4cuEWQFPvMiiqSEXdxWWW0sbCU2_N8fXWzkE77C9cUEbWzqQuygFO2PX9HB8TxW8oHE6f67d4Ov_UJCjGLXHH8DLt84fqENDwuLbQYhCupEmSNmUBMDFmTCFXWdWM2PpdFzAwBIZhmdCj4rHEZOEc6exluPgYLWZuef-eQsUuDH5nnynvonv1HaTCo1hKTUG-MSVFt-D1Ovm81EW_zcrMERr1eeuVUTVVZ27r9682E1RBccQmQrADpjdN1JfHw9mE6j8O45qlP3coJ9Cg7Ses3iaTdk3T7kpYNTFmR3DldsNP8eNtrlSP78j5X&cid=CAQSKQBpAlJWauCVYyK5M1QrSl_VqI0lmT4zA0BYs2Mrl3RIytBHjWcBWbKxGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=8140931646919190000&adk=2245616035&idt=182&cac=0&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 06:26:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
32737
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11585
x-xss-protection
0
server
cafe
etag
30886230758233217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 06:26:49 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7D40 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:22:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
558598
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Sep 2024 04:22:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0325 		1 KB
647 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84909
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 15:57:17 GMT
etag
48472445140208031
expires
Sat, 09 Sep 2023 15:57:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7D40 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea64c6c77264080f9c0adc067ac62a29557a01dac182dcd373efff3b5c38c9df

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame D6A0 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=9~lmc6q3k6&c=6638320243726&slotId=3319160121863&qqid=CIXC7ubsnYEDFbuN_QcdNJ4MDw&gqid=CZD8ZKvUN5zI7_UPgfiygAI&fb=ima_html5-lima&sdkv=h.3.588.0&ppt=vidvertoplayer&ppv=1.0.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.lmc6q3k6~ghmsh_s.lmc6q3k6~ghmsh_s.lmc6q3k6&cpn=TmJC47OKYy1b8ZSJ
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4001:807::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D6A0 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=a~lmc6q3mo&c=6638320243726&slotId=3319160121863&qqid=CLDJ7-bsnYEDFdaT_Qcd_l4NRw&gqid=CZD8ZKjZN7HK7_UPrK-0sAM&fb=ima_html5-lima&sdkv=h.3.588.0&ppt=vidvertoplayer&ppv=1.0.0&mrd=4&aab=1&itv=1&ua_e=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4001:807::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D6A0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.588.0&e=44770823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&id=ima_html5&c=2272763273246357&domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame D6A0 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-3132893725603935
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:11:48 GMT
x-content-type-options
nosniff
age
1239
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 16:01:48 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D6A0 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CemwzCZD8ZMWZObub9u8PtLyyeIHz9e9yy6KRpekRsJAfEAEgw5W3dmCVgoCArAegAZyv-6gCyAEF4AIAqAMBmAQAqgT9Ak_Q5U-wXGPBxvUyZl1KaRMtp2JBxv0OFVvF77swvvcMi9pE7QmdlHoxWHBmovUMzQ2zIwhQbkExshoMqDaEV9ycTPti6yRbe1zOqLMxrWyPzd190bjG3C8EyId_60l2XU71v2E_ro_SBr82684S6n24H8bYWDZCS5fWkV64Gi0EY3hJAsWjwrvTNJEj0wwHb9HHKmUUT90ljZSEUb8LzZNpjHMwYXlphkClDxeTr58Yq1LSmTwAHgg4sVyCkUBIpiv9h9aUcTNlCDivrIoqlEXcQgtiXJFJYvBLQlGqZdtZ9ht7kN0GoEpGFYM0rse6L8AhrhZkEGhyMvEb81af5E4f2dO8mT9Jtm7dI_K4yYeZAnUUhvUAX-DS3DXJTPPoJ8iOr7ngI1TCGCq3ollPBddpXq_C64-xcurVNlPxENwsxworeJmArpeDeDocZSkRzxwJUy3oxT-pzckSlhS1osqOzO4bAzOmTFxF-NkeyOfJujfgVotjFcHH1i7bssAEubSGv8cE4AQBiAWfv6eyTKAGVIAHzNCE1wGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6sQmPM8evJHTjxoAKA5gLAcgLAdALD9oMEAoKELDDidztubnkLRICAQOaDQEPqg0CREXIDQHYExPQFQGYFgH4FgGAFwE&sigh=MDkzLum7D3I&label=show_ad&sdkv=h.3.588.0&vci=Ck0IAhIOYWQudmlkdmVydG8uaW8aElZpZHZlcnRvIEFkIFNlcnZlciADKiA1NWFjOTBjMWJjNjYyZTkzZDdlN2M3YzBkNjA2NjVhMUCFAQprCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MTIzNzkxNTI3MTUyDDY3MjQyOTIzMTUwOUDXBFIjEA8lAABwQigBOgtVY2VKOGpOZ2Mxb0IJZ29vZ2xlYWRzUAAYAQ..
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame D6A0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CA4YgCZD8ZMWZObub9u8PtLyyeIHz9e9yy6KRpekRsJAfEAEgw5W3dmCVgoCArAegAZyv-6gCyAEF4AIAqAMBmAQAqgT6Ak_Q5U-wXGPBxvUyZl1KaRMtp2JBxv0OFVvF77swvvcMi9pE7QmdlHoxWHBmovUMzQ2zIwhQbkExshoMqDaEV9ycTPti6yRbe1zOqLMxrWyPzd190bjG3C8EyId_60l2XU71v2E_ro_SBr82684S6n24H8bYWDZCS5fWkV64Gi0EY3hJAsWjwrvTNJEj0wwHb9HHKmUUT90ljZSEUb8LzZNpjHMwYXlphkClDxeTr58Yq1LSmTwAHgg4sVyCkUBIpiv9h9aUcTNlCDivrIoqlEXcQgtiXJFJYvBLQlGqZdtZ9ht7kN0GoEpGFYM0rse6L8AhrhZkEGhyMvEb81af5E4f2dO8mT9Jtm7dI_K4yYeZAnUUhvUAX-DS3DXJTPPoJ8iOr7ngI1TCGCq3ollPBddpXq_C64-xcurVNlPxENwsxworeJmArpeDeDocZSkRlx3rByeSGx87BhKLyPssjTQezyKjJhWs0ldr4GHzQOQFCIzNepOq60CZOcAEubSGv8cE4AQBiAWfv6eyTJIFEAgSEAUYDzDa5oGbo77i41GgBlSAB8zQhNcBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRCPtJ8BqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJ6QFodHRwOi8vd3d3Lmhlcm8td2Fycy5jb20vP2hsPWRlJmRlbGF5ZWRzaWdudXA9dHJ1ZSZueF9zb3VyY2U9YWR4X2Fkd29yZHN5b3V0dWJlLmh3X3diX3VoXy0uY2MtZGUuZy1tLmEtMjU1NC5hdS1icmFuZGZvcm1hbmNlLmNvbS1uZXdhYy5scC1kZWxheWVkLmNyLWh3X2R1bmdlb25yb29tczI4Yl9oX2VuXzYwLmR0LXlvdXR1YmUuY2lkLTIwNTA2NTk5MzI3LmFnaWQtMTU2NjMwMDk2NDQxLmNzZC0wMTA5MjMuLYAKA8gLAcITBhicr_uoAtgTE9AVAZgWAYAXAbIXHgocCAASFHB1Yi04NjEwMDUwNjE0NjQ1MjYzGO2-cQ&sigh=-F3xgnnMhow&cmd=Ch1jYS12aWRlby1wdWItMzEzMjg5MzcyNTYwMzkzNRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ase=2&cid=CAQSOwBpAlJWuEV88B5OR2Z66Qz1siQ1XCUUSkwXt-sE98s2FqFp3J_7m2ysRJHJxI_ExxPKC9UTq0oescEIGAE&vt=10&sdkv=h.3.588.0&vci=Ck0IAhIOYWQudmlkdmVydG8uaW8aElZpZHZlcnRvIEFkIFNlcnZlciADKiA1NWFjOTBjMWJjNjYyZTkzZDdlN2M3YzBkNjA2NjVhMUCFAQprCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MTIzNzkxNTI3MTUyDDY3MjQyOTIzMTUwOUDXBFIjEA8lAABwQigBOgtVY2VKOGpOZ2Mxb0IJZ29vZ2xlYWRzUAAYAQ..
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D77 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgZ-BCJD8ZPi7LZXggAealJOYBAAAAAA4AeAEAg&bg=!Q0ClQA_NAAa6D61Rmg87ADQBe5WfOARLQ90-OzwLXG_CazPZYsSN11kL5AQOHwTC5OJO0va8R8i0BExsnb2sARB8nRDSAgAAAl1SAAAAB2gBB5kDTUaib4Ex28qONW6CvJbbHW18Z23BT8fHaYy_KQ3uShpHpP7RY4mGC1RAa64BLax4UNmL9qMRLhoHfiFW6hhaMWUlLMynGA5fu6qstkyHTfTuYqYrZtKLQvBxQ53M7aJHEk0jN8kL3I4bJ4uooD0Wef1oZpBqAEGYfqlkizFsJuCh_a1rvyMFWYrV378Rm5B_8rfkwR27hiFdtdmZJ1I5ZN4Z1mgVKOx98lSw3J9QFPYxmsw2C95o2FpyB0XFrLrHEV5yzmOOHqHuxSeVdhoe9JONbR37I73tZKiJGRzu7Wfar7ZoZ6TklV1It52gMFoJEUfLccGjiT9s_RjgQ4DgXvbdxoz8W1UKKm6NKSHlZbL8CRGyA8JKBhbrajG7yYVraLrhsKrKH3cjIsYOEla2JCtX4I0CC9xV7nsubvdv4c7T0Q7AFPlhi7EGMxtApag7vXb6O_AqlSikwJTQPfU2NwgHPAewZLHgNMw3UeeeI-eBvh0Wj2fCnxEhHiu6Fkx_f9UY2zkJ_cXxe2sYNCnNcIlAbkoNHfq3x4Hj0NDNTf84lp7QJ4NAtvRSR4WcCU9M8c3u88pKboJgbo1Q2STtZ8z0q3o0-KS4vYQlGrnNAV89eaZCjreiujAhCLLIdiJMBnjz6jWXrqHvrgfUrdIP_do77cRgiLBWyOp0JUafWvBw2Hth_ngMOQl8yY5B917U9UkbZTHnhE2OuOdJwyf1eZzHV5ZWSm0prHTnGNi2RNwLPgNpNqVsNTe0MjSyd8RJ6kkIutjLS3_L2vGpwia4UeZmQntYzdHMsLXHNe79InrpTh7jzp0K7uG4WjoG-YDRcsk_AqlqxXhR80x6_dYj7yLyd8DMBT4QTWBRxVsxFZ3lHlR9f_ZYKOdyeGbkbq5bAyFcYixqWwmuJ32TBH6UcTmvFGvH2Ke-1g_oXJtoFBgfMK1zlgUg7l6dINgmnO3QsG4paucu7Ar-2cD3wn53MRCAZshHaFSp5lzTMFWnar_uTnbUqGxi2BlWFSOVBhfaQGac1SwEZZ4tz_qiSU6VhAsuUH5StwoxB1jQhQgoCLauqJsc1yGDMbH7pXDvxtlYVTt19NAT_mxnXflCdXlJjTHTij65bkN4R4Aea2WA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7906 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6ec481ee39bc8a22eb6cfce9ce2f7979bdc0528bab5b77c0dbc22a666e1c705
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5784
x-xss-protection
0
2307_prepaid_halbjahrespaket_vertikal.png
s0.2mdn.net/4528404/ Frame 7906 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/2307_prepaid_halbjahrespaket_vertikal.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57272de8182992c7b7401e2e936966ca75fec35b83dc6a535e6aa7634aa9a98e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=YEaMD8hqE1&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 13:51:51 GMT
x-content-type-options
nosniff
age
6036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2076162
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 09:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 13:51:51 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 7906 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=YEaMD8hqE1&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 06:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 06:34:14 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 7906 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=YEaMD8hqE1&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 07:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 07:05:17 GMT
logo-d0d80991.svg
s0.2mdn.net/sadbundle/6426159062837453930/ Frame 7906 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6426159062837453930/logo-d0d80991.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=YEaMD8hqE1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 16:26:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Sep 2024 07:05:17 GMT
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lmc6q1r8&c=6638320243726&slotId=3319160121863&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4001:807::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 07FC 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6379382116606&version=m202307240101&ct=76&x=1&cor=14076913075755645000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 53ED
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=BfM4o9bhyVCJPwGXy_ur-bKH5OB-P6_J
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=BfM4o9bhyVCJPwGXy_ur-bKH5OB-P6_J
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Server
52.31.202.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-202-102.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-served-by
beacon-n002-dub-prod.krxd.net
date
Sat, 09 Sep 2023 15:32:27 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1694273547
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=BfM4o9bhyVCJPwGXy_ur-bKH5OB-P6_J
date
Sat, 09 Sep 2023 15:32:27 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
5779245
content-length
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 268E 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 16:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83555
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 16:19:52 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 268E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPtcOnoihVTILqckShDLonZJlHAVdECveC76Ael4jW10I_B4WFZ1VMapQD7gv-OxHxG5GZfefuqjOIdqI2Eb7K9uqRUCLB6x2lI_vPWEPFdxBUnxoSDSsIaoszjNJ5C-2xyfMeF9fe6P6lg4992Tb0yJXPfBNX9b3PV2doc_G90mO_1Dc&cry=1&dbm_d=AKAmf-DS4qes2t4hbuka5ypZpJbw9iDO-3_cwfyFrF9k3bp_2o-ny8NUPijPyzKKXhN9LSQ7Qv03WuYjs2DAmOPY37j-G_slSIySZPONQ8PGxkJi0BXo-c_DanH6cbxmgv5gzN0JUyHxUfvexiJP1ptKhtxFgEqfqbP90iNuZsc-FZ_ksVdxU3tBYSxVAkxf33A97uWumJiJvqFYW4eB5NYEs4sipjkMtb9dCxkVRIhE5nawV1Wi1m6YKx_0nfaxcGBhk6Nn0Yw0OcFka5cH44XF5WTZPW3fanKbCj8l444ITEEtG6DHF26FJGAP3PGNrILP4U2F7k4_Q-aph7ricuG1XV7xSMBlL_lzRk7RldRkDEs2syYDsfH3aG-Jz3vbdqtxsyBSr3dTn3L7gkwgbRHYamioB-8pl6jYasy4N8e1DkNWinxJQsRI0Y0IL840lCpAAulYTvYnQ8og7WsVXqIq8fR_RiudkHTBLR7KXA0p0pY817cjFpGpOzQNb5l2pi87c2TB236eAlfEe_hdRBthYTVCqTMjmNl2T1ldMwXyKQxt0RBYO-ZCJoQeGg7bDbQPCDx06u7r3SviUtap7JW_O-fYFuwDpJQLtW08dbw622VZRP4a-PUpAdEiqxgRmQJmWpIdXpmFNf2KfGAb56HIZXrFvriKuSA150CH9qq66--71-C_pbB0ZYTWviVX0vFYcLHWYi_RpydZYNJXPQ21s_DXVmAetrCH6tFmR2uG9eOkmvJjKcKcNW-EwGlBNbi4pEk5wuZAagpbTnbudCKCfQ56s_kP4l5Il85j4vSqJfyGoI346EX4ElJ9z1gmh9169ZWvjhkgdupuUqDuRaAO70x_V5qLV0IrQT2q46m_bqBZcT7272OO5NE9xeL-NE2hPGxcOC8T7fab-fyxihugXJ9DWCPt-cdGVXx2k4FA_UHS5Ukz1tnusVHbXh5XZVytZiqEUBVN6Wkkzoih_71QwCHYecQ20iuMrBSclLG81i_XY4plqRRzc5oEfhCCWbx5t568aFPtC1zMqVFP6-5I8UsoVa6L7KIAqsLky5PNXVGRF2uztZvlJ__HeETck7UD8z0KK_iuPsLeEIULo27OYyNcojfbZZMU_aI4FuMi_e1fPukLN86QFZEZJsq99MLiCun3R7tzMFtiWH0_KD6_YT2JrRHfwYjvUrzVZN4iXTZTkK14QUTZ7oWhAsI84d1Wc9_2XzuM7wfuhTn94kB23wW-YSFAlRE4tU1TWvqowKlcfxWHP-bz7DepYC8Jaj4AeEJpJ2uXV28D4RRuu_AQoTwsjKJq49_Hdeed2LHOlHWPawgoLfoNz0WMMy71b2j5UwlnXrrMIVElqps7WaJ1cJmYI6HfR8RbfNX0U9UWSCdAa3dSIbBTjMEOXXl6-mDBWJpHUewQv0Eqy8AmaBbpWh71Kpe9cbvv3Yu5kJ2JGfpU3jZYeWgPpZFNkgUUiU_P9sm1FQpQre2xNx1F_Fuunwk1UbXz41r5fSu0cb_UbBBXkCCeSb6yilZeSY3OZwpkGCvwuQWCwzuSNVsqnaTEQZB0GgCIaie6CXLDrQuCxSVOHwnU_MHDJL3SsYu_PHKdMilZcsm4LUB-sbxP_7JbHZGlfYLOl3DPIMippDTs9lZeQ9Z3oNlrjyF2D2D8g4eIPlRjakM5wiPXDoslA5vIM8at2LOMLnZHqpBHrVEAN662UIxWUmEVDYKICBNcgGKFbXpC3pTQU8RyH3522oY0T7yYVmYuhcddbdgd0GCbZGiYSo0fWHvqGwBSf74WD2Q1DVGzbC6p8VLX8X8gJ5BNVEmUFA_JJITt9srK-TCnV917Gd_zaZVJKL5WPACxMIvmb-2uTtLEi5gB4cxmAf6awqkqmtmxL0PT-qWs_NPpBfcGIH5DRi8kZzs8m9ZnjvzIQfUHiQwU-kDcieD6d2lEzIzYb162Dhg7JhW8O0f-A-rDDrSljgg27AL5oW8looM3i2t4yL_jhn5OV0YyK_rOa17uRItCwuxTgt0ofp7u03tqWbclNa0wsc4ZkesCToEd1-EPf9UJpY48Mq29P050K4BS4XyOCZzZru1YVffJR3HLz-LdPZsXAzM_Qt6-3VBWlgIbqyV2vH4ZUQIx2qWZRndARIgFnpQ7jSl1DUCHMh4fo09NJcdItidWtPWsbeJMbN4qr8ctIY-WerfV6z3Z9EM3UQsKwM4FzqVE9jTRHW7TRLoD3o1uEvie_ee7wb199_m0pCbsh_rSfiNG3RTznvG8xiQYN33Id6vxONVWBqOySU1olKl3YBG9K7gTUH6zb_Mp2pFAEmKG4Q96aPz6XlcVj53d7XZW-SZw3TZxiYUSWcxbHvvKb1JdcZsfuE6eEz5jDyh62HSuPMPSR8OM1oD0l8zmx_GQnYt5My3f6kmmi5_nEk1CAUem4cJ10b3EK8W41WrHZPoW0a4H1XfzBteWnGq92eOyMw4X2rbQfUB7RLIviwO-oTQczeZJ2t5w3wDNJ9fSw98t1gcfdEVFwC1iAWzzZSjtqWeQDmAo8m8N2trkRr9VLWMHTe3swDZxqVm4fkzQy211J3fkvlg3Prb8AKOYrjz3H4p5p0f2ofI5YLsGCaQBwDRZ7m8itYATb4veKL1tjXlyrWbTNqhivetjQRKlb5t3h4R1zY75igoOTqZ0NaM7EWf_9-_cJy-NdVCh2V9KVm3Z2dOgkQTsPeM2xFDaYRrvp5quIw6x8HDqJOkxB2YMb710qIkg8ZDuxuQvquNeEQbEMpO9bhJkrEjh5T0pAnsqQWNPA5im2ZflC4XGFMtnfyi0do_oPzazFo_PTTw4y-DfgXOTPEQqOebgaIfUKB4nQ1VevRuPJVocFiVsnu_mpV6BDZPMUxu6vOeIGbfSrCc3mfcatHxGCkus7qTvkx9KhE0OLJIwaedWeBLXOPEPDFHN4IbpTazMCzmJ69kyOoDrU647s3TvU4dAW9ofYOZi1SfqX9b3cnyYdvI3wmkmFb4WLynx2HEZtlvybNWdcguYqFXY5ugL6kNL4q1qGvW7gLyX_IpTpXM9jJ6uBhXbRzPrD6gItu1_bsY47j27YHcWBH-oT8FRD7wzTDVANSyED5Rl_LJ3-Xi30e0oMStiBswFaVFpThNWETwuJpMacSBgYEz-O6R15QLvhGqlQzyigsx-nyhq-rf5OxARgmexpjjQWBkqr0umq2WwZYWw5HysobVpK18Ad4QtEjRF2e0xuqFWgsl5scnQ2ow6fnFoSIwksLEEy55v2zpYqpMaIlStmh-GerjNiM8dBBPAKGJ_ZizxFEo5x9S7AJrOkdFP38yQmLbtsuHfRx5eQy3zxeF1llBvkUDayxzYq29tqwloPNCECyhZl17j69vZA-3S1jvYqRT0fMRrIMqMphJ7s0sXmJHS4Yw0UF25DpJ3Tbvn_lH2jxmA5xnjym8uE39CvA4Odd7SJpKRN1QcDvkrG_wagIH6wBvfB_gY-V0eA0mmu_X2KEKrxRuOV4uXs2Kbz1QyeFL_YpErfTXxdZOYyxtbKUxXFjcULPwv0AW4FlKHCBrTMb0WsNEIay2cgI1OjhNz5Rm9kdQ93e8kTzQqCidWwN92yC3FGedV_Ab_VEUbvoD4yVFwpyzP6lwqYUMgJ92BCzFJKRD6CU9DCHfZgbDtFCJaLq_uOxHhFTptIEe9aaiWW4p2Xl1CqjL5-9tFUBNiGSK6Gpnq3-nX9sTDxpkSH2nnBQ7EUK-_5SERFmTKA7ann1tj9BdK2SCXW53CtARXGYZ9cclTpHhLMiYuyprCSUuFAQ_Visu64UkYx4UbjqIR7sFOQzdujabR-1BaO7EHUZudCKLecPLbiLw3g-krl6yyRgXueCpEgxpreETYu-1AruY7aktu67IudmgDgg6L-u6OxUhwTCRlCacFNKOm2uJ8f0ToxAFdsJ_d21HAYkLqwG6WXlYiTL3CXAGEttVv2wd8ndjeIlQBkGiSgOvG51UI6zHZ3_GV0tjWWjsyV6FIJfNwRbGKccB62IbayIvX5a2SjQTC3dbC4Z9w&cid=CAQSOwBpAlJW6STbz8fKczpy_cpuzEwe0F39zkaHxZId583qXlIpdqEowLfwpvfHE72dkWXshmloc1fJGJl7GAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=7070455800893468000&adk=1278077692&idt=210&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 07:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
29974
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 07:12:53 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 268E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPtcOnoihVTILqckShDLonZJlHAVdECveC76Ael4jW10I_B4WFZ1VMapQD7gv-OxHxG5GZfefuqjOIdqI2Eb7K9uqRUCLB6x2lI_vPWEPFdxBUnxoSDSsIaoszjNJ5C-2xyfMeF9fe6P6lg4992Tb0yJXPfBNX9b3PV2doc_G90mO_1Dc&cry=1&dbm_d=AKAmf-DS4qes2t4hbuka5ypZpJbw9iDO-3_cwfyFrF9k3bp_2o-ny8NUPijPyzKKXhN9LSQ7Qv03WuYjs2DAmOPY37j-G_slSIySZPONQ8PGxkJi0BXo-c_DanH6cbxmgv5gzN0JUyHxUfvexiJP1ptKhtxFgEqfqbP90iNuZsc-FZ_ksVdxU3tBYSxVAkxf33A97uWumJiJvqFYW4eB5NYEs4sipjkMtb9dCxkVRIhE5nawV1Wi1m6YKx_0nfaxcGBhk6Nn0Yw0OcFka5cH44XF5WTZPW3fanKbCj8l444ITEEtG6DHF26FJGAP3PGNrILP4U2F7k4_Q-aph7ricuG1XV7xSMBlL_lzRk7RldRkDEs2syYDsfH3aG-Jz3vbdqtxsyBSr3dTn3L7gkwgbRHYamioB-8pl6jYasy4N8e1DkNWinxJQsRI0Y0IL840lCpAAulYTvYnQ8og7WsVXqIq8fR_RiudkHTBLR7KXA0p0pY817cjFpGpOzQNb5l2pi87c2TB236eAlfEe_hdRBthYTVCqTMjmNl2T1ldMwXyKQxt0RBYO-ZCJoQeGg7bDbQPCDx06u7r3SviUtap7JW_O-fYFuwDpJQLtW08dbw622VZRP4a-PUpAdEiqxgRmQJmWpIdXpmFNf2KfGAb56HIZXrFvriKuSA150CH9qq66--71-C_pbB0ZYTWviVX0vFYcLHWYi_RpydZYNJXPQ21s_DXVmAetrCH6tFmR2uG9eOkmvJjKcKcNW-EwGlBNbi4pEk5wuZAagpbTnbudCKCfQ56s_kP4l5Il85j4vSqJfyGoI346EX4ElJ9z1gmh9169ZWvjhkgdupuUqDuRaAO70x_V5qLV0IrQT2q46m_bqBZcT7272OO5NE9xeL-NE2hPGxcOC8T7fab-fyxihugXJ9DWCPt-cdGVXx2k4FA_UHS5Ukz1tnusVHbXh5XZVytZiqEUBVN6Wkkzoih_71QwCHYecQ20iuMrBSclLG81i_XY4plqRRzc5oEfhCCWbx5t568aFPtC1zMqVFP6-5I8UsoVa6L7KIAqsLky5PNXVGRF2uztZvlJ__HeETck7UD8z0KK_iuPsLeEIULo27OYyNcojfbZZMU_aI4FuMi_e1fPukLN86QFZEZJsq99MLiCun3R7tzMFtiWH0_KD6_YT2JrRHfwYjvUrzVZN4iXTZTkK14QUTZ7oWhAsI84d1Wc9_2XzuM7wfuhTn94kB23wW-YSFAlRE4tU1TWvqowKlcfxWHP-bz7DepYC8Jaj4AeEJpJ2uXV28D4RRuu_AQoTwsjKJq49_Hdeed2LHOlHWPawgoLfoNz0WMMy71b2j5UwlnXrrMIVElqps7WaJ1cJmYI6HfR8RbfNX0U9UWSCdAa3dSIbBTjMEOXXl6-mDBWJpHUewQv0Eqy8AmaBbpWh71Kpe9cbvv3Yu5kJ2JGfpU3jZYeWgPpZFNkgUUiU_P9sm1FQpQre2xNx1F_Fuunwk1UbXz41r5fSu0cb_UbBBXkCCeSb6yilZeSY3OZwpkGCvwuQWCwzuSNVsqnaTEQZB0GgCIaie6CXLDrQuCxSVOHwnU_MHDJL3SsYu_PHKdMilZcsm4LUB-sbxP_7JbHZGlfYLOl3DPIMippDTs9lZeQ9Z3oNlrjyF2D2D8g4eIPlRjakM5wiPXDoslA5vIM8at2LOMLnZHqpBHrVEAN662UIxWUmEVDYKICBNcgGKFbXpC3pTQU8RyH3522oY0T7yYVmYuhcddbdgd0GCbZGiYSo0fWHvqGwBSf74WD2Q1DVGzbC6p8VLX8X8gJ5BNVEmUFA_JJITt9srK-TCnV917Gd_zaZVJKL5WPACxMIvmb-2uTtLEi5gB4cxmAf6awqkqmtmxL0PT-qWs_NPpBfcGIH5DRi8kZzs8m9ZnjvzIQfUHiQwU-kDcieD6d2lEzIzYb162Dhg7JhW8O0f-A-rDDrSljgg27AL5oW8looM3i2t4yL_jhn5OV0YyK_rOa17uRItCwuxTgt0ofp7u03tqWbclNa0wsc4ZkesCToEd1-EPf9UJpY48Mq29P050K4BS4XyOCZzZru1YVffJR3HLz-LdPZsXAzM_Qt6-3VBWlgIbqyV2vH4ZUQIx2qWZRndARIgFnpQ7jSl1DUCHMh4fo09NJcdItidWtPWsbeJMbN4qr8ctIY-WerfV6z3Z9EM3UQsKwM4FzqVE9jTRHW7TRLoD3o1uEvie_ee7wb199_m0pCbsh_rSfiNG3RTznvG8xiQYN33Id6vxONVWBqOySU1olKl3YBG9K7gTUH6zb_Mp2pFAEmKG4Q96aPz6XlcVj53d7XZW-SZw3TZxiYUSWcxbHvvKb1JdcZsfuE6eEz5jDyh62HSuPMPSR8OM1oD0l8zmx_GQnYt5My3f6kmmi5_nEk1CAUem4cJ10b3EK8W41WrHZPoW0a4H1XfzBteWnGq92eOyMw4X2rbQfUB7RLIviwO-oTQczeZJ2t5w3wDNJ9fSw98t1gcfdEVFwC1iAWzzZSjtqWeQDmAo8m8N2trkRr9VLWMHTe3swDZxqVm4fkzQy211J3fkvlg3Prb8AKOYrjz3H4p5p0f2ofI5YLsGCaQBwDRZ7m8itYATb4veKL1tjXlyrWbTNqhivetjQRKlb5t3h4R1zY75igoOTqZ0NaM7EWf_9-_cJy-NdVCh2V9KVm3Z2dOgkQTsPeM2xFDaYRrvp5quIw6x8HDqJOkxB2YMb710qIkg8ZDuxuQvquNeEQbEMpO9bhJkrEjh5T0pAnsqQWNPA5im2ZflC4XGFMtnfyi0do_oPzazFo_PTTw4y-DfgXOTPEQqOebgaIfUKB4nQ1VevRuPJVocFiVsnu_mpV6BDZPMUxu6vOeIGbfSrCc3mfcatHxGCkus7qTvkx9KhE0OLJIwaedWeBLXOPEPDFHN4IbpTazMCzmJ69kyOoDrU647s3TvU4dAW9ofYOZi1SfqX9b3cnyYdvI3wmkmFb4WLynx2HEZtlvybNWdcguYqFXY5ugL6kNL4q1qGvW7gLyX_IpTpXM9jJ6uBhXbRzPrD6gItu1_bsY47j27YHcWBH-oT8FRD7wzTDVANSyED5Rl_LJ3-Xi30e0oMStiBswFaVFpThNWETwuJpMacSBgYEz-O6R15QLvhGqlQzyigsx-nyhq-rf5OxARgmexpjjQWBkqr0umq2WwZYWw5HysobVpK18Ad4QtEjRF2e0xuqFWgsl5scnQ2ow6fnFoSIwksLEEy55v2zpYqpMaIlStmh-GerjNiM8dBBPAKGJ_ZizxFEo5x9S7AJrOkdFP38yQmLbtsuHfRx5eQy3zxeF1llBvkUDayxzYq29tqwloPNCECyhZl17j69vZA-3S1jvYqRT0fMRrIMqMphJ7s0sXmJHS4Yw0UF25DpJ3Tbvn_lH2jxmA5xnjym8uE39CvA4Odd7SJpKRN1QcDvkrG_wagIH6wBvfB_gY-V0eA0mmu_X2KEKrxRuOV4uXs2Kbz1QyeFL_YpErfTXxdZOYyxtbKUxXFjcULPwv0AW4FlKHCBrTMb0WsNEIay2cgI1OjhNz5Rm9kdQ93e8kTzQqCidWwN92yC3FGedV_Ab_VEUbvoD4yVFwpyzP6lwqYUMgJ92BCzFJKRD6CU9DCHfZgbDtFCJaLq_uOxHhFTptIEe9aaiWW4p2Xl1CqjL5-9tFUBNiGSK6Gpnq3-nX9sTDxpkSH2nnBQ7EUK-_5SERFmTKA7ann1tj9BdK2SCXW53CtARXGYZ9cclTpHhLMiYuyprCSUuFAQ_Visu64UkYx4UbjqIR7sFOQzdujabR-1BaO7EHUZudCKLecPLbiLw3g-krl6yyRgXueCpEgxpreETYu-1AruY7aktu67IudmgDgg6L-u6OxUhwTCRlCacFNKOm2uJ8f0ToxAFdsJ_d21HAYkLqwG6WXlYiTL3CXAGEttVv2wd8ndjeIlQBkGiSgOvG51UI6zHZ3_GV0tjWWjsyV6FIJfNwRbGKccB62IbayIvX5a2SjQTC3dbC4Z9w&cid=CAQSOwBpAlJW6STbz8fKczpy_cpuzEwe0F39zkaHxZId583qXlIpdqEowLfwpvfHE72dkWXshmloc1fJGJl7GAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=7070455800893468000&adk=1278077692&idt=210&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 06:26:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
32738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11585
x-xss-protection
0
server
cafe
etag
30886230758233217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 06:26:49 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 268E 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:22:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
558599
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Sep 2024 04:22:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A2FE 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84910
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 15:57:17 GMT
etag
48472445140208031
expires
Sat, 09 Sep 2023 15:57:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 268E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a578de7e84533a074f798db577969c90c27bdd809913d301fb0cca56c85d46e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
videoplayback
rr1---sn-4g5ednd7.googlevideo.com/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://rr1---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1694302346&ei=CpD8ZMbGC5q06dsPpaOQmAg&ip=2001:1b60:2:240:3247::5&id=51c789f23360735a&itag=22&source=youtube&requiressl=yes&mh=mW&mm=31&mn=sn-4g5ednd7&ms=au&mv=m&mvi=1&pl=29&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=60.023&lmt=1688652117619929&mt=1694273127&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAMEW1KZQP-U5ej6pd36sUXtiUJd377cytk2tyzMgz7g_AiAGx4mM1LuRDCcKdlJpVy0C3PKqa4HjUsmz1NUulXAjtQ==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAM8lQR6T-R-z8t7rvwQ5xC9Bg2RQ7-mq-pXvhR7W9a6iAiEAv7uE4Tg-fHKKSUiqK1ZjN2vu_b8_zYzLDPC0v-qMXLs=&cpn=OvJuI1iZTXlt06GN
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:16::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 09 Sep 2023 15:32:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Jul 2023 14:01:57 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-7362944/7362945
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
7362945
Expires
Sat, 09 Sep 2023 15:32:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7906 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Sep 2023 15:32:27 GMT
truncated
/ Frame 1A63 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d59d16de2ae537b1191d02a520417356103c4ec446bfefaa9d5c990ba0cd57b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 1984
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOgDmBLuE3piAt1epyRIPgI&google_cver=1&google_push=AXcoOmT4h32J0healo0vzq6uqqZFlJg3rCQzAmUkuh_6ImNeDtfgSyBXdz...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmT4h32J0healo0vzq6uqqZFlJg3rCQzAmUkuh_6ImNeDtfgSyBXdz7mobyWow4jjp3YYo8ouoHzAhDxOjraIppm4HBmyg34&google_hm=PxggZfM_9NEL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmT4h32J0healo0vzq6uqqZFlJg3rCQzAmUkuh_6ImNeDtfgSyBXdz7mobyWow4jjp3YYo8ouoHzAhDxOjraIppm4HBmyg34&google_hm=PxggZfM_9NELvvdgBonQVQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmT4h32J0healo0vzq6uqqZFlJg3rCQzAmUkuh_6ImNeDtfgSyBXdz7mobyWow4jjp3YYo8ouoHzAhDxOjraIppm4HBmyg34&google_hm=PxggZfM_9NELvvdgBonQVQ
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1984
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFJjV0dVcmMxUUVaV0g1&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmRHjeqYaBAz-WB48Ati-j4j-LNHLqq8zKMiDaJR2dZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFJjV0dVcmMxUUVaV0g1&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmRHjeqYaBAz-WB48Ati-j4j-LNHLqq8zKMiDaJR2dZ04kyins1CxZy9By_AMPC0IT8UgAV5u_v4anJeB8uLJovNjYGb-9gg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:27 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0dcb732bd13b1eb84@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFJjV0dVcmMxUUVaV0g1&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmRHjeqYaBAz-WB48Ati-j4j-LNHLqq8zKMiDaJR2dZ04kyins1CxZy9By_AMPC0IT8UgAV5u_v4anJeB8uLJovNjYGb-9gg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1984
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJXKfaYwx9GPCOvLOdY5-b0&google_cver=1&google_push=AXcoOmRykmEkglLf-QZKjrAyggcIndTBaNiP6GAceDP-f9-L8ic1CMrGDGEJNvCwMnjY5Wk7x5fNCO3Eadjxb7qGBpfSAgRbQM-3
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=34C39FA5833F4624848DBA65E3ED7214&google_push=AXcoOmRykmEkglLf-QZKjrAyggcIndTBaNiP6GAceDP-f9-L8ic1CMrGDGEJNvCwMnjY5Wk7x5fNCO3Eadjxb7q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=34C39FA5833F4624848DBA65E3ED7214&google_push=AXcoOmRykmEkglLf-QZKjrAyggcIndTBaNiP6GAceDP-f9-L8ic1CMrGDGEJNvCwMnjY5Wk7x5fNCO3Eadjxb7qGBpfSAgRbQM-3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Sep 2023 15:32:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=34C39FA5833F4624848DBA65E3ED7214&google_push=AXcoOmRykmEkglLf-QZKjrAyggcIndTBaNiP6GAceDP-f9-L8ic1CMrGDGEJNvCwMnjY5Wk7x5fNCO3Eadjxb7qGBpfSAgRbQM-3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 08 Sep 2023 15:32:27 GMT
dds
rtb.openx.net/sync/ Frame 1984 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEK-_6_EqlKLokuHErMk_Otk&google_cver=1&google_push=AXcoOmT76lA2iN-3baYySDplJfVMGJ3mw1FyzIasuoPHoPviLvOzvgLBGtFkV_58efAOE5C2sCH7JRA-zl7e0FfNtWXutIyeXoBh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 1984
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aj3SRPHbRKOh73yJIa3zRQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aj3SRPHbRKOh73yJIa3zRQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSH9SwmVLb25C7aWzCnRPBU7F0a4fA7J9u6g7Tzfkt9DdYHpwOUBCyMyfWjV8Qqp3jYQZ0wjiqQqEXz3FwMnmHp_lKFytug
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aj3SRPHbRKOh73yJIa3zRQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSH9SwmVLb25C7aWzCnRPBU7F0a4fA7J9u6g7Tzfkt9DdYHpwOUBCyMyfWjV8Qqp3jYQZ0wjiqQqEXz3FwMnmHp_lKFytug
date
Sat, 09 Sep 2023 15:32:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
ebda
match.360yield.com/match/ Frame 1984 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEPr4ZGTCf0DpDkucbyLrg14&google_cver=1&google_push=AXcoOmTbcYpTE7kGNtw3WuJ2qHTc9IcmmRO7aA5NzXKu0psPlwsPPSxu0QnmsPwD3-Xx7PXClSbYqVbDnq3tD86c6yPa9NUnJPWg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.81.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-152-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Sep 2023 15:32:27 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 1984
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEtax3EzPvdazmPjt9958E0&google_cver=1&google_push=AXcoOmRaDHiELFINNImYChbUNPLPAo6QQozsr_qa1msJAgTYI3N0l-UuJsRFe5kJQrYSMBDPOnc8P4shWAiuiFYwylc9ECC_yxDW
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRaDHiELFINNImYChbUNPLPAo6QQozsr_qa1msJAgTYI3N0l-UuJsRFe5kJQrYSMBDPOnc8P4shWAiuiFYwylc9ECC_yxD...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAzMTM5NzM1NTY1ODQxODM2ODk5NQ%3D%3D&google_push=AXcoOmRaDHiELFINNImYChbUNPLPAo6QQozsr_qa1msJAgTYI3N0l-Uu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAzMTM5NzM1NTY1ODQxODM2ODk5NQ%3D%3D&google_push=AXcoOmRaDHiELFINNImYChbUNPLPAo6QQozsr_qa1msJAgTYI3N0l-UuJsRFe5kJQrYSMBDPOnc8P4shWAiuiFYwylc9ECC_yxDW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAzMTM5NzM1NTY1ODQxODM2ODk5NQ%3D%3D&google_push=AXcoOmRaDHiELFINNImYChbUNPLPAo6QQozsr_qa1msJAgTYI3N0l-UuJsRFe5kJQrYSMBDPOnc8P4shWAiuiFYwylc9ECC_yxDW
date
Sat, 09 Sep 2023 15:32:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 1984 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JmcK_UacRZj5ePdeamI-f8l8Fya46BKaOv2ejTCu7dGglXwN_kFfZ0XZWIieST4bmUgjwn
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 0325
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOgDmBLuE3piAt1epyRIPgI&google_cver=1&google_push=AXcoOmRgnz0xkOltZ2oHuYEVu_BKnrajxesjhQrGfURupsJkZCmNKTFYlI...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRgnz0xkOltZ2oHuYEVu_BKnrajxesjhQrGfURupsJkZCmNKTFYlIRwTqcN0n-x2WckxymiIBbBXnl06fijkXQFsnAvubdp817V-Qj0K0MF2a3olxJkSdg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRgnz0xkOltZ2oHuYEVu_BKnrajxesjhQrGfURupsJkZCmNKTFYlIRwTqcN0n-x2WckxymiIBbBXnl06fijkXQFsnAvubdp817V-Qj0K0MF2a3olxJkSdg9UGTScTd6vKOrCiYzSVsx5KWALMwRAOy2Zfs&google_hm=PxggZfM_9NELvvdgBonQVQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRgnz0xkOltZ2oHuYEVu_BKnrajxesjhQrGfURupsJkZCmNKTFYlIRwTqcN0n-x2WckxymiIBbBXnl06fijkXQFsnAvubdp817V-Qj0K0MF2a3olxJkSdg9UGTScTd6vKOrCiYzSVsx5KWALMwRAOy2Zfs&google_hm=PxggZfM_9NELvvdgBonQVQ
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 0325 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJIPnR1Q-1e6b-r1lfzCGHw&google_cver=1&google_push=AXcoOmS2GZBoD6Aop9exGSfauQ_wb-5yEdXZiaAYb8JKZ5D3Gx6hWMx4E_mu_sO6iLIFjupaqEZ9jPXRQnksb6CfoOxQqt3p04Z6m5ub9iuXHDRoI6u_vMa6Md7iTELFGlHGs_JH70xD-gMZOeZQ0tNQV3c6TQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 0325
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFJjV0dVcmMxUUVaV0g1&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmR-grsx1DBOsJK0DCb6kapSoWw3uDlqB4AxdzwcDLV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFJjV0dVcmMxUUVaV0g1&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmR-grsx1DBOsJK0DCb6kapSoWw3uDlqB4AxdzwcDLVF2J2nIT3MvftR6M4S17ZBS81rZ_qlCvdPGApDhnrZtZnRKw1gtKGu1ynwTQFpg9m-LvMgOiO_1E6hpbs6iUtUZPPXxHKtnA1kJuG_mU4pPovyB4M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:26 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0310c9e42ac8c94ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFJjV0dVcmMxUUVaV0g1&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmR-grsx1DBOsJK0DCb6kapSoWw3uDlqB4AxdzwcDLVF2J2nIT3MvftR6M4S17ZBS81rZ_qlCvdPGApDhnrZtZnRKw1gtKGu1ynwTQFpg9m-LvMgOiO_1E6hpbs6iUtUZPPXxHKtnA1kJuG_mU4pPovyB4M
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0325
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJXKfaYwx9GPCOvLOdY5-b0&google_cver=1&google_push=AXcoOmSMbZV8yYENqRD8qyRQSsqbewCVskILwDdxXDzw7ZoOePN3dI89GX8-osF7WMlaygFPcVkquRMvbmTsqZ0jAjeI6g3mvs36mH...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C476D90D8D114802AA1EAC9476111498&google_push=AXcoOmSMbZV8yYENqRD8qyRQSsqbewCVskILwDdxXDzw7ZoOePN3dI89GX8-osF7WMlaygFPcVkquRMvbmTsqZ0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C476D90D8D114802AA1EAC9476111498&google_push=AXcoOmSMbZV8yYENqRD8qyRQSsqbewCVskILwDdxXDzw7ZoOePN3dI89GX8-osF7WMlaygFPcVkquRMvbmTsqZ0jAjeI6g3mvs36mH4v3A-037b44ocgT4ormsp4ivKoN9gtrr-mNl-a9E8jS7B4do47iDRQLNg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Sep 2023 15:32:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C476D90D8D114802AA1EAC9476111498&google_push=AXcoOmSMbZV8yYENqRD8qyRQSsqbewCVskILwDdxXDzw7ZoOePN3dI89GX8-osF7WMlaygFPcVkquRMvbmTsqZ0jAjeI6g3mvs36mH4v3A-037b44ocgT4ormsp4ivKoN9gtrr-mNl-a9E8jS7B4do47iDRQLNg
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 08 Sep 2023 15:32:27 GMT
pixel
cm.g.doubleclick.net/ Frame 0325
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTydY...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-j3ymTBem5QrYVbhsopcMJQyz6BJ6Vl9EI1Gevg&google_push=AXcoOmTydYPQhqhqYQQfvcA29hKF8DaqnW5AFpqPAG2x7TaNvR5-ce_OsawM2tx6K3wp3R0Dlnh0BY6s5mqs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-j3ymTBem5QrYVbhsopcMJQyz6BJ6Vl9EI1Gevg&google_push=AXcoOmTydYPQhqhqYQQfvcA29hKF8DaqnW5AFpqPAG2x7TaNvR5-ce_OsawM2tx6K3wp3R0Dlnh0BY6s5mqsrs_WsfvWrG4XQoggFO8c7QUXxgAVWCSyJeGtrz-tChsyKLcFxn2F1CyfxNb2j65ME9ShXZPC8A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-j3ymTBem5QrYVbhsopcMJQyz6BJ6Vl9EI1Gevg&google_push=AXcoOmTydYPQhqhqYQQfvcA29hKF8DaqnW5AFpqPAG2x7TaNvR5-ce_OsawM2tx6K3wp3R0Dlnh0BY6s5mqsrs_WsfvWrG4XQoggFO8c7QUXxgAVWCSyJeGtrz-tChsyKLcFxn2F1CyfxNb2j65ME9ShXZPC8A
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
850319
content-length
0
expires
Sat, 09 Sep 2023 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 0325 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JaGflIJ9Gcl8liUSwHiV3PiFJKic1NPGHBe3Nn-3y-YRcscBp978Wj4og
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame E025
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:27 GMT
expires
Sat, 09 Sep 2023 15:32:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:27 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Sep 2023 15:32:27 GMT
InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 7906 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6426159062837453930/index-be1f7599.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6426159062837453930/index-be1f7599.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:20:24 GMT
x-content-type-options
nosniff
age
723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14644
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 15:35:24 GMT
InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 7906 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6426159062837453930/index-be1f7599.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6426159062837453930/index-be1f7599.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:27:23 GMT
x-content-type-options
nosniff
age
304
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28596
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 15:42:23 GMT
2307_prepaid_halbjahrespaket_vertikal.png
s0.2mdn.net/4528404/ Frame 7906 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/2307_prepaid_halbjahrespaket_vertikal.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57272de8182992c7b7401e2e936966ca75fec35b83dc6a535e6aa7634aa9a98e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=YEaMD8hqE1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 13:51:51 GMT
x-content-type-options
nosniff
age
6036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2076162
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 09:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 13:51:51 GMT
4.js
static.adsafeprotected.com/ Frame 7D40
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-3216231935713038&ias_chanId=1&ias_placementId=20343400544&bidurl=https://www.bg3.co/a/fa-h...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_CpD8ZNfuMo6Y-gaa-ovAAw&cbFunctionName=goog_wrapCb_CpD8ZNfuMo6Y-gaa-ovAAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassba...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_CpD8ZNfuMo6Y-gaa-ovAAw&cbFunctionName=goog_wrapCb_CpD8ZNfuMo6Y-gaa-ovAAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Server
2600:9000:223f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding
gzip
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
date
Thu, 07 Sep 2023 19:04:41 GMT
x-amz-cf-pop
FRA56-P5
age
160067
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
bXLsjJIgNTllh-wpCq9gQ28EudQRZAdHfwnq8t-FGV97CrXIo1ojuw==

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
server
nginx
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_CpD8ZNfuMo6Y-gaa-ovAAw&cbFunctionName=goog_wrapCb_CpD8ZNfuMo6Y-gaa-ovAAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame C0D5 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
30498971
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
AYUa0iwlCJWK5Ymr7yaNWDThNm3cfT_0UHRyYfPj34fZ47fPpWfneg==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1B71 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
540167
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 09:29:40 GMT
expires
Mon, 02 Sep 2024 09:29:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/8545329873006492075/ Frame 313F 		142 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
91284
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22810
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 14:11:03 GMT
expires
Sat, 07 Sep 2024 14:11:03 GMT
last-modified
Wed, 09 Feb 2022 10:36:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7D40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstiCYzpghA7PoTQDUWh384vdfqw1u4AJOOIbQKI31V3bLY3GB3j1OyfDnmU3vcY7OHyvhkoJ-C6CnY5sPBx4NSEGjMaFt3WbdvRLUWV9wrEF9jAmaeOa00-I3tU_CyiKn4IfjIvoFBzxCugaV93K6y33Y3iZt2T_OrST7FDaAr1m9ekeBvqDwDsnT7DE6a_8lbzUUYW2ZazOZVBy9wCXnzHBeN79E_3g_6F6d5uyIBIV5rmVh1knwPpD8yakjNTni69LnfdUmg3T_YearWFNwblGeE-JbyU6v8Gwv3ombP1wyG6wIhLPBDvdP2tHq41nnIlC-b_Lf78BaOY2httAO0iM5jMjfzWDcuSGk1sik6bF5nokYAEA9BwLq68Pydt91vBGnztLl_8d7FCfIS8jGYfAbrbfaVRuGScija8MsgoiKPYtD9cBQULVsOHxwTPX3J08vFbsEzOrCrmoaBFc0VFDJpdGXq17Izk85f8cz2eea9yD62T3CT00-7KHVBubQEbzwaQp98x3ZYbtL85Z3l-TiKqVtt_B0I4MGpYOymOs1wSoG08fTI9z9jxzQ28gauA6A_PAxN8hxotm71vnlI9Lj5bcHIJ4bLzQ-0dFRJ0BbYFZcIcfqOXShAYumr7ygPWtWL2hx4t-jRpOpT_82Ae11okG5W7vOpjUZQctwKLEJ5gjSlhZfaoZ2VQocZzgdOhiEyt5YeRTeYGuKBAnRI4xUEMnCNP9eCIVyy33jD8NnMgjo5VfN3C-cqNQ9R37mfEBuC7cmu2kZE3od3fb8Efp6FXdZs_V6MjTmLR4l6hwaFeTH135g997jcKFhTst1IVRKqzumWFsYptynFKfBbLtIFdJIVl_wKKqbXWPu5iNf9OUy2HvttFdZnXmjYgark0PR3mvEgcWA2Va6iswKa0dpF93yl9rmkGRMSlLmVXNKyVRREBD40oOiXp1k5rs0mvJ_ERvepMmehN8qF78XuOZktg3fPAxw8gmRuyx6LPkKkpeYmhgri-TofW1lw738e81WwCb50U39--8NwC4YdNgzbrRPvXN9HpVCQaIPNz8WhW89U4glALS_HTupczzr2eZgJGFIeb4OUJcvqt1F_YABXD7x7sPpC4l3LXt_7N3MXqDey2daTWTYcRNUQ17iyQmasKtQr8OMEL6hyoavyNusYuGq0WTp5yS580No-pnV4OW33oW7rleL2HHMZwdx-Bd760lcsecLP_pzOdJwJoW9zNc0YDkk-r8rTqGkS0BTRFppY6Ssyek_br0HI&sai=AMfl-YRFKwX25cnyXKzRg4iA9qu23ZACZcvmbmv8L10SIbc8wMykBtg3rp-oojGeMCNdJvRxg2VSktzfVbxONLZbKKJUAzM4CF5HXKP9s9g7n1MOX8oKS3b3KEwl2Mam_ncShmATiEAndPlJ6UBN0J8Z-VxMAOSTw-Ip-UQf2nSE-Xw7C80l9FUo7FTc0CPy2TvR7snuo5rekfH6&sig=Cg0ArKJSzGFrz4ggv3jaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=575&cbvp=1&cstd=572&cisv=r20230906.75356&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 09 Sep 2023 15:32:27 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 268E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst0GkZKmx-bU8bZ6NyabMQd98cn_z9LW3GOewi4Qe0OLjdvs0ui5qRaRiaPFFOfa-Ae1Th0L1_mMaBzimD6L1ygrz6p8ruE-rq3G6qyPC1bgsNYU62zj2PBEV9ykI3BzPVfjDeyfjftbjiMjRX4zBjNzULGJVzzQ4nNJnE-_u6u7Mi5vuz9MQSfVJtp-d4mLbxpZ7CUF_2Mqc0iRwcAz3xMIiNLwnkR-NGtxyRc_JJ7KfLfPQqhOrW95JtSxmr_bamim7e6-06mPgPVjWNrobly8Nfbya8sMby1_Rk2B91DYd8ov8X-ZyihzRmZqtezrN4aHh13YGg53StnVsLxtJsTWRwqhG6O31lCzzSF6FH6NzX4UDo7wdhdcU23EcwdqEP8B-B87NNYnkjMpjzbpFvENRl2G6sjFvZYz3IkwjjsCO5cG_-JdtqpXPNU3sofr3Sg9vtGZqoAQbNW1l_53N7d-JVZqOz5O8XrCwLBcrSCS63FOVDG91Zxd5KFSPNZKxUwD0w5rMxPv19Qr3y-yZ785xjegWzvTTV54MT3eCN1wWnnp9nXX7YWVEs9W0qp6FYI4_0K_20JxhMoGCS4QCFfef5Uu_Yy-Ya98Lqbp3g9brJtGhcu9UX49DLucmgLyNPF4JXY9TqjpofrlINiVn5H_o3eKqyQ9Yl-tsjaf1fn6tKPcezeJAqL4QU0Ym8SppMHG5aqBGbpzlwXwzchHzPmlZvAw55J0CMtadeQ0gplYXp89D3gyscm-XankG2CtJMC3T4gPK9HzGAb93K9DqVrCx52Q2MDPtZ6N2uxfgFjPjQBNQ0RDUcgwkQBpIujkGB9W5VtDxJgn4I5bTfauEZVXOnHSW2dsS6a6TNyaiJ-oUzfXllw_RYo1CnYA5eMkilTczK4vYw3esNJZvfRJKycC0vm-aIUpi7S_F2wOPzYHnefVFLeGm8fxbOs0HRZjqWZ90Mu9d-rGx6lOGhQeCZ2EXYzH61gmg8N4LGyfMxaPixcT9qyso6ft32IUpoz9IctDjPJLqQYEMiXy1kdWD9rp7np39RJQybVyZDHv9MoSssKhwRn-0z9jUgNW-uxk_9eTUUDpIse-IZn0g-WFhcf5kR_Gq5i8EIjZI82ofDpsWluYsz2bSKKvUb6m0lxqm5hfIALaMhWDZCsghBT7GQNULJnVtH7y3hS-IbMkNraDltya6SHjUffetW7LnM0e_gr-XvpQtdhSNgWdCYveaYEgP07qR9ZBGqX&sai=AMfl-YRonj3rIPgGaBUPqR4GDTxXuuGmqTTr7Nab9yJsmJeUsTHBm2inZuZvtdMWJzKFWImIZm1umWENt_tuYWIvwg1KjZ8W_X-XcaJLixWD2VWbiMJ9hgNvHjPe4NKXJGVaQllQwY5e3LT3XhqjaOOM1-PNRziJyZfKq5fzo_0MnKLqUE34xmwPetdVw86ov5Qek2cP3SkFkpWsdycvEhUM_KgIqA158xCbf38F0cy3IveIiSL-dg7QuAd1sOKs2wgTw8FB&sig=Cg0ArKJSzP6Vf6f0KHO4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=357&cbvp=1&cisv=r20230906.90804&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 09 Sep 2023 15:32:27 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:32:27 GMT
9150291078721736478
s0.2mdn.net/simgad/ Frame 268E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9150291078721736478
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8098f89873bf6b58ca48a2797fc926f133e128a251c9c66578ef0f8695597899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 09:51:36 GMT
x-content-type-options
nosniff
age
452451
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8106
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:45:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Sep 2024 09:51:36 GMT
pixel
cm.g.doubleclick.net/ Frame A2FE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFJjV0dVcmMxUUVaV0g1&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmQRvnAUnWGVFJPgTV25CfUhXMOE7mbVpy2EoyuJW_Y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFJjV0dVcmMxUUVaV0g1&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmQRvnAUnWGVFJPgTV25CfUhXMOE7mbVpy2EoyuJW_YKpY0aaJRYq0m-njPM6Wa-D4Eumf5wEggAyiT3sTzdoEAAB9WimQAqaRKeYzSdIG43yuhrNpRNaGnmKck_C1OEF5NgEavHG5DiqUmUMohuge2_
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:26 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0310c9e42ac8c94ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFJjV0dVcmMxUUVaV0g1&google_gid=CAESENLNTQOt-rvbFEQVn1t5TkM&google_cver=1&google_push=AXcoOmQRvnAUnWGVFJPgTV25CfUhXMOE7mbVpy2EoyuJW_YKpY0aaJRYq0m-njPM6Wa-D4Eumf5wEggAyiT3sTzdoEAAB9WimQAqaRKeYzSdIG43yuhrNpRNaGnmKck_C1OEF5NgEavHG5DiqUmUMohuge2_
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A2FE
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJXKfaYwx9GPCOvLOdY5-b0&google_cver=1&google_push=AXcoOmR5Sc-9Sz_3ZTS0kiVO1T9cLXIOIMkRLLhUkRX2GRO2oYukObvtlLem1TBopxv61-v5VI5s7hNcyRLV_E6yJpvWgWif8tVU-I...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C476D90D8D114802AA1EAC9476111498&google_push=AXcoOmR5Sc-9Sz_3ZTS0kiVO1T9cLXIOIMkRLLhUkRX2GRO2oYukObvtlLem1TBopxv61-v5VI5s7hNcyRLV_E6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C476D90D8D114802AA1EAC9476111498&google_push=AXcoOmR5Sc-9Sz_3ZTS0kiVO1T9cLXIOIMkRLLhUkRX2GRO2oYukObvtlLem1TBopxv61-v5VI5s7hNcyRLV_E6yJpvWgWif8tVU-IBXP7eOn3SyX1DhPFEZFYStvwaKuNjCVuRa539pesorxcva51amQwgd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Sep 2023 15:32:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C476D90D8D114802AA1EAC9476111498&google_push=AXcoOmR5Sc-9Sz_3ZTS0kiVO1T9cLXIOIMkRLLhUkRX2GRO2oYukObvtlLem1TBopxv61-v5VI5s7hNcyRLV_E6yJpvWgWif8tVU-IBXP7eOn3SyX1DhPFEZFYStvwaKuNjCVuRa539pesorxcva51amQwgd
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 08 Sep 2023 15:32:27 GMT
pixel
cm.g.doubleclick.net/ Frame A2FE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmStQX...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-j3ymTBem5QrYVbhsopcMJQyz6BJ6Vl9EI1Gevg&google_push=AXcoOmStQX2YYPP3D-F61gH5aU7hbalK6_43uM7pp31O32E9eD6uH1zxXbQ0zaW-Xo61FctlQGjlXXx9Ihhn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-j3ymTBem5QrYVbhsopcMJQyz6BJ6Vl9EI1Gevg&google_push=AXcoOmStQX2YYPP3D-F61gH5aU7hbalK6_43uM7pp31O32E9eD6uH1zxXbQ0zaW-Xo61FctlQGjlXXx9Ihhnsizeqgd7L7BQfj2H_ExUCUmpf2YZ6D56acBSChc4f_Q1D40UxUylrBa170cUi7H57MtEDoY0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:26 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-j3ymTBem5QrYVbhsopcMJQyz6BJ6Vl9EI1Gevg&google_push=AXcoOmStQX2YYPP3D-F61gH5aU7hbalK6_43uM7pp31O32E9eD6uH1zxXbQ0zaW-Xo61FctlQGjlXXx9Ihhnsizeqgd7L7BQfj2H_ExUCUmpf2YZ6D56acBSChc4f_Q1D40UxUylrBa170cUi7H57MtEDoY0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
646159
content-length
0
expires
Sat, 09 Sep 2023 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame A2FE 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEK-_6_EqlKLokuHErMk_Otk&google_cver=1&google_push=AXcoOmQNQ8yBYy3vAZiwTscCig54H1uMePcithWe3uks06gUGi505uDSDgBOf21bjoieY7HhU1jsn-cakbgvrylUPfQG9CNvlYJdO_SXnXFrDJz2g4_h5u_adxQGh6F5kYs9jVzh2HYQK1HRDEcH04b3UsMb
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
ebda
match.360yield.com/match/ Frame A2FE 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEPr4ZGTCf0DpDkucbyLrg14&google_cver=1&google_push=AXcoOmRIp9akKxfDCSPH34A8KDty_PPKMM_0BmKGn62C0tp5st1XdVFFyvDXlQI6vlRRGQG3cfYxjgxv7kAqhRkS9Eu9F8jHHz0I7ELxVbfHqOmAWtO0jG0AWNGMIVZw4BOsXvgKbvfYl3F0x9bdJ8C2Rwd4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.81.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-152-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Sep 2023 15:32:27 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame A2FE
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEtax3EzPvdazmPjt9958E0&google_cver=1&google_push=AXcoOmTmC0HAAJ0stFkhcduyhQAxaLPwPY3qfRa9iqsrDYR3j9ACGmfsngFXbwLWyQsWVv753I-SO2XfRClvlh8jVPcMEhgc_E...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAzMTM5NzM1NTY1ODQxODM2ODk5NQ%3D%3D&google_push=AXcoOmTmC0HAAJ0stFkhcduyhQAxaLPwPY3qfRa9iqsrDYR3j9ACGmfs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAzMTM5NzM1NTY1ODQxODM2ODk5NQ%3D%3D&google_push=AXcoOmTmC0HAAJ0stFkhcduyhQAxaLPwPY3qfRa9iqsrDYR3j9ACGmfsngFXbwLWyQsWVv753I-SO2XfRClvlh8jVPcMEhgc_ElwK5GJRAvzUsIpO1zip_DVVoW5DMXw2FI1YuEukh8EayssJGbcEXMv1kYQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAzMTM5NzM1NTY1ODQxODM2ODk5NQ%3D%3D&google_push=AXcoOmTmC0HAAJ0stFkhcduyhQAxaLPwPY3qfRa9iqsrDYR3j9ACGmfsngFXbwLWyQsWVv753I-SO2XfRClvlh8jVPcMEhgc_ElwK5GJRAvzUsIpO1zip_DVVoW5DMXw2FI1YuEukh8EayssJGbcEXMv1kYQ
date
Sat, 09 Sep 2023 15:32:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame A2FE 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENCZtxWeTCWLhTuuYN-s90o&google_cver=1&google_push=AXcoOmS1rSy8FatFO2RYP0VetztwAI7Zya1Wtweid8OEHhKU0uVffAF2RcuJ4m39NMHEBkt6EBE38c0xJWaLRlG3X5ycg-3iMqRn8D1caAk8qb0IN2ltKuXGhLzZ03VZmmnTtvlKB4XDHlPkWPsoYctqIL1y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:26 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame A2FE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KLavGRgW5XoUJuI0_8dp2evlBbXRl02hW8LDULMBulC1Kb7rTUSQT3nVeNQjJta6IWzwx8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301104&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545174&bpp=351&bdt=968&idt=791&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=2&ga_vid=1834406724.1694273546&ga_sid=1694273546&ga_hid=1538644274&ga_fc=0&ga_cid=amp-er-It84ly8bNYNvbtW01ug&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4021760817&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077329&oid=2&pvsid=1709641182838345&tmod=885878604&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t1tx5yab41qv&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dc_oe=ChMIgJTt5uydgQMVN9wRCB0D1QE6EAAYACCxmOVcQhMI_Kuy5uydgQMV_C8GAB0BAgXk;stragg=1;&timestamp=1694273547536;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame C524 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgJTt5uydgQMVN9wRCB0D1QE6EAAYACCxmOVcQhMI_Kuy5uydgQMV_C8GAB0BAgXk;stragg=1;&timestamp=1694273547536;str=nextSlide;strtype=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 7D40 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=2bb6590b-ce8b-163e-9705-ebc2f763eab6&tv=%7Bc:nJFMlE,pingTime:-3,time:150,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:31%7D,%7Br:r,w:300,h:250,t:145%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:150,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B142~0%5D,as:%5B137~0.0,5~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPnh8M8+11%7C12%7C13%7C14%7C15%7C16%7C171%7C17211%7C17212%7C1811%7C1812%7C1911%7C1912%7C19131%7C1914%7C1a1%7C1b1%7C1c%7C1d1%7C1d21%7C1d3%7C1e%7C1f1%7C1f21%7C1f3%7C1g%7C1h1%7C1i%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1k3%7C1k41%7C1l%7C1m111%7C1m2%7C1n%7C1o1%7C1o2%7C1p1*.990511-61634100%7C1p11%7C1p12,idMap:1p1*,rmeas:1,rend:0,renddet:svg.us,siq:33%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:dd90:d3ef:9f10:1c0d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 7D40 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=2bb6590b-ce8b-163e-9705-ebc2f763eab6&tv=%7Bc:nJFMlF,pingTime:-6,time:151,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:151,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B143~0%5D,as:%5B137~0.0,6~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPnh8M8+11%7C12%7C13%7C14%7C15%7C16%7C171%7C17211%7C17212%7C1811%7C1812%7C1911%7C1912%7C19131%7C1914%7C1a1%7C1b1%7C1c%7C1d1%7C1d21%7C1d3%7C1e%7C1f1%7C1f21%7C1f3%7C1g%7C1h1%7C1i%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1k3%7C1k41%7C1l%7C1m111%7C1m2%7C1n%7C1o1%7C1o2%7C1p1*.990511-61634100%7C1p11%7C1p12,idMap:1p1*,rmeas:1,rend:0,renddet:svg.us,siq:33%7D&tpiLookup=ao:www.bg3.co*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:dd90:d3ef:9f10:1c0d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame C524 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgOuJLHDOp8Vee2WEaxcORBqcTF264iTXoZ-s9Evk79gFZ6zm7dLLPfT6uTBoJkSCdqQKH2Mbmr7KoSlNqRjAemQEGTEUz0-xwn6Eov2MT3zZ_iJsmk1iWgwctNE6aHNfi4LeFv6y9rVHE&sai=AMfl-YRA8grJBtFjCTTBdoHsEdACyxnIb4pbMSJ6-FAcC9KgnOf5zvHotEq24uX378x_mcYz-n1vHBO7tnZTPF9XYvmbXpQWCZ3rmmqcDafQn-zA5lTBMFB_LGyYtJU&sig=Cg0ArKJSzBhicw6nyZQTEAE&cid=CAQSOwBpAlJWOwEOeVWVzBRuNgIMEGjF9j3_ZAgXdejfUAiICnonz4Wap3yyoCIMegoickCM8JxxfvCDYHsRGAE&id=lidar2&mcvt=1142&p=1110,315,1200,1285&mtos=1142,1142,1142,1142,1142&tos=1142,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694273545413&rpt=1000&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame F165 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Pg51rfv9gX63RRxj2F8pu4dLuozJSbaVRPlm7aNm54Zyc0Bs6o-ANJCIujWtDj3uAhlUIhNx5VI-ugUsAFwxhpLUuC9ldr0Lzt-pqLYVuYIKhaZKtVftp0RtwzF3o8fA1KuYM7uD951HCS0Whhx_QmDs8tPMU_ejQeGu6pZDkBkx14zzdgB9FXtx0Ma4aaEc_-sYT0bloWon-b5gX4ua4IaEG6_3v-fF1t-J8I4jS0U_Q0b30F4Q2Hy-eG2BAQOsKVLdUg&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7C58Hxn0eUIii%2Fkmq2wnLVQ2R8ddRjkxgVfUPINM2tqpI%3D%7C&c1=jWCgqsKSUoVFRn1nDdqpV7Y9aN30-SCQnkitsQysvAG-o98jW4OIjXJtO-EdunHXsxjqtpYLNAlI5Ac5YNqTwyAjT15rAUiWXwSHS75XlYcJ_FKDmO3_KTVxteVdCc1GotHafeGpkWWXukEfBcPdYryD1BTPxARDfAEtijnI3u7zLvwhMIQo5JK2yJqUa0sQLWmyT5_OMkKuRgRfUfMqM6gFsjzWmpSOgtIXcYy1uMJw1HBM_ZlbeDHWbLBSTM-iaDS-7G-vXiR75d1nepYfE-egXAzjhIdjTaP_27VUWW8jZTxFVspxO7bBsyK4mAF_Eno7uE02GeuSsooJq6LTT4UbcaglPdh_Axd9NFET9ZggkL0jNr-qb9eIDCtIAhd3Mb1UpwKiKKx5inFvTdDqPCVBr3JkiQ-nbpCfAc-_KNTY1vNlVen_kPCyQ8AfZGXm3P4Y3Cd0DTfwPMG0HcBSO1Su_JofjQ-5Gat128y3y-JNLneYpEdVCiqO8fgecf93Yw3PzgMvqfSvc4m3T7ZGnaYloWzGs-TNs-UhqOv9TI4iuFm5z3nrynwVpcilw1wgaCrft7v7fs8uzD9Wl8FCbWwUuJBgEZz5LoatZqOx96R30H6lOaOBL2pywSBNhAGE44FApKzr_QQ7xBfn9ycccJBY2oGJrSaDB9GQMfRPWFOsKumjBUyPZwZUQSak3PkL-iN6tFunhRlFyvodhpwIR-I14lY_u8kNzssH3pmURBfYUcYJ6kcl_G230VcK6566TgfEMSvqZ6nxS3GGOPeiT1_0fhLDBnavTUvX1sg3dIZPcx3-NI0u3V_62Df8zhJgIIiEeINbBNQTHb8FoiBNAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 09 Sep 2023 15:32:27 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 94E4 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96260f46ee09ae07a93e6f76ded9b1e266409328e777adc531e4e068741b1400
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11825
x-xss-protection
0
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 313F 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:44:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17268
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 10:44:39 GMT
dt
dt.adsafeprotected.com/ Frame 7D40 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=2bb6590b-ce8b-163e-9705-ebc2f763eab6&tv=%7Bc:nJFMmB,pingTime:-2,time:209,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:856,beZ:857,mfA:860,cmA:861,inA:862,inZ:867,prA:867,prZ:883,si:888,poA:889,poZ:912,cmZ:912,mfZ:912,loA:1007,loZ:1010,ltA:1065,ltZ:1065%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:31%7D,%7Br:r,w:300,h:250,t:145%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:209,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B202~0%5D,as:%5B137~0.0,65~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPnh8M8+11%7C12%7C13%7C14%7C15%7C16%7C171%7C17211%7C17212%7C1811%7C1812%7C1911%7C1912%7C19131%7C1914%7C1a1%7C1b1%7C1c%7C1d1%7C1d21%7C1d3%7C1e%7C1f1%7C1f21%7C1f3%7C1g%7C1h1%7C1i%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1k3%7C1k41%7C1l%7C1m111%7C1m2%7C1n%7C1o1%7C1o2%7C1p1*.990511-61634100%7C1p11%7C1p12,idMap:1p1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,siq:33,sinceFw:176,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:dd90:d3ef:9f10:1c0d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 1576 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
84912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 15:57:15 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7C63 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
540167
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 09:29:40 GMT
expires
Mon, 02 Sep 2024 09:29:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 5E65 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?F-VCNw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 7A5F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301119&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694266346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694273545422&bpp=368&bdt=1199&idt=949&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D67cde87ce0d7abdb%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MbucgxSygwb6-is9mv4lcFCp2xuzw&gpic=UID%3D00000c9f98ccd330%3AT%3D1694273543%3ART%3D1694273543%3AS%3DALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg&correlator=6638320243726&frm=23&ife=1&pv=1&ga_vid=2108848729.1694273543&ga_sid=1694273546&ga_hid=2114376657&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1617&biw=1600&bih=1200&isw=336&ish=280&ifk=1000515276&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076838%2C20222283&oid=2&pvsid=3069060205503212&tmod=1976970537&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ln2uhr1i5c9e&btvi=1&fsb=1&dtd=961
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
84912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 15:57:15 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Sep 2023 15:32:27 GMT
generate_204
tpc.googlesyndication.com/ Frame D0F9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tx2uTw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
s.thebrighttag.com/ Frame 53ED
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=JKAAcJ4lNanHZdrQr9VW7JdxFXugr7Tz
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=JKAAcJ4lNanHZdrQr9VW7JdxFXugr7Tz
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Server
3.130.41.166 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-41-166.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
x-bt-requestid
156e0f30-4f26-11ee-8536-0000ac170017
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=JKAAcJ4lNanHZdrQr9VW7JdxFXugr7Tz
date
Sat, 09 Sep 2023 15:32:26 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
824689
content-length
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D6A0 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CemwzCZD8ZMWZObub9u8PtLyyeIHz9e9yy6KRpekRsJAfEAEgw5W3dmCVgoCArAegAZyv-6gCyAEF4AIAqAMBmAQAqgT9Ak_Q5U-wXGPBxvUyZl1KaRMtp2JBxv0OFVvF77swvvcMi9pE7QmdlHoxWHBmovUMzQ2zIwhQbkExshoMqDaEV9ycTPti6yRbe1zOqLMxrWyPzd190bjG3C8EyId_60l2XU71v2E_ro_SBr82684S6n24H8bYWDZCS5fWkV64Gi0EY3hJAsWjwrvTNJEj0wwHb9HHKmUUT90ljZSEUb8LzZNpjHMwYXlphkClDxeTr58Yq1LSmTwAHgg4sVyCkUBIpiv9h9aUcTNlCDivrIoqlEXcQgtiXJFJYvBLQlGqZdtZ9ht7kN0GoEpGFYM0rse6L8AhrhZkEGhyMvEb81af5E4f2dO8mT9Jtm7dI_K4yYeZAnUUhvUAX-DS3DXJTPPoJ8iOr7ngI1TCGCq3ollPBddpXq_C64-xcurVNlPxENwsxworeJmArpeDeDocZSkRzxwJUy3oxT-pzckSlhS1osqOzO4bAzOmTFxF-NkeyOfJujfgVotjFcHH1i7bssAEubSGv8cE4AQBiAWfv6eyTKAGVIAHzNCE1wGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6sQmPM8evJHTjxoAKA5gLAcgLAdALD9oMEAoKELDDidztubnkLRICAQOaDQEPqg0CREXIDQHYExPQFQGYFgH4FgGAFwE&sigh=MDkzLum7D3I&label=video_ad_loaded&sdkv=h.3.588.0&vci=Ck0IAhIOYWQudmlkdmVydG8uaW8aElZpZHZlcnRvIEFkIFNlcnZlciADKiA1NWFjOTBjMWJjNjYyZTkzZDdlN2M3YzBkNjA2NjVhMUCFAQqPAQgBEhhwdWJhZHMuZy5kb3VibGVjbGljay5uZXQaB0FkU2Vuc2UgBCoMNjEyMzc5MTUyNzE1Mgw2NzI0MjkyMzE1MDlA1wRSIxAPJQAAcEIoAToLVWNlSjhqTmdjMW9CCWdvb2dsZWFkc1AAWiJkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1vbWlkLXZpZGVvGAE.
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 94E4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Sep 2023 15:32:27 GMT
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 1B71 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
84912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 15:57:15 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 09 Sep 2023 15:32:27 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
243015
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
225301
expires
0
rid
match.adsrvr.org/track/ 		63 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
207210d8864b8be559db7548030a13698f73c5c3a5678c6bca09c46cf12d69e3

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Mon, 09 Oct 2023 15:32:27 GMT
checksync.php
contextual.media.net/ Frame 4F83 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a042db05b3deb9bc8f9219d7789eab00b3abb930f5a9baeb5901da6a8619a4bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8472
content-type
text/html; charset=UTF-8
date
Sat, 09 Sep 2023 15:32:27 GMT
expires
Mon, 11 Sep 2023 15:32:27 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3C1C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
32217
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 09 Sep 2023 15:32:27 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3448, 157959
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220107-FRA
X-Timer
S1694273548.886792,VS0,VE0
/
onetag-sys.com/usync/ Frame B0AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1694273544377
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 455F 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sat, 09 Sep 2023 15:32:27 GMT
/
csync.smilewanted.com/ Frame DF66 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80407be9ed1e2c62-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 09 Sep 2023 15:32:27 GMT
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 7815 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
337
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
80407bea5c0eaca4-TXL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 09 Sep 2023 15:32:27 GMT
expires
Sat, 09 Sep 2023 19:32:27 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 0BCA 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-89.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10920
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sat, 09 Sep 2023 12:30:28 GMT
etag
W/"cba3476b12cba88403393b498cdbcb0a"
last-modified
Wed, 02 Aug 2023 17:35:11 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 480621bee17f1606dc6189ca75ebbc74.cloudfront.net (CloudFront)
x-amz-cf-id
k1kajyPSU9kDfEAAnKfkj5yV_-w_N5CDjgMmSvV8Ts6-szB_X9rwuA==
x-amz-cf-pop
MXP63-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5
72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256
54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pd
adpushup-d.openx.net/w/1.0/ Frame 61A1 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 09 Sep 2023 15:32:27 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame CEEE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Sep 2023 15:32:27 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 37F2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Sat, 09 Sep 2023 15:32:26 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694273547809&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1548&pt=-1956913285&tz=120&viewable=true&ddast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ufrlt_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
15bb78aee04d907026025679d99816d4486a45351857c2a833b1d1711876fad1

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sat, 09 Sep 2023 15:32:27 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1447
x-cache
MISS
x-served-by
cache-fra-eddf8230057-FRA
pragma
no-cache
server
nginx
x-timer
S1694273548.822304,VS0,VE48
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4DF8 		42 B
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-xtVg7XT__Ufh5Rf9xzYpz3rncXufQQeGAJroXrwm3EXykW9Y8OL18AYkuHbl_nGUv_ySJPPgNbuPj0LC-6R8ssD9cVfUe98hhGsm0osfbG3YPreoHgciVUhhJpzOz8Vup30feqQYx2ho&sai=AMfl-YSSLxSonWkJQh3-eYErd24ffBcrmzLj839M50q_ZyX9QOqiGFLZnKXX2Q1xZFxc1PmildmeI8IGy5t4Bqj9As4bCdTrQu3tBddBlDHSVKhP6v4Mox6iJZSwySE&sig=Cg0ArKJSzPc6e6eow6PNEAE&cid=CAQSOwBpAlJWO2qr2FZPrx_Y7_ggE5iQPQJ0GbZVhOHjC4MW_-MNbKTjmn9BM9W6mEFBsNqN2frhWLBcFKxOGAE&id=ampim&o=295,60&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1092&mtos=0,0,1092,1092,1092&tos=0,0,1092,0,0&tfs=1031&tls=2123&g=100&h=100&tt=2123&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame D6A0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CA4YgCZD8ZMWZObub9u8PtLyyeIHz9e9yy6KRpekRsJAfEAEgw5W3dmCVgoCArAegAZyv-6gCyAEF4AIAqAMBmAQAqgT6Ak_Q5U-wXGPBxvUyZl1KaRMtp2JBxv0OFVvF77swvvcMi9pE7QmdlHoxWHBmovUMzQ2zIwhQbkExshoMqDaEV9ycTPti6yRbe1zOqLMxrWyPzd190bjG3C8EyId_60l2XU71v2E_ro_SBr82684S6n24H8bYWDZCS5fWkV64Gi0EY3hJAsWjwrvTNJEj0wwHb9HHKmUUT90ljZSEUb8LzZNpjHMwYXlphkClDxeTr58Yq1LSmTwAHgg4sVyCkUBIpiv9h9aUcTNlCDivrIoqlEXcQgtiXJFJYvBLQlGqZdtZ9ht7kN0GoEpGFYM0rse6L8AhrhZkEGhyMvEb81af5E4f2dO8mT9Jtm7dI_K4yYeZAnUUhvUAX-DS3DXJTPPoJ8iOr7ngI1TCGCq3ollPBddpXq_C64-xcurVNlPxENwsxworeJmArpeDeDocZSkRlx3rByeSGx87BhKLyPssjTQezyKjJhWs0ldr4GHzQOQFCIzNepOq60CZOcAEubSGv8cE4AQBiAWfv6eyTJIFEAgSEAUYDzDa5oGbo77i41GgBlSAB8zQhNcBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRCPtJ8BqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJ6QFodHRwOi8vd3d3Lmhlcm8td2Fycy5jb20vP2hsPWRlJmRlbGF5ZWRzaWdudXA9dHJ1ZSZueF9zb3VyY2U9YWR4X2Fkd29yZHN5b3V0dWJlLmh3X3diX3VoXy0uY2MtZGUuZy1tLmEtMjU1NC5hdS1icmFuZGZvcm1hbmNlLmNvbS1uZXdhYy5scC1kZWxheWVkLmNyLWh3X2R1bmdlb25yb29tczI4Yl9oX2VuXzYwLmR0LXlvdXR1YmUuY2lkLTIwNTA2NTk5MzI3LmFnaWQtMTU2NjMwMDk2NDQxLmNzZC0wMTA5MjMuLYAKA8gLAcITBhicr_uoAtgTE9AVAZgWAYAXAbIXHgocCAASFHB1Yi04NjEwMDUwNjE0NjQ1MjYzGO2-cQ&sigh=-F3xgnnMhow&cmd=Ch1jYS12aWRlby1wdWItMzEzMjg5MzcyNTYwMzkzNRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ase=2&cid=CAQSOwBpAlJWuEV88B5OR2Z66Qz1siQ1XCUUSkwXt-sE98s2FqFp3J_7m2ysRJHJxI_ExxPKC9UTq0oescEIGAE&nis=4&sdkv=h.3.588.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame D6A0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 21:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152700
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Sep 2024 21:07:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D6A0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.588.0&e=44770823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&id=ima_html5&c=2272763273246357&domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
magic.png
bgstats.mox.tv/ Frame D6A0 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
tracking
ad.vidverto.io/delivery/v2/video/ Frame D6A0 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/video/tracking?vast=tracker&vsp=0xqz19oKHwKWXYuYE091ouTgSaVD1ri9kUqEP3JA99Ls6hAUNnxbO8%2FbFGq0v1Z3tczfA6uw8898DqRzEA5yHojSLTKFOxjl1yEKan4Y92gqOhz5UPINGXIs4bEb%2FuAXRr9pGcIdG8GIrN%2F6HU1l%2Bs9UmOghjF%2BR5YzOBc61LNSTPTVxb84ppsqsrcTLWyuZN4yHZhclzfB5JA8a40xY4cr61CwqA4yH7EFiokQFXCmt7Lsu%2B%2BWlbkTb1YgK5xMh&cb=1694273545
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D6A0 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CArzqCZD8ZMWZObub9u8PtLyyeIHz9e9yy6KRpekRsJAfEAEgw5W3dmCVgoCArAegAZyv-6gCyAEF4AIAqAMBmAQAqgT6Ak_Q5U-wXGPBxvUyZl1KaRMtp2JBxv0OFVvF77swvvcMi9pE7QmdlHoxWHBmovUMzQ2zIwhQbkExshoMqDaEV9ycTPti6yRbe1zOqLMxrWyPzd190bjG3C8EyId_60l2XU71v2E_ro_SBr82684S6n24H8bYWDZCS5fWkV64Gi0EY3hJAsWjwrvTNJEj0wwHb9HHKmUUT90ljZSEUb8LzZNpjHMwYXlphkClDxeTr58Yq1LSmTwAHgg4sVyCkUBIpiv9h9aUcTNlCDivrIoqlEXcQgtiXJFJYvBLQlGqZdtZ9ht7kN0GoEpGFYM0rse6L8AhrhZkEGhyMvEb81af5E4f2dO8mT9Jtm7dI_K4yYeZAnUUhvUAX-DS3DXJTPPoJ8iOr7ngI1TCGCq3ollPBddpXq_C64-xcurVNlPxENwsxworeJmArpeDeDocZSkRlx3rByeSGx87BhKLyPssjTQezyKjJhWs0ldr4GHzQOQFCIzNepOq60CZOcAEubSGv8cE4AQBiAWfv6eyTKAGVIAHzNCE1wGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2gwQCgoQsMOJ3O25ueQtEgIBA6oNAkRF2BMT0BUBmBYB-BYBgBcB&sigh=36Yrmj6WOMc&cmd=Ch1jYS12aWRlby1wdWItMzEzMjg5MzcyNTYwMzkzNRAAGAI&label=vast_creativeview&ad_mt=0&sdkv=h.3.588.0&vci=Ck0IAhIOYWQudmlkdmVydG8uaW8aElZpZHZlcnRvIEFkIFNlcnZlciADKiA1NWFjOTBjMWJjNjYyZTkzZDdlN2M3YzBkNjA2NjVhMUCFAQqSAQgBEhhwdWJhZHMuZy5kb3VibGVjbGljay5uZXQaB0FkU2Vuc2UgBCoMNjEyMzc5MTUyNzE1Mgw2NzI0MjkyMzE1MDlA1wRSJhAPJQAAcEIoAToLVWNlSjhqTmdjMW9CCWdvb2dsZWFkc0iPBlAAWiJkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1vbWlkLXZpZGVvGAE.
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking
ad.vidverto.io/delivery/v2/video/ Frame D6A0 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/video/tracking?vast=events&token=nYnucsu879KWtyHJDKnlKtHUPSTzHXVAR8LkdhAMATKG3rAc3eDg8u0gYiX8G%2FsLyH1%2FH9jqo2oYV3ZjrOoU3yktk7Xr1kNXC8uaRDGmp0VTEWtIPRpV28oYR1zBuLHDdSssWnKiHMZ7UX7vlIzYigQN6JmJkI7hy47QS%2FFjq1PFCkSy%2Bogxm9fChTPIVC9jE5%2FJeK117b1WkMUTgulMEA%3D%3D&cb=1694273545
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
tracking
ad.vidverto.io/delivery/v2/video/ Frame D6A0 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/video/tracking?vast=events&token=5UeeU9xdfUUd3srDm%2BY7uF2TpLPkY0dxx5OJ9G7h6y6XPnz9KFbynrd3Z8Tl0I0F1LzxJ3cJFdKR2aArEmp2r4i%2Fhb9vsk5dLiBYRgufpMxF31aVn6YpcPEaC4rVGji1t2LJxjny3nx2xMqWFVe424bwczTGY3ee%2FPL3qywiGlk262IevLgmwNPbKfDv%2Bs5oM0FfS3qWidOivM%2Bp9Yr13pTm3%2BNHDN1Ixm7wTFV7zY8%3D&cb=1694273545
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D6A0 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CArzqCZD8ZMWZObub9u8PtLyyeIHz9e9yy6KRpekRsJAfEAEgw5W3dmCVgoCArAegAZyv-6gCyAEF4AIAqAMBmAQAqgT6Ak_Q5U-wXGPBxvUyZl1KaRMtp2JBxv0OFVvF77swvvcMi9pE7QmdlHoxWHBmovUMzQ2zIwhQbkExshoMqDaEV9ycTPti6yRbe1zOqLMxrWyPzd190bjG3C8EyId_60l2XU71v2E_ro_SBr82684S6n24H8bYWDZCS5fWkV64Gi0EY3hJAsWjwrvTNJEj0wwHb9HHKmUUT90ljZSEUb8LzZNpjHMwYXlphkClDxeTr58Yq1LSmTwAHgg4sVyCkUBIpiv9h9aUcTNlCDivrIoqlEXcQgtiXJFJYvBLQlGqZdtZ9ht7kN0GoEpGFYM0rse6L8AhrhZkEGhyMvEb81af5E4f2dO8mT9Jtm7dI_K4yYeZAnUUhvUAX-DS3DXJTPPoJ8iOr7ngI1TCGCq3ollPBddpXq_C64-xcurVNlPxENwsxworeJmArpeDeDocZSkRlx3rByeSGx87BhKLyPssjTQezyKjJhWs0ldr4GHzQOQFCIzNepOq60CZOcAEubSGv8cE4AQBiAWfv6eyTKAGVIAHzNCE1wGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2gwQCgoQsMOJ3O25ueQtEgIBA6oNAkRF2BMT0BUBmBYB-BYBgBcB&sigh=36Yrmj6WOMc&cmd=Ch1jYS12aWRlby1wdWItMzEzMjg5MzcyNTYwMzkzNRAAGAI&label=part2viewed&ad_mt=0&sdkv=h.3.588.0&vci=Ck0IAhIOYWQudmlkdmVydG8uaW8aElZpZHZlcnRvIEFkIFNlcnZlciADKiA1NWFjOTBjMWJjNjYyZTkzZDdlN2M3YzBkNjA2NjVhMUCFAQqSAQgBEhhwdWJhZHMuZy5kb3VibGVjbGljay5uZXQaB0FkU2Vuc2UgBCoMNjEyMzc5MTUyNzE1Mgw2NzI0MjkyMzE1MDlA1wRSJhAPJQAAcEIoAToLVWNlSjhqTmdjMW9CCWdvb2dsZWFkc0iPBlAAWiJkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1vbWlkLXZpZGVvGAE.
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking
ad.vidverto.io/delivery/v2/video/ Frame D6A0 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/video/tracking?vast=events&token=Vgrq2BpB43jYXWmKr3b%2BSX2Gs%2FzTrPHRqnqyPs0EemV4rWDcN%2BKJZ1WhHwy7gfNqYPZ1HtYRB3GTJfo3v8DlkX2F4%2BE5TgPvS2p2ptc%2FRPuGwiWK%2Fv8IRvu9C%2Fx13Yl9yUBKEborMlZfe1YBfAcz9yX25bigqXwbOWsdHLJxONuSw0%2BaPuY9ZskpqENAWOe1qt3m7OuBUsH%2FTYtFY3bp0A%3D%3D&cb=1694273545
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D6A0 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CArzqCZD8ZMWZObub9u8PtLyyeIHz9e9yy6KRpekRsJAfEAEgw5W3dmCVgoCArAegAZyv-6gCyAEF4AIAqAMBmAQAqgT6Ak_Q5U-wXGPBxvUyZl1KaRMtp2JBxv0OFVvF77swvvcMi9pE7QmdlHoxWHBmovUMzQ2zIwhQbkExshoMqDaEV9ycTPti6yRbe1zOqLMxrWyPzd190bjG3C8EyId_60l2XU71v2E_ro_SBr82684S6n24H8bYWDZCS5fWkV64Gi0EY3hJAsWjwrvTNJEj0wwHb9HHKmUUT90ljZSEUb8LzZNpjHMwYXlphkClDxeTr58Yq1LSmTwAHgg4sVyCkUBIpiv9h9aUcTNlCDivrIoqlEXcQgtiXJFJYvBLQlGqZdtZ9ht7kN0GoEpGFYM0rse6L8AhrhZkEGhyMvEb81af5E4f2dO8mT9Jtm7dI_K4yYeZAnUUhvUAX-DS3DXJTPPoJ8iOr7ngI1TCGCq3ollPBddpXq_C64-xcurVNlPxENwsxworeJmArpeDeDocZSkRlx3rByeSGx87BhKLyPssjTQezyKjJhWs0ldr4GHzQOQFCIzNepOq60CZOcAEubSGv8cE4AQBiAWfv6eyTKAGVIAHzNCE1wGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2gwQCgoQsMOJ3O25ueQtEgIBA6oNAkRF2BMT0BUBmBYB-BYBgBcB&sigh=36Yrmj6WOMc&cmd=Ch1jYS12aWRlby1wdWItMzEzMjg5MzcyNTYwMzkzNRAAGAI&label=admute&ad_mt=0&sdkv=h.3.588.0&vci=Ck0IAhIOYWQudmlkdmVydG8uaW8aElZpZHZlcnRvIEFkIFNlcnZlciADKiA1NWFjOTBjMWJjNjYyZTkzZDdlN2M3YzBkNjA2NjVhMUCFAQqSAQgBEhhwdWJhZHMuZy5kb3VibGVjbGljay5uZXQaB0FkU2Vuc2UgBCoMNjEyMzc5MTUyNzE1Mgw2NzI0MjkyMzE1MDlA1wRSJhAPJQAAcEIoAToLVWNlSjhqTmdjMW9CCWdvb2dsZWFkc0iPBlAAWiJkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1vbWlkLXZpZGVvGAE.
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F913 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26866d7638768fd7775abb8b9c43a36fc07f94dbe6a04671ac4d6d964b489ebe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11748
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 268E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst0GkZKmx-bU8bZ6NyabMQd98cn_z9LW3GOewi4Qe0OLjdvs0ui5qRaRiaPFFOfa-Ae1Th0L1_mMaBzimD6L1ygrz6p8ruE-rq3G6qyPC1bgsNYU62zj2PBEV9ykI3BzPVfjDeyfjftbjiMjRX4zBjNzULGJVzzQ4nNJnE-_u6u7Mi5vuz9MQSfVJtp-d4mLbxpZ7CUF_2Mqc0iRwcAz3xMIiNLwnkR-NGtxyRc_JJ7KfLfPQqhOrW95JtSxmr_bamim7e6-06mPgPVjWNrobly8Nfbya8sMby1_Rk2B91DYd8ov8X-ZyihzRmZqtezrN4aHh13YGg53StnVsLxtJsTWRwqhG6O31lCzzSF6FH6NzX4UDo7wdhdcU23EcwdqEP8B-B87NNYnkjMpjzbpFvENRl2G6sjFvZYz3IkwjjsCO5cG_-JdtqpXPNU3sofr3Sg9vtGZqoAQbNW1l_53N7d-JVZqOz5O8XrCwLBcrSCS63FOVDG91Zxd5KFSPNZKxUwD0w5rMxPv19Qr3y-yZ785xjegWzvTTV54MT3eCN1wWnnp9nXX7YWVEs9W0qp6FYI4_0K_20JxhMoGCS4QCFfef5Uu_Yy-Ya98Lqbp3g9brJtGhcu9UX49DLucmgLyNPF4JXY9TqjpofrlINiVn5H_o3eKqyQ9Yl-tsjaf1fn6tKPcezeJAqL4QU0Ym8SppMHG5aqBGbpzlwXwzchHzPmlZvAw55J0CMtadeQ0gplYXp89D3gyscm-XankG2CtJMC3T4gPK9HzGAb93K9DqVrCx52Q2MDPtZ6N2uxfgFjPjQBNQ0RDUcgwkQBpIujkGB9W5VtDxJgn4I5bTfauEZVXOnHSW2dsS6a6TNyaiJ-oUzfXllw_RYo1CnYA5eMkilTczK4vYw3esNJZvfRJKycC0vm-aIUpi7S_F2wOPzYHnefVFLeGm8fxbOs0HRZjqWZ90Mu9d-rGx6lOGhQeCZ2EXYzH61gmg8N4LGyfMxaPixcT9qyso6ft32IUpoz9IctDjPJLqQYEMiXy1kdWD9rp7np39RJQybVyZDHv9MoSssKhwRn-0z9jUgNW-uxk_9eTUUDpIse-IZn0g-WFhcf5kR_Gq5i8EIjZI82ofDpsWluYsz2bSKKvUb6m0lxqm5hfIALaMhWDZCsghBT7GQNULJnVtH7y3hS-IbMkNraDltya6SHjUffetW7LnM0e_gr-XvpQtdhSNgWdCYveaYEgP07qR9ZBGqX&sai=AMfl-YRonj3rIPgGaBUPqR4GDTxXuuGmqTTr7Nab9yJsmJeUsTHBm2inZuZvtdMWJzKFWImIZm1umWENt_tuYWIvwg1KjZ8W_X-XcaJLixWD2VWbiMJ9hgNvHjPe4NKXJGVaQllQwY5e3LT3XhqjaOOM1-PNRziJyZfKq5fzo_0MnKLqUE34xmwPetdVw86ov5Qek2cP3SkFkpWsdycvEhUM_KgIqA158xCbf38F0cy3IveIiSL-dg7QuAd1sOKs2wgTw8FB&sig=Cg0ArKJSzP6Vf6f0KHO4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=723&vt=11&dtpt=366&dett=3&cstd=717&cisv=r20230906.90804&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 09 Sep 2023 15:32:27 GMT
index.html
s0.2mdn.net/sadbundle/641018540181893391/ Frame 8352 		75 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea732f76376c1f93798e4ff7078477a9121323b1930e474836f07cbce1f1df29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
222126
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20055
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 01:50:21 GMT
expires
Fri, 06 Sep 2024 01:50:21 GMT
last-modified
Wed, 09 Aug 2023 12:42:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame CEEE 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8ac36cb8e899f57d4673ebfc077f32281d442aaadcef023de37722dbcd809b10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 15:32:27 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Sep 2023 11:06:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70438
Connection
keep-alive
Content-Length
10210
Expires
Sun, 10 Sep 2023 11:06:25 GMT
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
view
googleads4.g.doubleclick.net/pcs/ Frame 7D40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstiCYzpghA7PoTQDUWh384vdfqw1u4AJOOIbQKI31V3bLY3GB3j1OyfDnmU3vcY7OHyvhkoJ-C6CnY5sPBx4NSEGjMaFt3WbdvRLUWV9wrEF9jAmaeOa00-I3tU_CyiKn4IfjIvoFBzxCugaV93K6y33Y3iZt2T_OrST7FDaAr1m9ekeBvqDwDsnT7DE6a_8lbzUUYW2ZazOZVBy9wCXnzHBeN79E_3g_6F6d5uyIBIV5rmVh1knwPpD8yakjNTni69LnfdUmg3T_YearWFNwblGeE-JbyU6v8Gwv3ombP1wyG6wIhLPBDvdP2tHq41nnIlC-b_Lf78BaOY2httAO0iM5jMjfzWDcuSGk1sik6bF5nokYAEA9BwLq68Pydt91vBGnztLl_8d7FCfIS8jGYfAbrbfaVRuGScija8MsgoiKPYtD9cBQULVsOHxwTPX3J08vFbsEzOrCrmoaBFc0VFDJpdGXq17Izk85f8cz2eea9yD62T3CT00-7KHVBubQEbzwaQp98x3ZYbtL85Z3l-TiKqVtt_B0I4MGpYOymOs1wSoG08fTI9z9jxzQ28gauA6A_PAxN8hxotm71vnlI9Lj5bcHIJ4bLzQ-0dFRJ0BbYFZcIcfqOXShAYumr7ygPWtWL2hx4t-jRpOpT_82Ae11okG5W7vOpjUZQctwKLEJ5gjSlhZfaoZ2VQocZzgdOhiEyt5YeRTeYGuKBAnRI4xUEMnCNP9eCIVyy33jD8NnMgjo5VfN3C-cqNQ9R37mfEBuC7cmu2kZE3od3fb8Efp6FXdZs_V6MjTmLR4l6hwaFeTH135g997jcKFhTst1IVRKqzumWFsYptynFKfBbLtIFdJIVl_wKKqbXWPu5iNf9OUy2HvttFdZnXmjYgark0PR3mvEgcWA2Va6iswKa0dpF93yl9rmkGRMSlLmVXNKyVRREBD40oOiXp1k5rs0mvJ_ERvepMmehN8qF78XuOZktg3fPAxw8gmRuyx6LPkKkpeYmhgri-TofW1lw738e81WwCb50U39--8NwC4YdNgzbrRPvXN9HpVCQaIPNz8WhW89U4glALS_HTupczzr2eZgJGFIeb4OUJcvqt1F_YABXD7x7sPpC4l3LXt_7N3MXqDey2daTWTYcRNUQ17iyQmasKtQr8OMEL6hyoavyNusYuGq0WTp5yS580No-pnV4OW33oW7rleL2HHMZwdx-Bd760lcsecLP_pzOdJwJoW9zNc0YDkk-r8rTqGkS0BTRFppY6Ssyek_br0HI&sai=AMfl-YRFKwX25cnyXKzRg4iA9qu23ZACZcvmbmv8L10SIbc8wMykBtg3rp-oojGeMCNdJvRxg2VSktzfVbxONLZbKKJUAzM4CF5HXKP9s9g7n1MOX8oKS3b3KEwl2Mam_ncShmATiEAndPlJ6UBN0J8Z-VxMAOSTw-Ip-UQf2nSE-Xw7C80l9FUo7FTc0CPy2TvR7snuo5rekfH6&sig=Cg0ArKJSzGFrz4ggv3jaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1022&vt=11&dtpt=447&dett=3&cstd=572&cisv=r20230906.75356&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 09 Sep 2023 15:32:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C524 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4907111182581&version=m202307240101&ct=76&x=1&cor=3459143023289294000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 7C63 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
84913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 15:57:15 GMT
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame 8352 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 07:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29682
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 07:17:46 GMT
/
onetag-sys.com/usync/ 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-store
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F913 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Sep 2023 15:32:28 GMT
log
c21lg-d.media.net/ Frame 4F83 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3372751468280720000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:28 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sat, 09 Sep 2023 15:32:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 615C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2680
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 14:47:48 GMT
expires
Sun, 08 Sep 2024 14:47:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0510 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
90608465254fd7de53e5b34b177fc1154d0b9ff6698793a1644004666c644772
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6FvGilCOTxuZ-W0j7kURBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
539
content-security-policy
script-src 'report-sample' 'nonce-6FvGilCOTxuZ-W0j7kURBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:28 GMT
expires
Sat, 09 Sep 2023 15:32:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
async_usersync
ib.adnxs.com/ Frame 3C1C 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
an-x-request-uuid
97310a5f-58eb-47dd-b0c0-198000ee67f1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.23; 217.114.218.23; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame 73F4 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.136.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-136-103.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d8b265d1bc8bda1b76f4fd52e3ab8b41cf58170428605264e91254a06851430d

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 09 Sep 2023 15:32:28 GMT
etag
W/"0ad77c9f420a5082a6ffcc2a3a3ba12e8"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 6562 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 106F 		724 B
927 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8d5d8a47dded81a477a7bc9cf9fe538a5736b165513dbf427d804a2e55ad9feb

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
724
content-type
text/html
date
Sat, 09 Sep 2023 15:32:28 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F9F1 		2 KB
933 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11767bd7c954227520679d637bd5ef6d21afe893afddb77688d5e39fbd5853d9

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80407bec3d4b4541-TXL
content-encoding
br
content-type
text/html
date
Sat, 09 Sep 2023 15:32:28 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nb4Btqkre5bDXqkf8PMe1dZI3%2BigPv47UJtmeI8rJFTd8IxF3yG7tB3V%2BBO2ApUEbGTCtAU9hA%2FKZC%2Fe4uJ%2BytgqUBgHLgYpIdGkUUEk6504d8Bt7HPYW4vaPAs0r%2B6gXlJpSDTE24R%2FJg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DAE2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Sep 2023 15:32:28 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 09 Sep 2023 15:32:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CEF3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30983
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sat, 09 Sep 2023 15:32:28 GMT
expires
Sun, 10 Sep 2023 00:08:51 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame CD1F 		0
526 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e600:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Sat, 09 Sep 2023 15:32:28 GMT
server
istio-envoy
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id
EAqbAvGzGmsA1q1bdy3tu6-2KBofL1ZiwCmNw9iDIDETH2WzInrvng==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame 167D 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sat, 09 Sep 2023 15:32:28 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 50E1 		0
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Sat, 09 Sep 2023 15:32:28 GMT
server
istio-envoy
x-envoy-upstream-service-time
5
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame 0BCA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=5803185560340488745
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=5803185560340488745
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
an-x-request-uuid
d2984c9c-ae9f-44af-8002-b74b30224884
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=5803185560340488745
x-proxy-origin
217.114.218.23; 217.114.218.23; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 0BCA
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=HSwEqGZHX1ykCr5nTfKNWEhI
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HSwEqGZHX1ykCr5nTfKNWEhI
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HSwEqGZHX1ykCr5nTfKNWEhI
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 0BCA 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 09 Sep 2023 15:32:28 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
rtb-csync.smartadserver.com/redir/ Frame 0BCA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=6769197145
  • https://sync.1rx.io/usersync/turn/3306217142786303795?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-cac6fb04-2920-4a19-aebe-4adeb4403511-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-cac6fb04-2...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-cac6fb04-2920-4a19-aebe-4adeb4403511-003
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-cac6fb04-2920-4a19-aebe-4adeb4403511-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-cac6fb04-2920-4a19-aebe-4adeb4403511-003
date
Sat, 09 Sep 2023 15:32:28 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXcac6fb0429204a19aebe4adeb4403511003
content-type
text/html
sync
ads.servenobid.com/ Frame 0BCA
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5109685629568722130
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5109685629568722130
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5109685629568722130
Date
Sat, 09 Sep 2023 15:32:28 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 0BCA 		0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-85
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 0BCA
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Sat, 09 Sep 2023 15:32:27 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
occ
ups.analytics.yahoo.com/ups/58559/ Frame 0BCA 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58559/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 0BCA
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-9b06a3e2-871b-3072-95a3-f952deefeef7
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-9b06a3e2-871b-3072-95a3-f952deefeef7
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-9b06a3e2-871b-3072-95a3-f952deefeef7
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
cache-control
no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58632/ Frame 0BCA 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58632/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 0BCA 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.134.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
sync
ads.servenobid.com/ Frame 0BCA
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sat, 09 Sep 2023 15:32:28 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Sat, 09 Sep 2023 15:32:28 GMT
pbs.gif
sync.admanmedia.com/ Frame 0BCA 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 15:32:28 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
usermatch
ssum-sec.casalemedia.com/ Frame 60E5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f7678fbf2f90768a9615f91d0e8a4ac403d25b52059a4da242e044b823b588

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80407bec3d4e4541-TXL
content-encoding
br
content-type
text/html
date
Sat, 09 Sep 2023 15:32:28 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0yivwPjbn71je6euw2LJsFjk56OBKgv5F1mXXMa5%2FhXop3RxHK75NhDOv62ewm52ddy73pb9XyxcyD6FOT4I6m%2FH%2Fnd7H%2BrOg7bcbd1bYwNUW5wz8o9CQZzyaSAP8%2B8vbZnyDPVqfdG9g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame DF66 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
700735
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
80407bec58592c62-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8314 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bz5r9CZD8ZMDrN7e4x_APg6qH0AMAAAAAOAHgBAI&bg=!mpmlmdbNAAYoa5rMCGs7ADQBe5WfOA67O-zj-v8M449kcyAjyKByl0BRLUSbveRtOfnJ8ap-KQFxXBiHNYuaYnYE2SzxAgAAA0NSAAAACWgBBwoAE9GzOUq6mjJRjGO3mzziH7Iwhf6ZAwr1D0YVzMV6s2ZLaZpChjF0slPMHobYFT7WuY8CImdh9flQIAW1pU7iKmt3QJ6PqMSnxR-k8hqIVxALAtSWASukQ4B2xnbg5fjjT3TbCZ03AUWL-MoVlU5knWCzVH9xiYnJR7UsRVhb1PRQe4aCOWVyT8dqH7ag4Q-u6lmrla7lfZdC4qDAt972p2YyOIGszbaIjRUyCkcBonDbyUe01NhLIwpvlCVo7OnrFAwEXQTlM_3vgvq52plmvtqpD8lDmtvMdajr1l2Cr3Jt28wBbFCdFgs_MrUmbjkYTw5Pe4OT93u7u7a0Aitud6_2OHQWvTpBoMnmHM7DcEH5Ckw3-mjUcs2R68Utv3rR4s-vdlpsrIZRa4U5NbY32mqSEJMeu53kfwE2sMJ9AlXytAKoYdNLu1CfegHgNpXKf34fzjngBVqtjvGLLubrv7_JhoTHZGdUpcYd9LZnwUo1My8XuPxWhPRnV1ZeANYBaOV-uhDftfPE8Da2dd5dOPnWfTBvArCBNyv49T78ME8aGnAwoPzKB7jo8oD7m2TTag1f2k0-szmz7cYbYBE7PNAoea1LnOrLlNd6Vgd5nsH0vdsTWiWFe2V2S7rxklqCuWeqzYgn2vf0CYfIgAb5f50TJVmaFdG2GRz2rbl9Zy5NXuWJHR8-dftwDZRj3Nnln8X6Tw_wdydKCPP2USD6ojHeTG_FRT6N_RHEJ_ZxOoS53gNLuSQemsTISxtklpNhD-x505s-3CsVZ3ZIH2WlWmFYwkNzzv1GxbvcChMaoFH9HWS-B4TYHak_ldAfPWXCDZzdFt23A4hjWEaSz3b68_C1-YS34Gp9T3GP86Obaay6zKFfQMsEsL32ma8nuAfoqawhVryCb8Fay-LQjlHd0vpkbcLEOqiyWOTrlPQV9TfMXl48bL4ZVOr6E2jdfouXEGexaLmDiBUfIdTXb0tdt6e2Vv877_c2RSQ1ZEZ3bBjqChdHAgGbAw_phDh4IobToup3rhOHq17B9dVT3JPqMyL9rVaiEcoIJ2TL6Mm_mgOS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 54D8 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
197796
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 08:35:52 GMT
expires
Fri, 06 Sep 2024 08:35:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
playback
www.youtube.com/api/stats/ Frame D6A0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&fexp=44770823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&el=adunit&cpn=OvJuI1iZTXlt06GN&docid=UceJ8jNgc1o&visitordata=CgszaVhQVUE3R1Mtaw%253D%253D&of=-_xhI4eL4MjOL53E0nwGhA&ver=2&cmt=0.427&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.bg3.co%2F&len=59.977&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=116.0.5845.179&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 313F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
846
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 15:33:22 GMT
flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 313F 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1508
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 15:46:34 GMT
head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 313F 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
474
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3285
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 15:39:34 GMT
head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 313F 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:19:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1610
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 15:34:27 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 313F 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
814
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 15:33:54 GMT
300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 313F 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=184803677&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35961398703449782057&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=1477162822&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=84801006253&ga_cid=amp-er-It84ly8bNYNvbtW01ug&ga_hid=2064745187&dt=1694273545507&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2773&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:29:05 GMT
x-content-type-options
nosniff
age
203
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38528
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 15:44:05 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 268E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsCubiPOeCnsuH2LowDfN9FU1TfS7_heUs1q-lD5VUkKO3QX4oyvMUF6WO0JLQ2QL35ceI15DyTPioaw2mPLGHAalmwDC45tF4_uCmWKQaTmdycbWIGPEJ9SmKIfbBSnJ1NrEZwh1EYZ51&sai=AMfl-YStiW-Grz27n-z5Vxbm5aU-7b8aZDRMopW5oIEXBThLWbxbG4BL5TD5E7pfIiE-et3GXOAV9GgS0bHINmgBekXATd0j4Vp8iSxcHRt_ghFuu-ATTdQzOWsjcUY&sig=Cg0ArKJSzL8cUFeG_Y3QEAE&cid=CAQSOwBpAlJW6STbz8fKczpy_cpuzEwe0F39zkaHxZId583qXlIpdqEowLfwpvfHE72dkWXshmloc1fJGJl7GAE&id=lidar2&mcvt=1048&p=0,0,250,300&mtos=1048,1048,1048,1048,1048&tos=1048,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1587687671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694273546619&rpt=576&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 106F 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=3094586480578561071&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 106F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=SGbYWUdijgJTM4gCTzaTWEpljF9Ta49fTmd-u_za
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=SGbYWUdijgJTM4gCTzaTWEpljF9Ta49fTmd-u_za
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:27 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=SGbYWUdijgJTM4gCTzaTWEpljF9Ta49fTmd-u_za
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 106F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=33885143-8586-498e-8708-776b0fa12a66&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=33885143-8586-498e-8708-776b0fa12a66&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:32 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:27 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=33885143-8586-498e-8708-776b0fa12a66&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
572938
content-length
0
expires
Sat, 09 Sep 2023 00:00:00 GMT
p
a.audrte.com/ Frame 106F
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Y2U4UGlGMU5adnZSeENKN0VOMVZrUk94Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGNlOFBpRjFOWnZ2UnhDSjdF...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=6187144383698912030&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1M...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=ce8NfkWQTqhQgyN6s9ieRLO-g&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=3094586480578561071&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
54.197.82.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-82-124.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 15:32:29 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 09 Sep 2023 15:32:29 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
RX-cac6fb04-2920-4a19-aebe-4adeb4403511-003
sync.targeting.unrulymedia.com/csync/ Frame 106F
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=2822019987
  • https://sync.1rx.io/usersync/turn/3306217142786303795?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-cac6fb04-2920-4a19-aebe-4adeb4403511-003
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-cac6fb04-2920-4a19-aebe-4adeb4403511-003
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-cac6fb04-2920-4a19-aebe-4adeb4403511-003
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
usync.js
eus.rubiconproject.com/ Frame DAE2 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8ac36cb8e899f57d4673ebfc077f32281d442aaadcef023de37722dbcd809b10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 15:32:28 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Sep 2023 11:06:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70437
Connection
keep-alive
Content-Length
10210
Expires
Sun, 10 Sep 2023 11:06:25 GMT
dcm
s.amazon-adsystem.com/ Frame 60E5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KVTPN61GZ4R0CSD3G198
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0MWYS1NQ6Q2NMTVJ2D39
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 60E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOFlSHr3yv7-TqZOKqewkRg&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOFlSHr3yv7-TqZOKqewkRg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qD%2FRg5DXIQCFda8Zi2GjicEiYg0aoMjo131xN40z6VhB0KK1tFYDwEZ2UVFU4hg5CZpHal%2BXongwWCu%2B4jgGIkTVNIY9l6WunkRCt1thWfbSiPXqDphBU6Su8hTzIKJVyPLkPpf3Z%2FRTBw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80407bedf98858f0-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOFlSHr3yv7-TqZOKqewkRg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 60E5 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
server
Kestrel
content-length
70
content-type
image/gif
ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 60E5 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:9368:3d72:e6f:ea07 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 60E5
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685629568722130
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685629568722130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRb52TCD8Wz3raR6mI8PUVqTBXn4EO%2BA2NxAeBSPbt3LNLhkxOxRGdGeRA3jM0auqPnOUiUzsZ5tdRM%2FC1X56lrRaHu3QHj2xpNgFCkc2j68cqeeG0tjCE2aFfoBflNLd37Q%2F3Y1LZghug%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80407bee9aac58f0-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685629568722130
Date
Sat, 09 Sep 2023 15:32:28 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 60E5
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=fa6e3ee0-d999-82f7-ab3288a4
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=fa6e3ee0-d999-82f7-ab3288a4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xf7e33dnK7vmxmdSiVM%2BweOhsm8sBNWE%2BL%2FrZnNpdt73BgdRKsZba5UZAZb%2B6BbojrxxhGPO0PS9xUd8SNyAlzJ%2FLhFtpYxtqJHnY3Id8r5acHdzC2RQE3tbmAk3yNeKZ18%2BkXn0fLloMg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80407bef2be358f0-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 09 Sep 2023 15:32:28 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=fa6e3ee0-d999-82f7-ab3288a4
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
rum
dsum-sec.casalemedia.com/ Frame 60E5
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=juksCIHtelOVvHxTiblnCYzqeA6V5HsOiOip53ca
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=juksCIHtelOVvHxTiblnCYzqeA6V5HsOiOip53ca
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhEq7sZtmJHBkj%2F4eFvlIkX0S5hE7qPG2DpxB7%2FU5gBM9jRDwzsWLKJB43R4n4is3oGneWFuUgChL%2B694ys%2Fe3It0ntpHsnfZa3Gea7Yeq3YYYpgHzjskHt8hydBDIzAV%2BNOvpLC6WQ7jA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80407bee9aa858f0-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=juksCIHtelOVvHxTiblnCYzqeA6V5HsOiOip53ca
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 60E5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZPyQDAAPCXR20gBY
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPyQDAAPCXR20gBY&_test=ZPyQDAAPCXR20gBY
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPyQDAAPCXR20gBY&_test=ZPyQDAAPCXR20gBY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwIww2BBnvLNDubI%2BUu%2BxUVRV6qjkpDAVXferb9kMIqggqEbQdDb9UC4FvYyiOUcf60i3EQU9z9BsyO6unr0xejtY%2FZaQXWBqQfTXatrIWkRuPQvNH9qB8F4N8V71se3nJxiqoOCso30cg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80407bf06e3558f0-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-eddf8230043-FRA
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1694273549.809728,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPyQDAAPCXR20gBY&_test=ZPyQDAAPCXR20gBY
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 60E5 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPyQCRLTghbNSmm1ps0Q9QAA%263225
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
44231
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
80407bedfb6daca4-TXL
content-length
43
expires
Sun, 10 Sep 2023 15:32:28 GMT
casale
match.adsrvr.org/track/cmf/ Frame F9F1 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame F9F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOFlSHr3yv7-TqZOKqewkRg&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOFlSHr3yv7-TqZOKqewkRg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbc3jbE43ZctB6a%2Fc94VKfMhaj%2BgvwSaoorNt%2FW%2FgGk1hIH0bMUtjZ0wpkIDe2fax7iPAJ2vVo6b%2BOZS4sAMcWTc4x0QzgAJvg%2FmZkWoSH50gn9Stei5J%2F1KRM3VsKz2dwPKcpgNoyCsxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80407bedf98a58f0-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOFlSHr3yv7-TqZOKqewkRg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F9F1 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N0G99C1JY1FSA38HYFCS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F9F1 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:9368:3d72:e6f:ea07 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame F9F1
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685629568722130
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685629568722130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAApSU2jSVET5i157E8Ia4oyCfnvckmZKYRFk3zsMRZR4GhlesMP7BjDBoBrVZqyIWeIus7aTI3n%2F%2F8WcwhG%2Fn9hDsd86j8r3kJjKDnKSuRmTpcDR26eYsQDUbBqi6h%2B7f%2Fxwp2duNW%2Fkw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80407beecb0258f0-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685629568722130
Date
Sat, 09 Sep 2023 15:32:28 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame F9F1
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEf%2FJZIZyzGpqQxATHu11MoF9hRLjxhDT3B01vMFh%2FZf9%2F00K8FERn3xDNbz4KjLPeZZxKnxonCennD7Z6kNlNNbiCNB6kwADBoADFBP0fFaIMaNOExTMVnWpPxJO%2Fp3ITdBU7MSTiMgNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80407bfb5a4d58f0-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Sat, 09 Sep 2023 15:32:30 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame F9F1
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709998348&external_user_id=a9a01fb6-0319-4ff8-9e74-92d85af26058
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709998348&external_user_id=a9a01fb6-0319-4ff8-9e74-92d85af26058
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JRKIy1mMwHL9fIFDrTzd48hQNpA2%2BVFDmLLivbixlpq3pPdXn9zF7wMXOgNg8GsfjkpN3jumE6Fa40JsECujUzezVA6SCB%2BHkMcs%2FdcSekx9%2BdhvD1NKyW9wxK%2FmzhJgj4T4NL2bppBmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80407bef2bd658f0-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 09 Sep 2023 15:32:28 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709998348&external_user_id=a9a01fb6-0319-4ff8-9e74-92d85af26058
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
tp_out
d.adroll.com/cm/index/ Frame F9F1 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:2a7f:a7af:d979:6620 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
sync
ads.servenobid.com/ Frame F9F1 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
dt
dt.adsafeprotected.com/ Frame 7D40 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=2bb6590b-ce8b-163e-9705-ebc2f763eab6&tv=%7Bc:nJFMxL,pingTime:-10,time:901,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xNzkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1694273548309%7C%7C75a2736430bb11c1f00871d47f62b814%7C%7Caaf8e1c5fa6f2472e971350e5968c28c%7C%7Cba91e7402cba8b5f9b620bb98e8e8bf3%7C%7Cb2d318a0528433fe24d61f059c0c7cb2%7C%7C6c76c2ade1ece1208aca04019fe2d496%7C%7Cec510b46e627ce7cc987955e0771aa9e%7C%7C49d9d306835ec32c51581972c6cf955c%7C%7C1663701684,im:%7Bpci:%7Btdr:831%7D%7D%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:dd90:d3ef:9f10:1c0d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E49A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2680
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 14:47:48 GMT
expires
Sun, 08 Sep 2024 14:47:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6550 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6e7e4a733e4c62ade2162a888258f6630f6111ca7585921f1ccd5eba7c736d08
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1luzlxQ6VUiZL_-rN8TFqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-1luzlxQ6VUiZL_-rN8TFqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:28 GMT
expires
Sat, 09 Sep 2023 15:32:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usersync
usersync.gumgum.com/ Frame 73F4
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5803185560340488745
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5803185560340488745
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
an-x-request-uuid
afaa8c6f-8517-4fa9-ad56-a52685a5cb5a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=5803185560340488745
x-proxy-origin
217.114.218.23; 217.114.218.23; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 73F4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_b48fd179-349e-41a2-937a-ce3fb3a4da79&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=Qh92YE0bIDtZSiY7RU89YUAcImZZEiFmRB4J3S5B
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=Qh92YE0bIDtZSiY7RU89YUAcImZZEiFmRB4J3S5B
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.196.138.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-138-245.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=Qh92YE0bIDtZSiY7RU89YUAcImZZEiFmRB4J3S5B
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
syncPlatform
sync.outbrain.com/ Frame 73F4
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%286WlGQPzRP0kp71I5lUTEjfonM9T2nP2nLW3-J2hP7OPVdiqgBrE-KnIRtbQ6fII3%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_b48fd179-349e-41a2-937a-ce3fb3a4da79&obuid=ENC(6WlGQPzRP0kp71I5lUTEjfonM9T2nP2nLW3-J2hP7OPVdiqgBrE-KnIRtbQ6fII3...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 15:32:29 GMT
Cache-Control
no-cache
X-TraceId
4ca1a7224d3079c6676a82b323c7be71
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Date
Sat, 09 Sep 2023 15:32:29 GMT
X-TraceId
67c9a4361cc61fb8e5015e313cc893df
Content-Length
0
usersync
usersync.gumgum.com/ Frame 73F4
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=0630fd45-2c68-43f9-9924-bceda4e75ed9
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=0630fd45-2c68-43f9-9924-bceda4e75ed9
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 09 Sep 2023 15:32:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=0630fd45-2c68-43f9-9924-bceda4e75ed9
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 73F4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-54837735-3aa2-5ea3-448f-639b972d75f0$ip$217.114.218.23
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-54837735-3aa2-5ea3-448f-639b972d75f0$ip$217.114.218.23
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-54837735-3aa2-5ea3-448f-639b972d75f0$ip$217.114.218.23
Date
Sat, 09 Sep 2023 15:32:28 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 73F4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-.5COoz9E2pd67yhQ2DWVbFjCR.MUzhILbbbr~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-.5COoz9E2pd67yhQ2DWVbFjCR.MUzhILbbbr~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 09 Sep 2023 15:32:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-.5COoz9E2pd67yhQ2DWVbFjCR.MUzhILbbbr~A
content-length
0
usersync
usersync.gumgum.com/ Frame 73F4
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=92e8af9c-efbb-4b56-8ef3-5686377faac1
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=92e8af9c-efbb-4b56-8ef3-5686377faac1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=92e8af9c-efbb-4b56-8ef3-5686377faac1
Date
Sat, 09 Sep 2023 15:32:28 GMT
Connection
keep-alive
X-CI-RTID
b3db2230-4dd5-4054-aa62-3ad043b5c038
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 73F4 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 73F4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_b48fd179-349e-41a2-937a-ce3fb3a4da79&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=-ZMbrrPMcoV0emvrWe1-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2LK2JVRHE4SQJVRW6VRQMVWXM4SXMUYS2...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=-ZMbrrPMcoV0emvrWe1-&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=-ZMbrrPMcoV0emvrWe1-&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:29 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=-ZMbrrPMcoV0emvrWe1-&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
server_match
ad.360yield.com/ Frame 73F4 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.246.32.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-32-191.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Sep 2023 15:32:28 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 73F4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=ZNXAiICuAe22&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=ZNXAiICuAe22&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=ZNXAiICuAe22&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-gzdsl
expires
-1
usersync
usersync.gumgum.com/ Frame 73F4
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3094586480578561071
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3094586480578561071
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 09 Sep 2023 15:32:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3094586480578561071
date
Sat, 09 Sep 2023 15:32:28 GMT
content-length
0
sync
ads.servenobid.com/ Frame 73F4 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_b48fd179-349e-41a2-937a-ce3fb3a4da79
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame CEF3 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=13809613&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
9d40a16c771c566cdf8ae4d69d6c892e745801815268a313be198fa057aa29c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 09 Sep 2023 15:32:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame DAE2 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LMC6Q1NC-1X-DDAE
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame C5B9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZPyQDAALyhZyCwBV
85 B
171 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZPyQDAALyhZyCwBV
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2270
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 09 Sep 2023 15:32:28 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
11403
x-served-by
cache-fra-eddf8230043-FRA
x-timer
S1694273549.774452,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Sat, 09 Sep 2023 15:32:28 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZPyQDAALyhZyCwBV
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230043-FRA
x-timer
S1694273549.662505,VS0,VE88
pixel
cm.g.doubleclick.net/ Frame A216 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iNDhmZDE3OS0zNDllLTQxYTItOTM3YS1jZTNmYjNhNGRhNzk=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 36FC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30983
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sat, 09 Sep 2023 15:32:28 GMT
expires
Sun, 10 Sep 2023 00:08:51 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame EADF 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sat, 09 Sep 2023 15:32:28 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 35F2
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZPyQDcCo5tAAALg0PRAAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZPyQDcCo5tAAALg0PRAAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 09 Sep 2023 15:32:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 09 Sep 2023 15:32:29 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZPyQDcCo5tAAALg0PRAAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad265.dc4p.scaleout.jp
X-SO-IP
217.114.218.23
X-SO-Key
ZPyQDcCo5tAAALg0PRAAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZPyQDcCo5tAAALg0PRAAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad265"}
X-SO-LB-Hostname
a-tgng40012.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad265
sodar
pagead2.googlesyndication.com/pagead/ Frame 0510 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=3069060205503212&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 54D8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
84913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 15:57:15 GMT
gumgum
cs.admanmedia.com/sync/ Frame ADDE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_b48fd179-349e-41a2-937a-ce3fb3a4da79&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.163 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Sat, 09 Sep 2023 15:32:32 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usersync
usersync.gumgum.com/ Frame 7BBC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=9dk3DQFqnvASlXRLhLJz&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=9dk3DQFqnvASlXRLhLJz&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 09 Sep 2023 15:32:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 09 Sep 2023 15:32:28 GMT Sat, 09 Sep 2023 15:32:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=9dk3DQFqnvASlXRLhLJz&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame D922
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Sep 2023 15:32:28 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 09 Sep 2023 15:32:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
drop_cookie_sw.php
csync.smilewanted.com/ Frame 8349 		0
329 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80407bef1bca2c62-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 09 Sep 2023 15:32:28 GMT
server
cloudflare
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame B12A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309050101&jk=4322213228256401&bg=!LC-lL2DNAAa6D61Rmg87ADQBe5WfOExUNlfWFL39KeZ6xMuETj5aFRj1AaaQmr5Y1Dv05rEveQiEqgyoG-rd_tiVzN70AgAAAwRSAAAABmgBBwoAWWgfyyWnUlFKJeIVw8VSRMxfJClNcKSMVsZsYB_kVccQRGrym-43st7ZzRPCf4c7Do6_teY-YhR9sjmasUAgkAxxLPq2IU6Z79_4rPmWLT521uAgFyBTz63UmQLKWOGyNLFk2kGFgOJeMsyjh3Hxtv4pTJH3nE1f9_4qS_Dt07_bgLHfDk1QMdkyGo76dYQzSB3_8OHfu_25gBE63R1HgUzRK8mvK62dwpvfUP1HX4x0Lys-72xvg8M-YxA-n0yKbbyTsTNLiSfByZ8lu242HJRRrRwexzVoSJtToIaMEoxpfVdcBMg4uLJYcz8PL2OCpaXam7QGgaFzTRn5ZqUE95FiyzEXXuz4lwK5fdKFY6z5bMOEoLnFwSvmAL0fyAfyyvxEH1jMfnjaYo9WFbCg_MIKLgqISzxqB6bxIz0pluko1wMmZXWJHEIvSeGJyCWg8kr-yG33xsW5dii7MIWnoeWpRaFKz5gLD38xkAUHw3XBic-Kl7EGprjlq29UlHqltAN6mvDx9wVvQhquyw19uyR2RIbl0-FJ3whmGsXGOQQpQO8hQRNxy-0UdO_ZD-T70_WXum0iT7IZOsRApMw0m13TiSlyMomyGYbnhiHoNyeVvm0098ue2MS3bv_PGqTM89CMcBgmlANK6hFOt2GpW8eaXOxnmfMw9PjJFQ5a48nCpJhMaiCE03PxjXPq73PFzP2dZMyetBOhQphnK9YavvoWoHnpi4lHbLK2rd8NG5JuAEl2O0YSIp4omIOKID_qqH6kDkaIPTd3pz6i_vwmj7Ko-7NcBX2stQ7Y2_aRLMlH1ffvQxIkjU4YOzf9qpiYsyAkMBAvWoKVvkkGL_NUg73oYdlcF02iJO5obAmciO44_K1Uv8FVvAvRc73A5b5Tj9GgPphv7MQFyvwahD0DLHzoVxY4h7QuJQ0P47iqnw6pvfPMwWn9K86sHfmsHax3mcf9XnOxz_cTTi5C37EbcjkgN7xvfqdzeG2epkwbqIvv12lElfmAEnd9GJp_fgYXm53id1UAC8KNhVxLqTsM589fjEXSoyiFMtOKRBXZ0_fm4aetErKe
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 615C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
84913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 15:57:15 GMT
/
onetag-sys.com/usync/ Frame C825 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sodar
pagead2.googlesyndication.com/pagead/ Frame 7BBE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309050101&jk=1051207930293623&bg=!XF-lXxDNAAa6D61Rmg87ADQBe5WfONLl1vs6X5LvgOhwKA3YRgJh6WgNAUz8t6-4DnlhnmylfxoEJ8CISw2PTGTh_bMRAgAAA2hSAAAAB2gBBwoAYTX8rs9Njqv26jZT8CHKXSMqxXMt5ceUvKyHeL_STxBZ8_wQI3OvVX4wgLlbpjUum0B0_cgaeyMzBPcJwnAeQ-HVgykFsRvEKFDt7hFJDPVTBtEeqmgocciNLxsm9sB5RSiZAsOXKu66IHLof6TzWm4A6hPSNjEnONqYUqHS-3x7G3U_WU9MTTMPCQNlV-WizC5SzNPH3TJRima1tSpOEMUJNnWUAk7vq0-xIRlFddCZv6sl1nCzqujzIsN_GuhDxNZnBh0JbQZemS1tru_8q1iIAfrVNHg6SNXKZXxyr8CPFNXuNyyqsYYajxq0QbiQkfPp31gxZNCo7HfUaujphHvEqgmQCGCQgATo36GCgyrAXMCzxwCS3Zzjh99l1YT4PaaWHJLApBVowcYJ8ajyqZZGxPOJdKGdKeKiraGe5jFS5ab_e2Ez5ASc1UuuXS4s4wB6PpmoVx5JXiO-SL986VTWjPwaJcOjL8GyiamyQHP-OWolsOwrupvQpiXtEHb7g2R1K9DJqJv4hxpC2m3GZIZvsL9IrO_4vDprTJQFKx7JL68Mj4tdY05qyuX8-x9V1r9qbwc3ZdlO60LYAQS73X5ipGJ9CtJw1BRQTN-rpzCuyxyo_sUVxJlmPqAyckUEOYHAEvhe1oGXAYhskUwffo_MoCuMsoTPEmOFVKENrEfJCOMvaQxIst_T7lCEo5wcKjNA72TtFHh9PT2_xq5m73DXdC7Zys0IfcK2hoBKgQNhnu6ZdQCYaCHS2_EOyj8EeYBM3UwPNOUWp1a06zIIZ-3cO-hJ82K3q1jj4RQ1XMu348h6bV9DmPz7b0tJY6GFEgkZyugZKYhYk5CiTWbMeKimziq-b4GYm2XQDcv7ayUK_dsVyHTvcXVYjFrgBH4gjQvJk8GZs7bZdA8k9XOAetVYeumWHC9W1RcFd9uUIAowv3yQISqWJeh1uBr5BDqc2n7_ly8tfbX2VjoWcsZjMH2D-M1N3dUKOVneGo5LsMadxeQaOEjHy_N33GuCCUMAqVGPq0JqZ_96bLnxQEcBbZHO7G63V3VSGY0m4rb-ps-6qipt3vHJbg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 6550 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=1709641182838345&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
Pug
simage2.pubmatic.com/AdServer/ Frame 2159
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 09 Sep 2023 15:32:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:27 GMT
expires
Sat, 09 Sep 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
792856
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8AE9 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 09 Sep 2023 15:32:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MJTNAXFBPM57KPQNXRZV
Pug
image2.pubmatic.com/AdServer/ Frame 5AD1
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8fi0rP784vfqreT39qj_rfP74Krq9eOq9_lFcmpy
42 B
564 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8fi0rP784vfqreT39qj_rfP74Krq9eOq9_lFcmpy
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 09 Sep 2023 15:32:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 09 Sep 2023 15:32:28 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8fi0rP784vfqreT39qj_rfP74Krq9eOq9_lFcmpy
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
sync
ads.servenobid.com/ Frame 7AB9 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sat, 09 Sep 2023 15:32:28 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CEF3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aj3SRPHbRKOh73yJIa3zRQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=30983
accept-ranges
bytes
content-length
5606
expires
Sun, 10 Sep 2023 00:08:51 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame CEF3 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.182.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.165
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame CEF3
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2375861489
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
via
1.1 google
last-modified
Sat, 09 Sep 2023 15:32:29 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345
date
Sat, 09 Sep 2023 15:32:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame CEF3
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Y2U4TmZrV1FUcWhRZ3lONnM5aWVSTE8tZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6187144383698912030&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
54.197.82.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-82-124.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 15:32:29 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 09 Sep 2023 15:32:29 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame CEF3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkEzREQyNDQtRjFEQi00NEEzLUExRUYtN0M4OTIxQURGMzQ1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 09 Sep 2023 15:32:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CEF3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENQ_uMd4GUyDb-vC0ydl5e4&google_cver=1
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENQ_uMd4GUyDb-vC0ydl5e4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 09 Sep 2023 15:32:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENQ_uMd4GUyDb-vC0ydl5e4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame CEF3 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 08 Sep 2023 15:32:28 GMT
generic
match.adsrvr.org/track/cmf/ Frame CEF3 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
server
Kestrel
content-length
70
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame CEF3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6187144383698912030
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6187144383698912030
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 09 Sep 2023 15:32:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6187144383698912030
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
6A3DD244-F1DB-44A3-A1EF-7C8921ADF345
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CEF3 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6A3DD244-F1DB-44A3-A1EF-7C8921ADF345?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:9368:3d72:e6f:ea07 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame CEF3 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
300x250-frame3.png
s0.2mdn.net/sadbundle/641018540181893391/ Frame 8352 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/641018540181893391/300x250-frame3.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8098f89873bf6b58ca48a2797fc926f133e128a251c9c66578ef0f8695597899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 09:51:36 GMT
x-content-type-options
nosniff
age
452452
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8106
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:42:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Sep 2024 09:51:36 GMT
300x250-frame2-iban.png
s0.2mdn.net/sadbundle/641018540181893391/ Frame 8352 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/641018540181893391/300x250-frame2-iban.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1c34e6838e66bdeb8deeb506d6d9c52e3eaafd7e572136976c8064d625ffc66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 18:32:59 GMT
x-content-type-options
nosniff
age
75569
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13183
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:42:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Sep 2024 18:32:59 GMT
300x250-frame2-phone.png
s0.2mdn.net/sadbundle/641018540181893391/ Frame 8352 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/641018540181893391/300x250-frame2-phone.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c7cf8c8994757bcd770db5e1ab5bb2023ca625d16262d67a178fe32cfce24e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 03:50:30 GMT
x-content-type-options
nosniff
age
301318
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32603
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:42:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Sep 2024 03:50:30 GMT
300x250-frame2-card.png
s0.2mdn.net/sadbundle/641018540181893391/ Frame 8352 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/641018540181893391/300x250-frame2-card.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3172d72fc88492eede463818ef095356e52a4350a052b866eb311bca2ba6ee19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 09:51:36 GMT
x-content-type-options
nosniff
age
452452
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33399
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:42:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Sep 2024 09:51:36 GMT
300x250-frame2-bg.png
s0.2mdn.net/sadbundle/641018540181893391/ Frame 8352 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/641018540181893391/300x250-frame2-bg.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d09b7f91ebcaceef1376fb04de6c7d9977118bfbe313ade191c684ac80c91fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 09:51:36 GMT
x-content-type-options
nosniff
age
452452
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2411
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:42:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Sep 2024 09:51:36 GMT
300x250-frame1_2.png
s0.2mdn.net/sadbundle/641018540181893391/ Frame 8352 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/641018540181893391/300x250-frame1_2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02af9ea0a3a533823c235a2b73ed42297c9e486f1320e102008ec0908ce21191
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 09:51:36 GMT
x-content-type-options
nosniff
age
452452
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8015
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:42:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Sep 2024 09:51:36 GMT
usync.js
eus.rubiconproject.com/ Frame D922 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8ac36cb8e899f57d4673ebfc077f32281d442aaadcef023de37722dbcd809b10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 15:32:28 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Sep 2023 11:06:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70437
Connection
keep-alive
Content-Length
10210
Expires
Sun, 10 Sep 2023 11:06:25 GMT
pixel
ap.lijit.com/ Frame DFEE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sat, 09 Sep 2023 15:32:28 GMT
X-Sovrn-Pod
ad_ap2ams1
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame E49A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
84913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 15:57:15 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 99FB
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Sat, 09 Sep 2023 15:32:18 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Sat, 09 Sep 2023 15:32:18 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
sync.php
pixel.rubiconproject.com/exchange/ Frame D922 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LMC6Q1NC-1X-DDAE
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
match.adsrvr.org/track/cmf/ Frame AFAA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1034773037
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1034773037
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sat, 09 Sep 2023 15:32:28 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sat, 09 Sep 2023 15:32:28 GMT
etag
RXcac6fb0429204a19aebe4adeb4403511003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1034773037
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
67a2d8f4-85f6-53fc-a4b9-750cc045e504
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 95B5
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/67a2d8f4-85f6-53fc-a4b9-750cc045e504
0
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/67a2d8f4-85f6-53fc-a4b9-750cc045e504
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80407bf14ea42c62-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 09 Sep 2023 15:32:29 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/67a2d8f4-85f6-53fc-a4b9-750cc045e504
gen_204
pagead2.googlesyndication.com/pagead/ Frame 268E 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9010626395255&version=m202307240101&ct=119&x=1&cor=7070455800893468000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B71 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5X4KCpD8ZNfuMo6Y-gaa-ovAAwAAAAA4AeAEAg&bg=!zM-lz4DNAAa6D61Rmg87ADQBe5WfOL1QIkBFGIU7VqqzNtl_O0aSCARf0spWjxM0aqFHrKCAod0-f6BGWiCybBfbOY5GAgAAAsJSAAAABmgBB5kC_o4fwmffGwHZ3pTvLVidqd0YyXbi530Pjsg2Bfq9DEMzAVxWcYAK5_-ajKHnNsRy1qrVFHxqUvutUkcf04V7yqAe3qPJLRiw9TU6cxJYpHOb21ziDMWC3BZvdVCoGQ7Gm9muCiMmhItUONpKEFpyea-noFnOV5Bb7-Pl63a5_E_6V867Z2_uxdZD-qKdRm9ETa8iSAfE8xSHLhCp35jcYxOk3Nzg7CXATK8UwKJohyBmL-EHLv0onoT5YdZFS6mXs3aeOt4CKg8WsnzfKrI3ZrUIYspEhCujkz1vxjzimnQZdXS1-PBwokHZkmkZkDLsSVNXGwe01u26WXPzwoV9LtszVOTsa1_sSg2yoW89Bw7fMaBEDQMRclyAdxaY0yk6IDZ8fFYQV3uWFzRgHgQxtWNwxdE65e4ypDrtoR49pC_NaaSq4jeMt1QaG5-u9oveG5AMDZnt7BOMNNvp6bqRk3D9tmVEFz5PNi_aFvJWXhvvwjjrVBi-0pKxMDlHIBRm8HZc_2i61Sy5xcpvXLe1iAsd_cLM4AuC6xDGAUYUVStrkV1EeipiH1-DTDKMUI9JNUZFxklMMVIuyh3ih4RQM5vYiWSgJmoj0Wt64tXLrTSPQDx2DsZpdjDHaATZcyMZRQtcq5uI86TtrPrGseHR00i-XT0SmyrfJz4-HR6fBDnCB2dRD1dWN9h9SCyoRSE-kdqD0DE8C8uyz2xpRZ0iuYiOmAQnsQIBEE1n53otAdcz1xUvnBiTJiklt8GPdky1JGnXbU_mugww5d9jodOoo7NHOqsmB9nWaiwzTMxVLz263KSxsSVUT_oJmC9ozFgTPSU9NTv9Jwy4UgWPfuN3Oe2hW7kyTvs1IvXNo3WLxf0nOQ9dPq3oaePHlb48y5n_JiLZAtDuFcKZKAnrGw_FXszUubtC0zvOqHYODa3V8p3_Vd1FPjNnmkfhAQ_HYRR15jhjNDh2zl_hvI0pFcW32mqlC6JjArzXmgWh5VeDgUDm8XRENoTJAS-uGhfcqEI
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
smwt256.gif
us.ck-ie.com/ Frame FEEF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sat, 09 Sep 2023 15:32:29 GMT
Server
nginx
6187144383698912030
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 3522
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6187144383698912030
0
382 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/6187144383698912030
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80407bf17edd2c62-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 09 Sep 2023 15:32:29 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Sat, 09 Sep 2023 15:32:25 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/6187144383698912030
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C63 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUc-2CpD8ZLblOMCKjuwPm7C4gAwAAAAAOAHgBAI&bg=!RUalRgnNAAa6D61Rmg87ADQBe5WfOGLMO00iVxiOzrJY1igRpAs1X2yPtHDE2P33hk1Iymf2WamHo1eKoSCt-EjyFisaAgAAAehSAAAAB2gBB5kDIpW-quYOnDGG62QAv9ItIQnXtsDslqkP7tW4pHV_gZXhubt4EBFYXm-U8t005aIY1I-XkLOrMMb3rKN-vQnwhddJIoI8bgYiAHog60sa3yAXylp7VK6a4dlqLGLhu02B1PXdtQsq5HIMMWBAaJAkd6N1m_3tM1746XFhzBDPWg3GkKUnGyI2kg_qgydexzZEhgkQ_r9JeiuH47xXAydv_uGFBd_y5qyy9ophnVOT-vRVA2eathV46S0H9DP2J6cF9LBuE2O7_DgFtX1Q2V6rmYSXfgt-FYYhEVqB6KkU1X9OFlKC5BBY_waA-eWngABtt5Mi_vvPwhC3r-SsbTzAYmN2XEl4pclYB2oUaov_P5436ZADdOhUhCr2pFPcH-Aa67G41dsVeZBH6MMyLUHffYlDNctKIHqMuhzn6REQCaFhGYWfL5ZyxtD7zyiq_HEfa-HSLRYLQc-Nrb7W-l3DY3qBql8tJ5sX6DU3QGaFSg0_c8khb_1I_0LamZzsEoJuDAOxZlh4ue46VIGGmCwtPenuHrcKS5LNQaptqR0zyoPl8tGnMiHc_DKhEuNoBOY2kVtz-5p0P54FwbgsRGtfwmhiFvrMNbrUXV8v6U1bIrwr2ozmuPNjGiPZ_bOSiISKPo1M21crI5Um6PSluiJDYngGoR01loJNriUZ1L9OD5Y-cRxJSqag1Ob_01cJT7-TtMEcDtVYqP6CFRC-YK-bYBzQfa1atzH2RyH7pDqNAb1UiCJIKsnai4TuALcRsiaKwa6Ndu3KiirIC1BRaqbPvFq5iNbWoNGNSWWzcorpje1fzTsIa2B24AAmVO-yToFhbpoAbX0z_47tGqtscGztsw1Iyhr_ylN-1V4QLUfjy5Ehj-9aQjqU9D8HfbS6lrsUP3-9zLd-7sKKHPFjiIbCPCa5AuCJq4otka_scJdQvWreEi0PGcWAFV3kGiUsIMR8yZF1sZoOHUWw4EpwEcCdiTSvLG-kFrdrUANJd_ZA6CWwQuobiZlGBznPNmPKmvElZPb6IGRseuOhk6A7UyDtq4tv_h1MQOKhfiydo_CH3pzaIqY
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
20fb49e4a9d3d27c8a4eb4240e9d6
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 50E6
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/20fb49e4a9d3d27c8a4eb4240e9d6?gdpr_consent=&gdpr=0
0
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/20fb49e4a9d3d27c8a4eb4240e9d6?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80407bf2a87a2c62-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 09 Sep 2023 15:32:29 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sat, 09 Sep 2023 15:32:29 GMT
Expires
Sat, 09 Sep 2023 15:32:29 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/20fb49e4a9d3d27c8a4eb4240e9d6?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1694273549125082-429
v1
match.sharethrough.com/universal/ Frame 9F68 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.134.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sat, 09 Sep 2023 15:32:29 GMT
generate_204
tpc.googlesyndication.com/ Frame 615C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?eriBtg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
smw888.gif
us.ck-ie.com/ Frame D61D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sat, 09 Sep 2023 15:32:29 GMT
Server
nginx
generate_204
tpc.googlesyndication.com/ Frame E49A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?I6jwZA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 54D8 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.588.0&bgai=BDF-kCZD8ZMWZObub9u8PtLyyeAAAAAA4AboFEwjr_Ozm7J2BAxUc5LsIHQG8DCA&bg=!2tml2ZbNAAa6D61Rmg87ADQBe5WfOG67muO9jSfowLcYi2Bl0NlpTNR8PHh5_Dadhqye3G90-RjMzedVYH3P7VW1hZJqAgAAAW1SAAAAA2gBBwoAnIjnmdps4SfyED11gKskI2e8r2aYvhWwU2GqsXqm3ERvKlOFmaRn70MCEvR5DH4N2fhn6h-yi62sVRERIMYpKuh_HTK7cQWDoSXFxFVwiPRFDGjds_k2ZE6D7Pdaj97i6FyNMC3cj7bx8TdvW0uAcpxmJbFdJ6UW3uKMd9V5KcnVNy_9g6F2D39PoAiplTPuErw80s_KWtBQbwfsepkCTdGN0pX3-DFH23tB4zcK6xxy3opcVUacXbYV2HDSz-6qqjXghAW3ymC3KHlC-Sdgp7wAb-dF-uCSnid0FKf7CC9Z_M0UCgb5Co0iLxHh2fvqqq-wBEPvW_udZ11ChWeWZ6YnGHUVeoImsRc3RIuqoKFSnz-3puF75uxWnqNbLvuwtXnDRq5gJ0aAK1lvirANe1pAUwxltkzbUCixdtALerGWKVKT1yfrrwD2aRoxqQwGOQX5GXW5dO4gvu_h5lqU8430ndcT8AhaR-rwuH3p_-DaEyLh-XmMdrCC6nj7JgQZZ3tVssULe3d1NBDrU9NjZSTDiLjd15V248z8wBuRBsWV8H1kryhw6nhSmF8elYkAMoDRQM21_lLAYEwAXAJRjBUpL80cp6195y9vbcbvyrJETz2oPnWDkaDxkprPmDfc_I5BMt36NF_miyQe-J7JpA-hvRY2UrQKRbO2cg939mMeo783nvlLw6_DnpT02ItixwrU62Dvz_6Fxywv_VMTRm_vBy26AzNjV-vobm0vNoqtIHp2-9sW74nuFVT_97nXqkg3XHU1DNWtSxDTAi48SMkBhnipDhhysbLmx3hjeah8BzaQrQUc7Gz5_5gY-eE3k4YJ2VNYGS5wUBrmBfx4y8-LzUQYZs3k6FitCJwxdB7MgOLJ5YEIrvDWFZ1g2PkJydquwmP5bONDoARipIzAzWmSvZYKd6cp6nPN120MfRftzCbSxRARkowTpwNqbjsWuIx_z2FmfAE-go2_l_hIRmyO_6tvlWnFOtsP9qs
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3C1C 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:29 GMT
an-x-request-uuid
37b87f57-e648-4c2b-90bd-66e2ba171187
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.23; 217.114.218.23; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D40 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3805440908017&version=m202307240101&ct=76&x=1&cor=8140931646919190000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 94E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=3069060205503212&bg=!QkGlQQ7NAAa6D61Rmg87ADQBe5WfOC-08ydMa_taucVvFHXR7mHvz3Xn9Uvh_ApeK2nJ_mOVjk24FIRTzY9z9utlyIRzAgAAAVdSAAAABWgBBwoAxfUkmGh2p71cxg2sQZDSz2ua_sX2rVTA88kUuN8aqHPZwAQL8vKm1ftjrS196J4-FfOWYsu8bjGDUiZM2pVQPwh2w62OArnAZMN4L-1tbIetMDMhLNlsEBd5gzYjQSnsXgveIZUN0rbFZfPvvR4bqLERyUG49Gwyqt9AwacPlcu17u9WZzDHMJ8gggFpFWglJ0fClGgNOI8Ymh8AYKoMNvFLiskiDXJSykby1v5riVO3Z5jswAV0wKqLbC9_8M2gNT_bZtQ7mQLJV3BP1oVbC1K9cjZ7HHuLQRBoCNXOGboxdvMcI4D3Pv9a_cCozP6GnvkZKFuwX19tzqVv75jfRDfL-Ipisbwjze_btfurgwLwQsPB7xC3k6FWVXI4uR8rcvz8LOsX28oAfBA-HryHfJo5mwzkZ36qmH7ePCZqzXKnwqjHqYhiqC1nZ7KWniGz_H73R_9al1bTMTmMtTOTiVnqXhh6aNdaTZ7drrdBEpmT35-UgqfzXDWsC7g7PC_rEWDFDjC8j9vnqRiApW_m-43JGUr7eRxKm5EhnVocTdWdrhhZw0xSXGG8fELkqUmukrVi13EG4dqXABARUt8ZXu8qIo4Tg4bbu2uEVgApRwCtodCeYHB-2NXaoeBDdopLUzeuxVgywxVIhxzWhI77PfaCX7L0ZNvI97JQdwzUkqwhoKDrYUSuaJvY0uRcxYjla1nsRzIP5EdXCXQE3QrsI9wODLnMxwPJXTA9FCDSGNLocsMpjKYb13aNHG--IY_Dvh6F32szsHm9f4qX_ELfahQPe01HKIL90tHEDQNIu6BfqqLpu6xR71cces2FXMp0momZIH_YQ__Iy9vRX1GwvU2ztiX0G4zIze6WOysH6uwey9d2jwOkcbJvgTLtWfsOoKYin8JxlBhVP4bX13u9iuqWpchSCKeKlXNivV2kXJI67Ir_SBsdWQA7jezjjhmLXUh6KTxjYkgLUT6l2kSfnmfseHn30TK0txh8sB-v19W9EPm8WbSDCCwnXgL38AJJ5xYNsdWzHyU1u2ZhFbUDnmMlBhJjEJS8fvOEtpbKBFwtTyOhkTKDaMX1GezKC8_ML-pvHYczVSj2YifrCuTcHThwx74nk4EecY2-gmk8oGRwFoaa_otkHiS5B5-7Cuf3WVlqeryfgUwIdO4DTuL8F9ZqFky3wXScJVzo5TlBOK7gTe5n6_Exom6wF71OJSh9J1Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F913 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=1709641182838345&bg=!vL-lv_DNAAa6D61Rmg87ADQBe5WfOBA-g5DIY8GfzbpAXtaWvBSyE5koe_CR3MM6_rNepgAELKn_pX8h_727eWVBjutpAgAAAO1SAAAACGgBBwoASODz-TV4iOdr7pgkJDSdPApUW1ULwD8tQSo3YbwSL6vDr0GwQiXJTCVHWeJf6wzMHS6X3wGq1bMszIp6bIc0mjttQwTAOdiB7JkC1EKeJ_t0Ge9nFCiF_IYEch-w1kPWj-AfKFQK-hLpgFXXurA8EVOIGYzbcfg8yrUv3FmzUgTUMqPfHIRy0hhl-3IGF7R83MDWm17i84ScdwnMztJN0_CrlB2qQ1IwwC9EtwK_TK20uLT_xPYbTHNnvyYgib_vVntoum8CI16OxO6rfTdBuMj3OnG4RT94uG0QnMvyxPI66EUcBDHltOYBYWLT7s_6pU43_eWB8Mn_xZ3v45ozLFVHAoUUOTNp-OkKOeHFotKeMBDnnzEZqnLqe3_QUO4ot6BqvKxAuVagP3S6xM1X72MxWiEpw1xuS3MKMjKpcl9QircaCYiR-SxDR4UTbMCQyUtQCqC8EB72yFcKK5Oz87zwispTPXlbLww3D67Pu9MQHlIbbcVnFhj32LwlX8lJCwbLnvah0gZ3YLQsTLDVHi7s7Udtgn7NkVgLaek09Po1tLnMTX59uQww1CDZctv5l4z7TqbxGZ5Z-yi3TV5DF18ioNXdjK-GAmie9MQD1Og1MkDrzM_pUQ5JGUGf_3eSmXq4xbaxTs1u8QWz9u0qPgSYfWUuhDKpF8aB0cWQW_APCWbd6qFnzfH3IRhoE9TCSUk7wXA38N-Fqqlb_uCVn2G0-bQdNSQQEBxjbufU8RdcQz-EEN_R3FISFYTGYdAeOd9dUBb-2udfHT7pFylv7jmbbpCBsqXR0jsR3xsuWFYs5ZwXDKiRBAR68rO13Fw-2PLv0VMTMXCh1M43iMvEeXkFApfFrEcBQ_t5-UV3fU54GIDh0aG-ulj5N_OFdzdWJ_t6cEJgt7fjhFMRjnxhSQbR6Mh80tGguLt4iSWeel2F47hwh2ikQRbRnLujIY-yA1CRd2aN8ZjvkmURwevAsehQLCHLdLMas-s-oD4NVWy1w-d8MBEUY1kVRA2FmSdiYDCcYZ4JN-FfHVtuIHx21P1HhlRW-8_bvgs1jRrTMYc
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
tracking
ad.vidverto.io/delivery/v2/video/ Frame D6A0 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/video/tracking?vast=events&token=w9rXMnOwsKXRnjjoy3aV0qfPCVutPQzhsK%2Boze7rOaXfYLdxOJ1pb7pdXU3dEQqmst9mlYi4CnLrUXSU7EWJ%2BCyz94HxX3wbsXReV%2FcHocOLVW5QqOqc9mBMdPDvwsKpxk%2BVOIVAaSXfSA0Cp6exgtbLVhpCRMoHNp6wBzltBhTJzbBZMQ42s%2Bd82Id9VmJPsSOZLnionbN7jFfs6fHUoxzDEprGA7UwleIY2H2TV4g%3D&cb=1694273545
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:29 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694273550671&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1548&pt=-1956913285&tz=120&viewable=true&ddast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ufrlt_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
ad29cbd537b5f8bc727d8c4c776e84b01bf146a40aa8526f09f8ea8132cc8c3d

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:30 GMT
content-encoding
gzip
server
nginx
machineid
1421
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame CEF3 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=12611&tvi50=-50&route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Sat, 09 Sep 2023 15:32:31 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7466
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230057-FRA
pragma
no-cache
server
nginx
x-timer
S1694273551.062381,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3960&_p=2064745187&cid=2108848729.1694273543&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1694273546&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dt=%E7%99%BC%E6%8F%AE%E9%87%91%E8%9E%8D%E5%89%B5%E6%96%B0%E5%84%AA%E5%8B%A2%C2%A0%E2%80%9C%E6%94%BF%E9%8A%80%E6%93%94%E2%80%9D%E7%B7%9A%E4%B8%8A%E6%89%B9%E9%87%8F%E8%9E%8D%E8%B3%87%E6%93%94%E4%BF%9D%E5%90%88%E4%BD%9C%E6%A8%A1%E5%BC%8F%E6%8E%A8%E5%87%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CEF3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46664223&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
ae099b22ee17dc61b8f56a13c86012cbb24a8f0f5f5c4ed345102ca36bef34d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 09 Sep 2023 15:32:31 GMT
content-length
2045
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 36FC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89687796&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
ae099b22ee17dc61b8f56a13c86012cbb24a8f0f5f5c4ed345102ca36bef34d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 09 Sep 2023 15:32:30 GMT
content-length
2045
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 5C66 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 09 Sep 2023 15:32:27 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 681C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5803185560340488745&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5803185560340488745&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 09 Sep 2023 15:32:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
0c60a4bc-b2d6-4fff-a959-a61a9ae43679
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 15:32:31 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5803185560340488745&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
217.114.218.23; 217.114.218.23; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame BB1C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VIN3NTqiXqNEj2Obly118Nly2hc&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VIN3NTqiXqNEj2Obly118Nly2hc&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 09 Sep 2023 15:32:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sat, 09 Sep 2023 15:32:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VIN3NTqiXqNEj2Obly118Nly2hc&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame DCAA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276849492042250393&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276849492042250393&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 09 Sep 2023 15:32:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sat, 09 Sep 2023 15:32:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276849492042250393&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
bridge
cm.adgrx.com/ Frame 324D 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sat, 09 Sep 2023 15:32:31 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-7
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 5A8C 		85 B
251 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 09 Sep 2023 15:32:31 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230043-FRA
x-timer
S1694273552.712792,VS0,VE94
Pug
simage2.pubmatic.com/AdServer/ Frame 9720
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 15:32:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sat, 09 Sep 2023 15:32:31 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame E312
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCa3RrN0otU0FBQUNRWlBXRlVjUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAFf6k7J-SAAACerBT-Pqg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFf6k7J-SAAACerBT-Pqg&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFf6k7J-SAAACerBT-Pqg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3094586480578561071&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFf6k7J-SAAACerBT-Pqg&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFf6k7J-SAAACerBT-Pqg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 09 Sep 2023 15:32:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 09 Sep 2023 15:32:32 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFf6k7J-SAAACerBT-Pqg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
sync
ads.servenobid.com/ Frame 8315 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sat, 09 Sep 2023 15:32:31 GMT
mw
mwzeom.zeotap.com/ Frame CEF3 		95 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
80407c02ac8e2c3d-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame CEF3
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:46 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:46 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame CEF3
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=6187144383698912030&gdpr=0
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f4c2a20eb85ba444/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:32 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
sync
x.bidswitch.net/ Frame CEF3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=9502da27-ccbb-4dca-8427-a4151de61d5c&ssp=pubmatic
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=59&user_id=9502da27-ccbb-4dca-8427-a4151de61d5c&ssp=pubmatic
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
18.196.138.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-138-245.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
//x.bidswitch.net/sync?dsp_id=59&user_id=9502da27-ccbb-4dca-8427-a4151de61d5c&ssp=pubmatic
Date
Sat, 09 Sep 2023 15:32:31 GMT
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame CEF3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3306217142786303795&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3306217142786303795&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 15:32:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3306217142786303795&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame CEF3 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:31 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
mw
mwzeom.zeotap.com/ Frame 36FC 		95 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
80407c02ac8f2c3d-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 36FC
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:46 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:46 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
52799
stags.bluekai.com/site/ Frame 36FC
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e03aefc9352946fc65388e53b39e6dc7&gdpr=0
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
  • https://stags.bluekai.com/site/52799?id=93e1056161087d47
62 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/52799?id=93e1056161087d47
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sat, 09 Sep 2023 15:32:32 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://stags.bluekai.com/site/52799?id=93e1056161087d47
content-length
0
match
c1.adform.net/serving/cookie/ Frame FD40 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 09 Sep 2023 15:32:27 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 46F1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5803185560340488745&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5803185560340488745&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 09 Sep 2023 15:32:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
ec5c78d5-599c-4ca1-aa3e-508a1906f7b6
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 15:32:31 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5803185560340488745&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
217.114.218.23; 217.114.218.23; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 36FC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a2757d6e-980e-477e-9df3-05a9ba443503&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=73c55841-967d-4cfb-871c-e44d1f69a60b&expires=1&user_group=5&ssp=pubmatic&bsw_param=a2757d6e-980e-477e-9df3-05a9ba443503&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a2757d6e-980e-477e-9df3-05a9ba443503&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a2757d6e-980e-477e-9df3-05a9ba443503&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 15:32:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a2757d6e-980e-477e-9df3-05a9ba443503&gdpr=0&gdpr_consent=&gdpr_pd=
date
Sat, 09 Sep 2023 15:32:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4854
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VIN3NTqiXqNEj2Obly118Nly2hc&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VIN3NTqiXqNEj2Obly118Nly2hc&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 09 Sep 2023 15:32:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sat, 09 Sep 2023 15:32:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VIN3NTqiXqNEj2Obly118Nly2hc&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame FCA2
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276849492046837911&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276849492046837911&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 09 Sep 2023 15:32:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sat, 09 Sep 2023 15:32:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276849492046837911&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 36FC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3306217142786303795&gdpr=0&gdpr_consent=&us_privacy=
1 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3306217142786303795&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 15:32:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3306217142786303795&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 09 Sep 2023 15:32:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 36FC 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:31 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
bridge
cm.adgrx.com/ Frame 6949 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sat, 09 Sep 2023 15:32:31 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-7
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame AB6C 		85 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 09 Sep 2023 15:32:31 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230043-FRA
x-timer
S1694273552.762367,VS0,VE89
Pug
simage2.pubmatic.com/AdServer/ Frame 0DE3
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 15:32:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sat, 09 Sep 2023 15:32:31 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 0674
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGZjZrN0otU0FBQUNlckJULVBxZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFf6k7J-SAAACerBT-Pqg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3094586480578561071&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAFf6k7J-SAAACerBT-Pqg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3094586480578561071%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3094586480578561071&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFf6k7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFf6k7J-SAAACerBT-Pqg&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFf6k7J-SAAACerBT-Pqg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 09 Sep 2023 15:32:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 09 Sep 2023 15:32:32 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFf6k7J-SAAACerBT-Pqg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
usersync
usersync.gumgum.com/ Frame 296A 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 09 Sep 2023 15:32:31 GMT
Expires
0
Pragma
no-cache
InterstateRegular-Bold.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 7906 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateRegular-Bold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6426159062837453930/index-be1f7599.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d52c7c5050b088109075328a9e830e4bfdf6446c763b9e69c637d5c0e11d599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6426159062837453930/index-be1f7599.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:28:47 GMT
x-content-type-options
nosniff
age
225
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29232
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 15:43:47 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 7906 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=YEaMD8hqE1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 06:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 06:34:14 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 7906 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=YEaMD8hqE1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 07:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 07:05:17 GMT
dc_oe=ChMIgJTt5uydgQMVN9wRCB0D1QE6EAAYACCxmOVcQhMI_Kuy5uydgQMV_C8GAB0BAgXk;stragg=1;&timestamp=1694273552382;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame C524 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgJTt5uydgQMVN9wRCB0D1QE6EAAYACCxmOVcQhMI_Kuy5uydgQMV_C8GAB0BAgXk;stragg=1;&timestamp=1694273552382;str=nextSlide;strtype=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D6A0 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CArzqCZD8ZMWZObub9u8PtLyyeIHz9e9yy6KRpekRsJAfEAEgw5W3dmCVgoCArAegAZyv-6gCyAEF4AIAqAMBmAQAqgT6Ak_Q5U-wXGPBxvUyZl1KaRMtp2JBxv0OFVvF77swvvcMi9pE7QmdlHoxWHBmovUMzQ2zIwhQbkExshoMqDaEV9ycTPti6yRbe1zOqLMxrWyPzd190bjG3C8EyId_60l2XU71v2E_ro_SBr82684S6n24H8bYWDZCS5fWkV64Gi0EY3hJAsWjwrvTNJEj0wwHb9HHKmUUT90ljZSEUb8LzZNpjHMwYXlphkClDxeTr58Yq1LSmTwAHgg4sVyCkUBIpiv9h9aUcTNlCDivrIoqlEXcQgtiXJFJYvBLQlGqZdtZ9ht7kN0GoEpGFYM0rse6L8AhrhZkEGhyMvEb81af5E4f2dO8mT9Jtm7dI_K4yYeZAnUUhvUAX-DS3DXJTPPoJ8iOr7ngI1TCGCq3ollPBddpXq_C64-xcurVNlPxENwsxworeJmArpeDeDocZSkRlx3rByeSGx87BhKLyPssjTQezyKjJhWs0ldr4GHzQOQFCIzNepOq60CZOcAEubSGv8cE4AQBiAWfv6eyTKAGVIAHzNCE1wGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2gwQCgoQsMOJ3O25ueQtEgIBA6oNAkRF2BMT0BUBmBYB-BYBgBcB&sigh=36Yrmj6WOMc&cmd=Ch1jYS12aWRlby1wdWItMzEzMjg5MzcyNTYwMzkzNRAAGAI&label=video_skip_shown&ad_mt=5254&sdkv=h.3.588.0&vci=Ck0IAhIOYWQudmlkdmVydG8uaW8aElZpZHZlcnRvIEFkIFNlcnZlciADKiA1NWFjOTBjMWJjNjYyZTkzZDdlN2M3YzBkNjA2NjVhMUCFAQqSAQgBEhhwdWJhZHMuZy5kb3VibGVjbGljay5uZXQaB0FkU2Vuc2UgBCoMNjEyMzc5MTUyNzE1Mgw2NzI0MjkyMzE1MDlA1wRSJhAPJQAAcEIoAToLVWNlSjhqTmdjMW9CCWdvb2dsZWFkc0iPBlAAWiJkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1vbWlkLXZpZGVvGAE.
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92e9ff777c9b2a39cc3e553f452f8eb7e624123cbd726471e169d145aa0888b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11740
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=6253&cid=amp-er-It84ly8bNYNvbtW01ug&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dr=&dt=%E7%99%BC%E6%8F%AE%E9%87%91%E8%9E%8D%E5%89%B5%E6%96%B0%E5%84%AA%E5%8B%A2%C2%A0%E2%80%9C%E6%94%BF%E9%8A%80%E6%93%94%E2%80%9D%E7%B7%9A%E4%B8%8A%E6%89%B9%E9%87%8F%E8%9E%8D%E8%B3%87%E6%93%94%E4%BF%9D%E5%90%88%E4%BD%9C%E6%A8%A1%E5%BC%8F%E6%8E%A8%E5%87%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1694273545&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=11923&epn.domain_lookup_time=11&epn.tcp_connect_time=795&epn.redirect_time=0&epn.server_response_time=246&epn.page_download_time=247&epn.content_download_time=1328&epn.dom_interactive_time=1328
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E7%99%BC%E6%8F%AE%E9%87%91%E8%9E%8D%E5%89%B5%E6%96%B0%E5%84%AA%E5%8B%A2%C2%A0%E2%80%9C%E6%94%BF%E9%8A%80%E6%93%94%E2%80%9D%E7%B7%9A%E4%B8%8A%E6%89%B9%E9%87%8F%E8%9E%8D%E8%B3%87%E6%93%94%E4%BF%9D%E5%90%88%E4%BD%9C%E6%A8%A1%E5%BC%8F%E6%8E%A8%E5%87%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-er-It84ly8bNYNvbtW01ug&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=11923&dns=11&tcp=795&rrt=0&srt=246&pdt=247&clt=1328&dit=1328&a=6253&z=0.5645434261409248&gtm=45De1110&t=timing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 13:41:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6649
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 2CA3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:33 GMT
server
Kestrel
server-processing-duration-in-ticks
960264
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 2CA3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=3&topUrl=www.bg3.co&bundle=dZ6ElV9PbFkzMldZbENFUWdVJTJGRWhINXBwa2FjUXkxZ0g2RWdReXprVHBsQ1B4QyUyRmY5Z2Q1ZXB1bW...
  • https://mug.criteo.com/sid?cpp=x_82MnxNQ0VaWVJkVXdWS2I5b0c1bTNHVW9BaVZQVThhc1YyMFRTRzhFVmVLNG1LRDNzNDhHTk00em1oUXYreVdvWDh5VUg1MWdxaCt0SkxQeHhSSDVOdWN4YU5oVkZiZzAwbE1FbVhQclp0WHowenA3Y3VQVzZKSlRnST...
428 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=x_82MnxNQ0VaWVJkVXdWS2I5b0c1bTNHVW9BaVZQVThhc1YyMFRTRzhFVmVLNG1LRDNzNDhHTk00em1oUXYreVdvWDh5VUg1MWdxaCt0SkxQeHhSSDVOdWN4YU5oVkZiZzAwbE1FbVhQclp0WHowenA3Y3VQVzZKSlRnSTJTTFpYUGVFdXFhbVgzenFySmp6RDdXVXB4bS81TVlDa1ZVcWl0YUtoOW5yU3MrWFZ5Z2lTTlNOcG0zSFhCSTdxL0xkZjlpSGlESFg4dU1JRW1lOTlNQ2JyczYycE1jZTRlNVNvSGZMZDZMOWxtY3grU3d4czJJR1VnRThHdEhVWTQvUHlkekNzdkdld3lVUzFTU09jaDBDclI1WFFGUT09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
71a291528532a8bcc514426df8bb56c516650990819adeb7487536b64331aa35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
936277
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=x_82MnxNQ0VaWVJkVXdWS2I5b0c1bTNHVW9BaVZQVThhc1YyMFRTRzhFVmVLNG1LRDNzNDhHTk00em1oUXYreVdvWDh5VUg1MWdxaCt0SkxQeHhSSDVOdWN4YU5oVkZiZzAwbE1FbVhQclp0WHowenA3Y3VQVzZKSlRnSTJTTFpYUGVFdXFhbVgzenFySmp6RDdXVXB4bS81TVlDa1ZVcWl0YUtoOW5yU3MrWFZ5Z2lTTlNOcG0zSFhCSTdxL0xkZjlpSGlESFg4dU1JRW1lOTlNQ2JyczYycE1jZTRlNVNvSGZMZDZMOWxtY3grU3d4czJJR1VnRThHdEhVWTQvUHlkekNzdkdld3lVUzFTU09jaDBDclI1WFFGUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
256439
content-length
0
expires
0
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694273553672&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1548&pt=-1956913285&tz=120&viewable=true&ddast=V8z8oCLAYIQqqc-T79LRMQhFQ58336Wy4AAABgYID-AIlMZjPfxONwi4wTm1u0WdnWwoVltlYZZs7NbrAazVzLISCRyWzmm3gcbpFxYnOLNivbWriwzNYqw8y52Q1Wo5lrOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BgAoDgbr8HxeZn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY4g4vJj3erY0C5GC4iKMAAAAAGTLaV8cmaQTVCyq_P__91sBuAIAEKCoJ8m5mUV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEJNMzNpgjD0wtX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAZGbauBwzw3KzmZlso93GOFvYPKbFcrCyjGwW7wFvdIkzIYHH6rMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCKcNmtzAudmuFyTVZi2Yb21q5HM7WgoVpMZpsnBuXy-YWvT6mi822WA13WyQYkLgXydMinag2Fptn5RxOXI6VceQZjDaWhXPhMCx8y9FsY3FOxBLNySKdyC77wmRm2rgcM8Nys5mZbKPdxjhb2DymxXKwsoxsFn_LsNktjIvdWmFyTdai2ca2Vi6Hs7VgYVqMJhvnxuWyuUWvj-lisy1Ww92-MVuOJrvNarTZN2bL0WS3WY02-w6d4bv6nI3Kskry0bmk5elTd3MaFC6DxfuTmBbT7uwgOvmOTp1UpSzqjH6_3-_3-_1-v99v0HoOZoPCd5v2Jd6e1_e3iZ6Pg0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_mcAtdT7fUaXdL_nafW2N0Pew-t_Bpdyv_rrfm6HRLjy67z6182t0ih90tfDrsbs3RYfe5BU-32Omw-9ySv93nlj7dIofdLXH43UKXW_r6u9V-t-bodIteT7fG6LoLTW-zRSwRnC7SiehlPF3Uf-Qgi91csRjNJYvhXLJZJQAAAAAAAAAASzDNdBMAAAAAJ4MaboaL1TodzGQ2GexWywVwEZSlCxgEAAAAAABgl7TeGw9d6ahKscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAADgN9Cqwf4BqBBrtVrdbqzVagUsmOFoMpzA____fw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ufrlt_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
ad29cbd537b5f8bc727d8c4c776e84b01bf146a40aa8526f09f8ea8132cc8c3d

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:32:33 GMT
content-encoding
gzip
server
nginx
machineid
1439
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Sep 2023 15:32:33 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame CEF3 		0
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C43A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2685
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 14:47:48 GMT
expires
Sun, 08 Sep 2024 14:47:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5879 		829 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1e5ce45b55842b6a10e9d4aace360443b7872249ce280056da6130d20471551f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h-p9rfPMuDm4w3iwsGeETg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
535
content-security-policy
script-src 'report-sample' 'nonce-h-p9rfPMuDm4w3iwsGeETg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:32:33 GMT
expires
Sat, 09 Sep 2023 15:32:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
SPug
simage4.pubmatic.com/AdServer/ Frame 36FC 		0
151 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/pagead/ Frame 5879 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240101&jk=3553257487497326&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame C43A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
84918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 15:57:15 GMT
generate_204
tpc.googlesyndication.com/ Frame C43A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?vYy3wA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:32:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240101&jk=3553257487497326&bg=!IyClIG_NAAa6D61Rmg87ADQBe5WfOC9BwGxutVdjEf-1tk2gmFtwFMUn-RCO1bCPi5UREWz9WAfSIDcdBTHU3eF5i1f3AgAAAH1SAAAABWgBB5kCssTP2NGEoa-rtiGongJKJiFQgbZTV8XpoR4xNLO7AxH2MbhjigSUgU0ctzk6AduaQKFfP6pTanhvdU6Rm-0hxsvcXLICld-Zk8HEIeDBhL7o1kAOukaBvBMgyAWBjMoXH56rmK9yX5c4xqOGLFypOZChsRUxbjOqfv9DH6tVh5o4m_GdJ9_BP4RWs-nPLhQy-B1up_D0tjVyXb7rAyIiP7FvY_L4lTSLWxLCQ65zRfImY2Sq4r1ngV9qhR1Qa9NGyp5y65Htsy3V1_AKTAEmDJjKzRBi5okmlX1RVj3i3_3BrDnIH8HLPt2WqNgy3SjjcoE-zKbLhw7Qn--DT-QvI9juia6csxbWwWYveLstfd5LW34K3Y9rvzPxcJ2NLFjYewvv8Cqdw7s01oARGeNxxK4oxeY6_XycD5L9atYbWtSgCGpWZ8KWRvaysqKcGynN7ltRQfuaiz6puUXEOXrunZdCLxrGLoxc5VI1MIOIi9SUQGfkKE3N8MoVO73ObZvg73J3aYM0LGQLbKhEjl3u_NYjz-9JUdfNy8Ul1eMgN2q3UUujlVRbcmB-vHv_9KSYLmTHlxNvZk97h9jHC4fP7qHb4EzCT7wOVhs1fQRSs0k4wH_jZK7i1l4kR_ScWrW11XwGjVUHa3D7Oz2Fa0C5OJ5UY8hoWE-Moe-SHAouWFBfLdEPYasECJXenXic69MKJBrfhEOp6GgRgQhL6Oao_ZgUGLDYqfiQcoq7WR8boNptKj6UQlI551z_n5tqlJexGz6DPjA2gkqKgfxRjv6bQHaSKLgOhs9YhyY8KqMad8DFlRtD2OwA17bweNXDKgl3MZr2axPqEZzCquU4ddJ8FH_MZqho1SPoClb2-wP9X8QXxM9s7oOioYvpDh4YfFdACCLwPiF7W74g5V-JZe0kRuglMw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202109/04c4d37ae9c12cc7731fe54c89556f22.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202111/94651aacfc2eefd7411f99de237fb6da.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202212/a1ee9b988fd23d5fd545d7681a8c2706.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202202/dd3fefeb39f99742708f4762700dc3c1.jpg?w=150&h=100&q=100
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPEZ-X6uSqXNdiQ6iSHEWHE&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| documentPictureInPicture object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag object| AMP function| _typeof object| TRC object| _tblConsole undefined| msg function| _statcounter object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| adRecover object| ggeac object| google_tag_data object| google_js_reporting_queue function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| setImmediate function| clearImmediate undefined| google_measure_js_timing number| google_unique_id object| gaGlobal object| pbjs object| aries undefined| $ undefined| jQuery function| jqAlias string| nam object| placementData function| runAnimCheck number| ampAdSlotIdCounter object| __uid2SecureSignalProvider object| __uid2 string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_141 object| Criteo object| Criteo_identitytag_141 object| regeneratorRuntime object| ox_esp object| google_reactive_ads_global_state number| vidverto object| aries_registry object| _qevents object| __AMP_EXPERIMENT_BRANCHES string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN object| cmTag object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| ucf object| request string| paramsString number| ampAdGoogleIfiCounter function| quantserve function| __qc object| ezt object| _qoptions object| _cm_wfCounters string| lastWfUrl number| ampAdPageCorrelator function| inView function| VASTClient function| IMA function| VidvertoPlayer object| vpbjsChunk object| vpbjs object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog object| _aries object| inViewWindow function| startCMTagMain string| category object| vidvertoPromiseCache object| closure_lm_264507 function| shuffle object| entertainment object| arrToUse object| playlist boolean| descriptionPage function| OvaMediaPlayer object| closure_lm_488780 function| VidvertoPlayerVideoPlaylistUI object| dataLayer function| gtag object| closure_lm_914233 object| listeningFors number| 3pla object| google_ad_modifications object| google_prev_clients object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag_prebid_135 object| Criteo_prebid_135

162 Cookies

Domain/Path Name / Value
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1694273543.61C1AE0B4EE44F4889C8654002A96F84.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1694273543.0
.statcounter.com/ Name: is_visitor_unique
Value: 1694273543684280367
.bg3.co/ Name: __gpi
Value: UID=00000c9f98ccd330:T=1694273543:RT=1694273543:S=ALNI_MYOdbMPqrePSu64Y1PJr4nIiUAnHg
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3De037a817-ad52-46c6-9986-0a4142c9ceef-tuctbf61587
.doubleclick.net/ Name: IDE
Value: AHWqTUlpaNhCJhJxQI_5nImLXRaRv6u10bAKFvyykCu0XdBOA_aea_cDJk-x99wQk3o
www.bg3.co/ Name: __AP_SESSION__
Value: 93ce9034-f907-4dee-95fc-cfac2c7798f5
.criteo.com/ Name: uid
Value: 33885143-8586-498e-8708-776b0fa12a66
.openx.net/ Name: i
Value: 22a1666c-adfa-4458-a489-64e808906c62|1694273543
ad.vidverto.io/ Name: moxuuid
Value: 0cedbfba-6b1c-4f30-872c-f321e0d521a1
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1694359943
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1694359943
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1694359943
.bidswitch.net/ Name: tuuid
Value: a2757d6e-980e-477e-9df3-05a9ba443503
.bidswitch.net/ Name: c
Value: 1694273544
.bidswitch.net/ Name: tuuid_lu
Value: 1694273544
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 089cb91b-b441-4b53-83b4-d83b3f8bb85f
a4p.adpartner.pro/ Name: apuid
Value: 8c88e069-923f-4eb1-a059-df35a80f91ad
ad.vidverto.io/ Name: adpartner
Value: 0cedbfba-6b1c-4f30-872c-f321e0d521a1
.prebid.a-mo.net/ Name: __amc
Value: 1_1694273544_1694273544
.bg3.co/ Name: cto_bundle
Value: dZ6ElV9PbFkzMldZbENFUWdVJTJGRWhINXBwa2FjUXkxZ0g2RWdReXprVHBsQ1B4QyUyRmY5Z2Q1ZXB1bWpHbjZXSVVtV1VVOWFPR3ZuMFMxOUhXT1h0bEVMNXIxYUNEazRtS2xtMVVFVHhaYXU3a3NPYTg5bVhFNFBOczBJdWc3aDd2dWhkdXBVYzglMkZZUzd0NUFQY2QzVFRyTU5lTWclM0QlM0Q
.aralego.com/ Name: sspid
Value: 0390a976-2751-3cb6-b42e-79b7463f6a51
.quantserve.com/ Name: mc
Value: 64fc9008-a681d-b472e-91e05
.rubiconproject.com/ Name: khaos
Value: LMC6Q1NC-1X-DDAE
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoE7XVgp1JULLU1ZxogGjlwOA+xFj1I9sfQKCb/4IkTDg0TcDG+AnFGFY1mSS+2Nuvi2O0Awdzr82AQn2g7mnUSRw6xunrQy4Eijy0RC4Zd8dAPlTu0R9RN
.adnxs.com/ Name: uuid2
Value: 5803185560340488745
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 67a2d8f4-85f6-53fc-a4b9-750cc045e504
.betweendigital.com/ Name: ss
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi6-y_jaCQsUKJY1r79zv6xMTuSb6swY6T3tRIRPWSQGoNPlrw
.bg3.co/ Name: __qca
Value: P0-1398598017-1694273544381
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBAmQ_GQCEHA0wj5-bV06WtMJa9pWpOgFEgEBAQHh_WQGZQAAAAAA_eMAAA&S=AQAAAgCTRiLqLQKRPtjUpJLbUQA
.casalemedia.com/ Name: CMID
Value: ZPyQCRLTghbNSmm1ps0Q9QAA
.casalemedia.com/ Name: CMPS
Value: 3225
.casalemedia.com/ Name: CMPRO
Value: 3225
ad.vidver.to/ Name: bidswitch_com
Value: a2757d6e-980e-477e-9df3-05a9ba443503
.ctnsnet.com/ Name: cid_90e3f828c32747309580aacdb8544d3f
Value: 1
.ctnsnet.com/ Name: gid_CAESELNj8ohwbGiPuhUZWoN-XqY
Value: 1
.lijit.com/ Name: ljt_reader
Value: HSwEqGZHX1ykCr5nTfKNWEhI
.linkedin.com/ Name: bcookie
Value: "v=2&41ef62a7-9272-4f10-8d96-7a90a2424b48"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTQyNzM1NDU7MjswMjEq4xxEmc2Bk2rc9Ad2WF8XuXe4BdvMZVHpPuJOztw8mw==
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2628:u=1:x=1:i=1694273545:t=1694359945:v=2:sig=AQHggTZRtI_D5tk7ICxCnfZoKWI-0QEn"
.bg3.co/ Name: _ga
Value: GA1.1.2108848729.1694273543
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1694273546.1.0.1694273546.0.0.0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: anj
Value: dTM7k!M4/QD>6NRF']wIg2C%scr#DT!]tbC8i_iqf!oN/@E'zz<*Z0Q'waukuXmx7Nx:9#0nc<+m=AvNHiW)Y#jZ-j<QJ<:IJdX]IK<yPEk%1pVXC9LVOfRwP-cGJp</IDL6MBQV8tSbLG+8o79kpHLcB.c94gA:9sk@3@'s>TQ2SmJ
.bg3.co/ Name: __gads
Value: ID=67cde87ce0d7abdb-222485976cde0016:T=1694273543:RT=1694273546:S=ALNI_Mbk6tWOFOHS81pYinnqWDWwAYlvHA
.adform.net/ Name: C
Value: 1
.omnitagjs.com/ Name: ayl_visitor
Value: f1dcf399e55bd5e1a700af096fc5727e
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22148b0230-4f26-11ee-be31-bd2083d02680%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22148b0230-4f26-11ee-be31-bd2083d02680%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22148b0230-4f26-11ee-be31-bd2083d02680%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22148b0230-4f26-11ee-be31-bd2083d02680%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-OckRFhem5QrYVbhsopcMJQyz6BJYpRfWWlCNEA%22%2C%22version%22%3A%22criteo%22%7D
.adform.net/ Name: uid
Value: 6187144383698912030
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-P1YgCRem5QrYVbhsopcMJQyz6BJB0BteiHMiyA&KRTB&23144-uid:k-P1YgCRem5QrYVbhsopcMJQyz6BJB0BteiHMiyA&KRTB&23286-uid:k-P1YgCRem5QrYVbhsopcMJQyz6BJB0BteiHMiyA&KRTB&23287-uid:k-P1YgCRem5QrYVbhsopcMJQyz6BJB0BteiHMiyA
.demdex.net/ Name: demdex
Value: 08748365996684277941408132175648572991
.dpm.demdex.net/ Name: dpm
Value: 08748365996684277941408132175648572991
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-cac6fb04-2920-4a19-aebe-4adeb4403511-003%22%7D
.tremorhub.com/ Name: tvid
Value: 2e3f8bb630b744df9198c36023ff31cf
.tremorhub.com/ Name: tv_UICR
Value: k-OxX3rxem5QrYVbhsopcMJQyz6BKGpKkgygdmMw
.3lift.com/ Name: tluid
Value: 1031397355658418368995
.simpli.fi/ Name: suid
Value: C476D90D8D114802AA1EAC9476111498
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6A3DD244-F1DB-44A3-A1EF-7C8921ADF345
.w55c.net/ Name: wfivefivec
Value: lRcWGUrc1QEZWH5
.w55c.net/ Name: matchgoogle
Value: 5
.krxd.net/ Name: _kuid_
Value: PyTQ0WzC
.c.appier.net/ Name: _auid
Value: xeM5kxKSCkqMRI40C5D8ZA
.c.appier.net/ Name: _gu
Value: CAESEPNHEELUyg9oGgS5IlMjSSM
ad.vidverto.io/ Name: _mwayss_imp[22822][count]
Value: 1
ad.vidverto.io/ Name: _mwayss_imp[22822][frequencyPeriodEnd]
Value: 1694359947
ad.vidverto.io/ Name: _mwayss_camp_imp[10152][count]
Value: 1
ad.vidverto.io/ Name: _mwayss_camp_imp[10152][frequencyPeriodEnd]
Value: 1694359947
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-09-09T15%3A32%3A27%22%7D
.smartadserver.com/ Name: pid
Value: 3094586480578561071
.servenobid.com/ Name: pid_312
Value: 5803185560340488745
.servenobid.com/ Name: pid_317
Value: 3094586480578561071
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.gumgum.com/ Name: vst
Value: e_b48fd179-349e-41a2-937a-ce3fb3a4da79
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzsjQ1szA3MjI0NhDiM9RNCTZ2T7MIKssIySgBAI26mZ4lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzsjQ1szA3MjI0NhDiM9RNCTZ2T7MIKssIySgBAI26mZ4lAAAA
.turn.com/ Name: uid
Value: 3306217142786303795
.servenobid.com/ Name: pid_333
Value: ZPyQCRLTghbNSmm1ps0Q9QAADJkAAAIB
.servenobid.com/ Name: pid_310
Value: HSwEqGZHX1ykCr5nTfKNWEhI
.servenobid.com/ Name: pid_353
Value: 0000EEA
.servenobid.com/ Name: pid_324
Value: 5109685629568722130
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmliZG5samJhYmlxShyJb2xkBgCCrq_3IAAAAA
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-9b06a3e2-871b-3072-95a3-f952deefeef7
.go.sonobi.com/ Name: HAPLB8G
Value: s8685|ZPyQD
.servenobid.com/ Name: pid_309
Value: e_b48fd179-349e-41a2-937a-ce3fb3a4da79
.amazon-adsystem.com/ Name: ad-id
Value: A8O704mxYUSGq7KrCoaZROI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.company-target.com/ Name: tuuid
Value: a9a01fb6-0319-4ff8-9e74-92d85af26058
.company-target.com/ Name: tuuid_lu
Value: 1694273548|ix:0
.brand-display.com/ Name: _knxq_
Value: fa6e3ee0-d999-82f7-ab3288a4.1694273548.0.1694273548.1694273548
.servenobid.com/ Name: pid_346
Value: ua-9b06a3e2-871b-3072-95a3-f952deefeef7
.outbrain.com/ Name: obuid
Value: ee7a6e38-f679-4000-bae0-47c294995fa3
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4f3dfe533fe94986
.quantserve.com/ Name: d
Value: EJ0BIAH0KYEO-TC_vLEL7iCJ2BA
.creativecdn.com/ Name: u
Value: 9dk3DQFqnvASlXRLhLJz
.creativecdn.com/ Name: ts
Value: 1694273548
.servenobid.com/ Name: pid_316
Value: 6A3DD244-F1DB-44A3-A1EF-7C8921ADF345
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZPyQDAAPCXR20gBY
.weborama.fr/ Name: AFFICHE_W
Value: YizHkc4H-6Bi20
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6187144383698912030&KRTB&23263-6187144383698912030&KRTB&23481-6187144383698912030
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-8fi0rP784vfqreT39qj_rfP74Krq9eOq9_lFcmpy&KRTB&19420-8fi0rP784vfqreT39qj_rfP74Krq9eOq9_lFcmpy&KRTB&22979-8fi0rP784vfqreT39qj_rfP74Krq9eOq9_lFcmpy&KRTB&23403-8fi0rP784vfqreT39qj_rfP74Krq9eOq9_lFcmpy
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENQ_uMd4GUyDb-vC0ydl5e4&KRTB&23025-CAESENQ_uMd4GUyDb-vC0ydl5e4&KRTB&23386-CAESENQ_uMd4GUyDb-vC0ydl5e4
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-cac6fb04-2920-4a19-aebe-4adeb4403511-003%22%2C%22nxtrdr%22%3Afalse%2C%22zdxidn%22%3A%222069.66%22%7D
.betweendigital.com/ Name: ut
Value: ZPyQDAAOb1DW5ljetrFvIWy-PG-TW1XNhLkd3w==
.audrte.com/ Name: arcki2
Value: ce8NfkWQTqhQgyN6s9ieRLO-g!20220908!1694273548969!ip#217.114.218.23
.audrte.com/ Name: arcki2_pubmatic
Value: 6A3DD244-F1DB-44A3-A1EF-7C8921ADF345!20220908!1694273548972
.ipredictive.com/ Name: cu
Value: 92e8af9c-efbb-4b56-8ef3-5686377faac1|1694273548982
.zemanta.com/ Name: zuid
Value: -ZMbrrPMcoV0emvrWe1-
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-54837735-3aa2-5ea3-448f-639b972d75f0.G5lBsa%2FEldpabPOLsU8YSpWvZeoq9hl3hfehnMwWW9M
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-54837735-3aa2-5ea3-448f-639b972d75f0.G5lBsa%2FEldpabPOLsU8YSpWvZeoq9hl3hfehnMwWW9M
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVIN3NTqiXqNEj2Obly118Nly2hc.tnvvhMbhfoxXGJt%2Ff3vPN1k77ZmM3F2HPZ%2BpZT3O8%2BI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVIN3NTqiXqNEj2Obly118Nly2hc.tnvvhMbhfoxXGJt%2Ff3vPN1k77ZmM3F2HPZ%2BpZT3O8%2BI
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILc9PIkZuxhl46XHtKlu9P0kXauNH8-16qqjDPa18azmEHwYBCCMoPKnBjABOgT_Q_f4QgQkOebP.euwX%2B%2B%2FIBi%2Fhd3o%2B%2Fy20n5PLZVcAAnrC8%2F4gtXDBEN4
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILc9PIkZuxhl46XHtKlu9P0kXauNH8-16qqjDPa18azmEHwYBCCMoPKnBjABOgT_Q_f4QgQkOebP.euwX%2B%2B%2FIBi%2Fhd3o%2B%2Fy20n5PLZVcAAnrC8%2F4gtXDBEN4
.audrte.com/ Name: arcki2_ddp2
Value: ce8NfkWQTqhQgyN6s9ieRLO-g!20220908!1694273549153
.smilewanted.com/ Name: sw_user_params_infos
Value: 0riJZDjZL7dpgh%2BON74QZQckJVscxQ2OcOprT%2BAGnMbS8u7blVWUXcy83s1%2Fm4ZMy191H43cgLHE01Gw1Ic5eNZEPdEpMPZOtI5%2F2lSkHH8LZScHR2%2F1NGFyMHWaVXg9CPxZTqruYpXfNyRJF41pSrjUhpg6L8pSOGg6bvzRaxY6U%2F%2FP0OnsBBP%2FVOhVgxFCtz%2BXbzhGRecegpGz6VgDk2gKqU6oEDTGcxJLvBgSq8FaMhsscKT4Kfwuiz8mTAq%2F
.bluekai.com/ Name: bku
Value: ikG999txdsEZp/LD
.bluekai.com/ Name: bkpa
Value: KJhz0Xkr3p9D9BYF/EruzO70BrQoqxec2VD6BZaEQqaSkassHW3dFr3ZibbwpZGSjf6YN27XIpXmG5Niq60mbigVIFyyDMFtyrCCBmc7wBXZ02NSWaLx2Xf6FvMkkp8lkfkq3rFjQFQISE12nX3Yred52qWqnRCP5pgN7EgIwezKncKUFQejKp+m2A6PI/0MSWAuL90huEv4oKieO1jl3uddIWjsmx1DLLvVcEY+ANKUWbyeI4LGJNQKuJEE/ZogeryB3YCJ8aDaaSD1HaZQA9NbPRwNGxnvHjqZp5qMBsLnZxEDE0Jj95LFwGSqY5KnIdHI1ImMDXdxLVlfKyYVhP8v
.audrte.com/ Name: arcki2_adform
Value: 6187144383698912030!20220908!1694273549320
.audrte.com/ Name: arcki2_smart
Value: 3094586480578561071!20220908!1694273549417
.pubmatic.com/ Name: SPugT
Value: 1694273550
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1695427200%3A227_226_219_197_241_235_201_245
.pubmatic.com/ Name: SyncRTB3
Value: 1694822400%3A15_223_2%7C1695427200%3A21_13_165_71_54_234_166_56_220_3_233_22_8_251%7C1695081600%3A63%7C1695513600%3A35%7C1696809600%3A203
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5803185560340488745&KRTB&23339-5803185560340488745
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3306217142786303795&KRTB&23150-3306217142786303795
.zeotap.com/ Name: zc
Value: 4a15d10b-ecd4-43b1-6edb-e6059fd3171a
.adfarm1.adition.com/ Name: UserID1
Value: 7276849492046837911
.csync.loopme.me/ Name: viewer_token
Value: a2df4f44-a44f-429a-be98-a9156586eb4a
.onaudience.com/ Name: done_redirects68
Value: 1
.onaudience.com/ Name: cookie
Value: f4c2a20eb85ba444
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-VIN3NTqiXqNEj2Obly118Nly2hc&KRTB&23334-VIN3NTqiXqNEj2Obly118Nly2hc&KRTB&23417-VIN3NTqiXqNEj2Obly118Nly2hc&KRTB&23426-VIN3NTqiXqNEj2Obly118Nly2hc
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7276849492046837911&KRTB&23369-7276849492046837911
.nrich.ai/ Name: _nauid
Value: 73c55841-967d-4cfb-871c-e44d1f69a60b
.semasio.net/ Name: SEUNCY
Value: 4EBA4C750B7D9C25
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-a2757d6e-980e-477e-9df3-05a9ba443503
.exelator.com/ Name: EE
Value: "e03aefc9352946fc65388e53b39e6dc7"
.bidr.io/ Name: bitoIsSecure
Value: ok
ads.avct.cloud/ Name: uuid
Value: 9502da27-ccbb-4dca-8427-a4151de61d5c
.bidr.io/ Name: bito
Value: AAFf6k7J-SAAACerBT-Pqg
.onaudience.com/ Name: done_redirects147
Value: 1
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHVwDgxNS3Z0tjUyNLELC3ZzNTYwiLV1DjJ2DLVLCXZfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQbEl%252BUWb6IhfXxUUpaQyLSopPBR%252B19QQAqk8p%252BA%253D%253D"
.onaudience.com/ Name: done_redirects282
Value: 1
.smartadserver.com/ Name: csync
Value: 127:AAFf6k7J-SAAACerBT-Pqg|141:ce8NfkWQTqhQgyN6s9ieRLO-g
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFf6k7J-SAAACerBT-Pqg
.pubmatic.com/ Name: PugT
Value: 1694273551

14 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202111/94651aacfc2eefd7411f99de237fb6da.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202212/a1ee9b988fd23d5fd545d7681a8c2706.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202202/dd3fefeb39f99742708f4762700dc3c1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202109/04c4d37ae9c12cc7731fe54c89556f22.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 484)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cdn.adpushup.com/42753/L2EvZmEtaHVpLWppbi1yb25nLWNodWFuZy14aW4teW91LXNoaS16aGVuZy15aW4tZGFuLXhpYW4tc2hhbmctcGktbGlhbmctcm9uZy16aS1kYW4tYmFvLWhlLXp1by1tby1zaGktdHVpLWNodS5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning (Line 1)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 484)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPEZ-X6uSqXNdiQ6iSHEWHE&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6A3DD244-F1DB-44A3-A1EF-7C8921ADF345&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0680a2e874d6ba6d9e127aab8b3d807e.safeframe.googlesyndication.com
17eb0997b16e8864fa926d8c6bea3070.safeframe.googlesyndication.com
75af943cf76591a6135a999a133351ee.safeframe.googlesyndication.com
a.audrte.com
a.c.appier.net
a.teads.tv
a.twiago.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ad.vidver.to
ad.vidverto.io
ad.yieldlab.net
ade.googlesyndication.com
adpushup-d.openx.net
ads.aralego.com
ads.avct.cloud
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
adx3.adform.net
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
ap.lijit.com
b1sync.zemanta.com
beacon-ams3.rubiconproject.com
beacon.krxd.net
bgstats.mox.tv
bh.contextweb.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
c21lg-d.media.net
cat.nl3.eu.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cdn.vidverto.io
cds.taboola.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cr.frontend.weborama.fr
creativecdn.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d-27262595401722679046.ampproject.net
d.adroll.com
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e1.emxdgt.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
exchange.mediavine.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
g2.gumgum.com
gcm.ctnsnet.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
im.bluevoox.com
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
js-sec.indexww.com
loada.exelator.com
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.casalemedia.com
region1.google-analytics.com
rr1---sn-4g5ednd7.googlevideo.com
rtb-csync.smartadserver.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.thebrighttag.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
widget.nl3.eu.criteo.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
www.youtube.com
x.bidswitch.net
static.bg3.co
sync.search.spotxchange.com
103.231.174.251
104.18.38.76
104.18.39.155
104.20.218.77
104.22.68.131
104.64.126.246
108.139.243.89
13.248.245.213
139.162.23.100
141.226.224.32
141.226.228.48
141.94.171.215
142.250.185.194
147.75.84.158
151.101.1.108
151.101.193.44
151.101.194.49
152.199.21.70
162.19.138.119
162.210.196.208
162.55.233.29
167.71.9.19
169.197.150.8
172.217.16.130
175.110.113.213
178.250.1.11
178.250.1.6
178.250.1.9
178.250.7.11
18.192.168.246
18.196.138.245
18.197.134.14
18.198.126.47
18.210.34.36
185.165.240.123
185.180.220.208
185.183.112.155
185.184.8.90
185.255.84.150
185.255.84.153
185.64.190.81
185.64.191.210
185.84.60.29
185.86.138.155
185.86.139.94
185.89.211.116
193.0.160.130
198.47.127.19
198.47.127.205
2.16.202.75
2.23.197.190
2001:4860:4802:32::36
2001:4860:4802:34::178
2001:4de0:ac18::1:a:1b
2001:678:cb4:bbbb::11
202.241.208.52
208.93.169.131
209.54.182.161
216.52.2.6
216.52.2.91
216.58.206.34
23.212.88.20
23.32.184.192
23.32.185.192
23.32.185.35
23.97.225.52
2404:6800:4001:807::2003
2600:1f13:800:7781:dd90:d3ef:9f10:1c0d
2600:1f18:24e6:b901:df54:bbc1:d058:f5d7
2600:1f18:612b:4232:9d4e:6678:22fa:de31
2600:9000:223c:4600:6:44e3:f8c0:93a1
2600:9000:223f:2a00:8:48e:53c0:93a1
2600:9000:223f:e600:1f:4c18:bd40:93a1
2600:9000:2447:c000:a:e047:753:6381
2602:803:c003:200::37
2602:803:c003:200::45
2606:4700:10::6816:1857
2606:4700:10::6816:3456
2606:4700:20::681a:467
2606:4700::6810:5514
2606:4700:e6::ac40:c526
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:16::6
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9d
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::13
2a02:2638:d::a
2a02:2638:d::d
2a02:26f0:3500:12::1730:1786
2a02:fa8:8806:12::1400
2a05:d018:cc3:fe05:2a7f:a7af:d979:6620
2a05:d018:d29:3602:9368:3d72:e6f:ea07
3.126.31.96
3.130.41.166
3.221.79.249
3.65.188.50
3.71.149.231
3.75.110.88
34.102.146.192
34.107.148.139
34.111.129.221
34.111.131.239
34.117.157.22
34.120.107.143
34.160.19.107
34.246.32.191
34.250.238.79
34.255.244.27
34.96.71.22
35.186.193.173
35.186.253.211
35.204.74.118
35.214.244.205
35.244.159.8
37.157.6.233
46.228.174.117
51.255.68.171
51.83.220.94
51.89.9.252
52.0.248.85
52.18.182.246
52.210.15.1
52.22.231.105
52.223.40.198
52.28.44.182
52.31.136.103
52.31.202.102
52.45.175.185
52.48.219.162
52.51.73.145
54.154.13.244
54.155.69.215
54.197.82.124
54.239.38.253
69.166.1.34
69.173.144.137
69.173.144.139
69.173.144.165
69.173.151.100
70.42.32.127
72.251.245.179
77.243.51.121
77.245.57.72
8.2.110.114
8.2.110.24
80.77.87.163
85.114.159.118
85.215.5.31
95.101.148.20
95.101.149.233
95.101.149.35
96.46.186.57
99.81.152.59
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02af9ea0a3a533823c235a2b73ed42297c9e486f1320e102008ec0908ce21191
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
099e460bf2d1515f5d21db2d4c07dc6efe4de8f92a7c493e04b3c76ad48abd3f
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd6c964a0c70aae4add2037b40df14ae771299aa1b1705120d2802d8e86c790
0c213a8d70c80b971b86f687c07e47113c6917f8d524b9fc73bc4c94437f79e5
0c7cf8c8994757bcd770db5e1ab5bb2023ca625d16262d67a178fe32cfce24e7
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0e20f266b578a95dac40e2431daf0327994e5384635021792a1320a1d8cfce2d
0eabf223abecabda52f55a16a73a20e2465beacb8811cdb8d129b4e8378937b6
0ed6c3c38cbb3be63ba96c4508b373c54b0d811e8703d416cd1ef7651eee414b
11767bd7c954227520679d637bd5ef6d21afe893afddb77688d5e39fbd5853d9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
1322dd3cfb4302331a028eac04164f003f2d7567eba0cb79f9ff0fa885bc40de
13c151da3c1ba1beea84e45b9a7f92f2b553c26c07615626a55745d5595cd42f
15bb78aee04d907026025679d99816d4486a45351857c2a833b1d1711876fad1
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d4481e93f9b0160d593215f1bd5c383a2ce72574a0e439979e991b80e3858b9
1d6ba73048e8c897fde133631ba54d3857a910d25eecd21c79825a69ffb41d49
1da8c9de4dd18fb2f600f2aaabe17fba093ff3e313b073bc5099775744e9590d
1e5ce45b55842b6a10e9d4aace360443b7872249ce280056da6130d20471551f
1e69f5e67bf3407e626f25a92195ea69acf93dbdb690ef95c45ea371e3300c75
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
207210d8864b8be559db7548030a13698f73c5c3a5678c6bca09c46cf12d69e3
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
245adf3d443ee1cc05a719c01b6831e6fb12c53b5c09b85dd60849477330281f
25d073aa756388dae127e3f29cbbb1fd8fb63584010ef58eebef63598e249c92
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0
26866d7638768fd7775abb8b9c43a36fc07f94dbe6a04671ac4d6d964b489ebe
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2733f4c9d329a470c14450dd885bf02219a19ee63d30c67439a250ebbabc107c
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2791315b51d5575622b3e44be08d617227c617032471a171daa38b9dff37b263
290365d365f756a57f1bbc1baec6089a29a1075c3582e4347e91816c8c758977
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2de8e237804790e8b8355f65667cb101e0ef40dc8ce0eb7d458415138e14863f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
304d72f47d1dd498bdcc3151838f13d95effb2f4d678552917e0175b81393aa3
30c7055d398a58f876c3279af72362afdaca978c5f61b5d67abc510e511921d5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3172d72fc88492eede463818ef095356e52a4350a052b866eb311bca2ba6ee19
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
323a5ba8eaa08a8f3189a13ac416634d39d5be0735244970c19e75bcd43be04a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3682ad3ff57003cb05702064073c0429c9c7a8677de21df73081a3cd48df53fa
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b23c34796d7e2664380db6ca1cf32ca82fd73a7577e7a77fb10df44bf111e86
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3c0d9e37e84dce8c7cbdcf693b07b616bf8f1b6cfcba0eb651a159d8be031f8c
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
3cbd24d65fca9b12a04b7d93a5c7f8facd8e872fb3e6a8b4071f2df07a496ac1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3ea37b21bf97ad9260a3e8bda008d540903177a17191c77aa7d60d4337b225d4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eddc6676189b7271e28067a6b18ebb43dcdb8eee0820753a8111b0b67f6d84f
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
415d230a7f237f3aefcc12b80c273ba3a4f153478982055db5b7660951b007f0
419d2379d8ab86a1cad7f6a8319fac69c3b65fb782c42b149c0593f8d175d7a5
42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45b3d2966167678b72ef6c38e712dccf8bb9388b9f6aa4d95c104f860f3edd70
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
472681b92529d46e3cc75519c8da89d237e5d98207f4cb245e851371f17500fa
4742d841247706ded62d8e6d6c81b79fd12a98489a61bbc82cb30fe9483b886f
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
495287fe1cac500fc546807909a1918d128d0a76c6746b273d4af06adfca28dc
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b55c2d006159542f169aef9b17d21177727f8d8717fff965f051f390c020c24
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8d78e8d552042fa1656bf8bac2281ac6929573811ce4d968eb85d339af6903
4bc2ba92bbd7834dde35c75001163cc6396ae53649c784c371a803d03c764500
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eeb2aaccd30126487836d039ae95177e5d924f1100a5bd706bd86940adc4d31
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5302bfe1d93dd4e0efef96171eda6cc8a0a07b18d1ed21d428db1e49c397d33b
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5415898105dab245e3e27a19cf65c9241e13b6cb6c2710de79c6c65dae1ffb47
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56528ce794748a6b7c6ff89114422c304b953c444670748adef43e5506bc8a80
569d5b2b005f9111a6788e96b4f5c0f6f877afdf743700f2763da63d2d0e1ba9
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
57272de8182992c7b7401e2e936966ca75fec35b83dc6a535e6aa7634aa9a98e
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
5736f198debdd806858ff4a7488a57e5ef17b8b21d4fe08f5311cb044694da0e
59376d134138f7c027cab95abb748f6380c46945a53bc5db414e34f3bea4f1d2
59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42
5b4320ae1f690c81114bd9987f60f99284454a6dd52593708dfb26b56956e1a9
5c4987453c355753e1b3e5eb4f643360f231845a6aecd0003449053da2335e4b
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6214b8cb35a8eab87dd3348c8232d4b7a21cc863e04705c5367cd35e5eff2cc4
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63eec33fb3a724db4a34153d1e4670990054a9f7f5bef60c6998e28d0b65523d
659c04daa2a54bef52f7966dc3500b8e702c6c8cd1c4a3bf5516234d3fb10a74
65e8e0565fcbdc73e1d4d16baae65fcfadf199083076d0c4aa908cc04b2bc9f2
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68c9b585e4b7bed0162034533ab90f9a0c90d308b059fddc9a21a483c6d065ab
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae6ab32ecd3e3734c41074d1099f782a4efb96bab188ddde635f7d7fef801c4
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6ba429df07d3a650c76259a2c5ca23535b7e49447390e39f00b1c2dbb7e7e767
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6de184fb019d6a0ae817458788d73e440c75f9baa8a0a80f692b9f85426c8db4
6e7e4a733e4c62ade2162a888258f6630f6111ca7585921f1ccd5eba7c736d08
6f7360a1dba8cf357c1970e01ebbbb4f52f6af021c67774a67741410d1c6452b
71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96
71a291528532a8bcc514426df8bb56c516650990819adeb7487536b64331aa35
71e375d5444b117a25725466b97c277c7b7243523340f8ace4c58ad259f28982
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
74ef1dc879279b310d54c27709e0b28aa7d18b1f7c23b4f1733b03047d538f2c
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7a091b62393cbbd56920ae6acb1dc7f90e08b6fd6a922b8be5fb65fa7b3eafb8
7ac1f9339ae0ce4a4cf9e4fe5bb034a40ca1f2343c7b8c8b64875658584af3f4
7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
7e010ff261ce300f957a626b6b7a38452bd21ce9e153917ddee04012c8cf160b
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
8098f89873bf6b58ca48a2797fc926f133e128a251c9c66578ef0f8695597899
80b35fd5838ae3aaf8c3f8108511fddbd31b5af5ce5951c6dbc83af9b0b1a9b3
8126c066236d4b4f10bb3159a5bd66c4759458173c231a790953e49dca0784ff
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
830103620c091313a2e6f63fa3dae05753dbba978c6e9660850c05fd8f96cdaf
83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834547203256db310a21bd6c541e05b13c741da4f7aec1c65e6d9d43f5eefef6
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
84df7329e1b5b8b57dca26750bdba9cebf3371f8988115f49c2069f2414e0325
84e83d32440ce30b13df30395ff8ac21db21ca6f555bf3cc0f071fdcfe56b142
84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc
851e04ab30d3036701fa3d2b2a3db761579f1319cda0819efb17a2d7cf3a2862
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
888f76105fb77df4b08a77b9fbf0746568ac052c7bc8597e5e0880565b86e895
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ac36cb8e899f57d4673ebfc077f32281d442aaadcef023de37722dbcd809b10
8c8b32cae16b2422e22ee40637ffef2902def7ebf9124067643058fecde8699b
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d5d8a47dded81a477a7bc9cf9fe538a5736b165513dbf427d804a2e55ad9feb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd10c4eabe829c55b6dc7b0b3c581ef3809a309008d16aa34ba0ba092f2b1d1
8e095b319fa58a7ee8a3b853b538aca3b285e9e9364125694b4f0bdfee743932
8e216ef6426028ff54f8706b86c8ea7243a5cdbecbbbcf72ecac62b5a8541c0b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90608465254fd7de53e5b34b177fc1154d0b9ff6698793a1644004666c644772
91d5c929d603976d4cef2a043200c9556cc06925abd28d19ee719301ea617275
922f436265cc66b14ddb4a84abbcc328c10f1c892425ce6c9330f13ed1b50cb3
9233e854060540506407be1a554fe1c5f568ceea94e93694c6ca4a64f8a5d01b
92593c6a28aae40c8316f1aab2b56e8f1a5c24d5bc2341e3a28e6aab9448fe7c
925bb83c8c4be0dd4ef4fde8d55a2f44df3e3e48dcfcea73120f3ef1c84e7005
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92d26eeaa6218e446d5142a63cbd4618b5578dd1a49933d731779576bb810628
92e9ff777c9b2a39cc3e553f452f8eb7e624123cbd726471e169d145aa0888b5
93ce2e2ea9326da5e65fc5354daf17b3e745653fa011bc8317dbddfd0372e9a1
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94770ce0c0b5689e565d49a98d7360f6651a9f76602ef28b724a13c7414a3124
94fbae877ac9ccf349fb9534c36b97a6e6bb6adeba86ea4cc285842b560e16cd
96260f46ee09ae07a93e6f76ded9b1e266409328e777adc531e4e068741b1400
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
995fe68ddec5efb6677a72e2bdca4ddf3a55d7e8b2798f65541b72d8d6183741
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aabc95877405be6d241a9c2aac270eb9f0da56062d1cbc78c922eaf9004c8b5
9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9d40a16c771c566cdf8ae4d69d6c892e745801815268a313be198fa057aa29c6
9d52c7c5050b088109075328a9e830e4bfdf6446c763b9e69c637d5c0e11d599
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9da2d7a84e76c27b93b2c4cacf7d94664404afa4c832a51b61516c3e510467c8
9ddc1e3dc8aec7238e1d6f705a82e19129ecc8a58fe126b90da0ce08cf8bd3a8
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
9fc46b277a3650003611509d8364e2ce364a01b107ee15eaed5d760e719697a6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a01861491a20c7db08bb7721f8666131c59f378dcaea51c0c1b9c6b83362de37
a01b74752f83eb2dfd488ed8a3676543d586070b10f38c1f1377cbbbd591d9a6
a042db05b3deb9bc8f9219d7789eab00b3abb930f5a9baeb5901da6a8619a4bb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a170dc28f20c2aa1b8ac2566d5525075b59140223cb6aff0798ceada64b83b85
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042
a2c0b56e48f5c453c09b9229d70e9e85aead182f70b1ff39245061bf60af6bc0
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a440d81b059f2c7efa3eb245c14956fb8653592af53a4b0adde328566b3bea37
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a49ae647f8660cae898d2e69eedda8a1572eebf9fcb7bcb8e41f00b9d8f61a62
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a578de7e84533a074f798db577969c90c27bdd809913d301fb0cca56c85d46e6
a5b218a113bb8af7b9a3f9b1fe7c93efb1d55f15f0c0c69386063355d84c690f
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a704924431ae2551fbbd061b6eedd63637245955911095c27fca7819d5ed07d6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
ab26e5fdc70f81dec778eb313ee86ff75d9f2c539e406790c1ca3e664838f1be
ab2ca67dd2f6aea748ca0e12dbee889e28df500c319756e726ace579a18209d2
ac39710ac19304041224ce638fd2cbcca17bca744544ef5f40bf05a7dbf22deb
ac8f57da73198d0ce1d7dc5537d21ee4ab8c099c5d48e053b2dd1dcbfe2e0128
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f
ad29cbd537b5f8bc727d8c4c776e84b01bf146a40aa8526f09f8ea8132cc8c3d
ae099b22ee17dc61b8f56a13c86012cbb24a8f0f5f5c4ed345102ca36bef34d5
b0b6ef2f1b459715ae92912485289391fc0f5fc55958cfd6e872e7968b98e6d8
b0f7678fbf2f90768a9615f91d0e8a4ac403d25b52059a4da242e044b823b588
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24a5a22fd60398fa07091522fe514e67cf755f97c9a4943dfcbda0136f9a3ca
b2667c5a21fcde467613da8c09a1137467ff3ddbefd3cd4a8cc9f1b794524fba
b4d497b7c8628086afa7dafea39f53141b29a568988a8e714e9528d8fbdba80b
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b8b6b5a81c0b406bb33f14b1d0710c222ee352c1cef2337570648a74e2978287
ba38bb8bfdb8827b1f46f2dbb094fa1d88db8cc18b675d79b898109a455bc3d8
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bca0cd197c020a27755c9010fbf1f4856e50064f5aa9efdb77ba2819afa1c50e
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
be1f75994e53be710e621d9552d7cc796a347e85622acc435325d94e076b6996
bf796dc7a1fbb60f5cb5579d04e7354c69d6304776b999bcf822d9c339910841
bfb968ff7ebcfc502af4bee0e5b4fce1b3ddfc29b883947aa18737c7ddf4dc05
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c20160bd3fef104ddaddeb061d723f4dd9f645eb90d601f3f06a8ceea295207a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
c40400a8cb60596f74414a9bc15a6a1a52f376d611201733f01c62ceceefd92f
c44e080ef80f83f7fc346253431046ff2bfe10ff0762acc1c247be5e169547ea
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c7aeec1e3bb5e3c8fef3ac65e6da2240ac566fe0b87169e8332798309a5a33a6
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcce6fbc676bcdc4c9f2e2cbdd40cee40a4b9066f829f4e9e400cbe142183f2
d09b7f91ebcaceef1376fb04de6c7d9977118bfbe313ade191c684ac80c91fab
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d209044eee95f250ceb2df603ecbcb0254db0d89c24de59953a9b74cdf75c73e
d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc
d34083a65ff0e36a3d645ece2161f69414caf9f8aed2d21e288e7607c5ddd6dc
d45de95e45b1ed53ff4c9439986c5fb5c865c9e43e1020cc7aebf576a02e933b
d59d16de2ae537b1191d02a520417356103c4ec446bfefaa9d5c990ba0cd57b5
d6090ef5193fb5825e5ec7e6cc12c0b4dd410153c4bace585a6f0dd9390f15a8
d6a79154fa8d80adb91d60adcd5849f11f1c81eaac0fc73daa8efe1deb8f52ec
d8b265d1bc8bda1b76f4fd52e3ab8b41cf58170428605264e91254a06851430d
d8ba4d0c7bb96b7ba43d942c0a9d4e988c7ca26152f6595e5b85004386e207c3
dae0b88c1732815e47cb0d2d0d7e270b9225d316216ee4ba20ab74eea6d8525c
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddc9142d756ee21e54f3a35794d50954db4e1e00afeca4c181a7d7a6963588f5
de6f07141f9284fb43cdc61e9a971063f012530bfe00704755ac0f3c2dcdbe6d
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e016d3df93459256a6fe9e8138adba21bfba1589672c6149fb5bbde470580c20
e100c2d45af0aad2060e08a9af3e94ea251728b9d200af3d5df94a70acf76f42
e2753d0d7f293d954ca2d9f45faf09744f0eb6fe10cd9fef35772758e25c2253
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e6b7babf84ce7797789a5680401cb436cdc9118988848a158ca54418412d1083
e6c8e5d8f9dfdf80e504334c395c434604c490eb99e566ed22925d554a325114
e6ec481ee39bc8a22eb6cfce9ce2f7979bdc0528bab5b77c0dbc22a666e1c705
e81a49a352e4219c8e0eeb4b40eed0229c595c30b5e308e45637480d7e035a42
ea64c6c77264080f9c0adc067ac62a29557a01dac182dcd373efff3b5c38c9df
ea732f76376c1f93798e4ff7078477a9121323b1930e474836f07cbce1f1df29
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef521b41617db833a493dc9fb56206d4be48e8f89eab0086173aba7726c7ebfd
f04dec60e317076009dadf5a037a1d105e9c67a06f1b3998ae02dda3f4b307f1
f149685a7ee57be9021e9195fe13705d2656c54b066f08be7c06a22c91b30585
f1c34e6838e66bdeb8deeb506d6d9c52e3eaafd7e572136976c8064d625ffc66
f2e2d070a3553851e9e37c3fdd36eb0a80dee8b87371e34ecfb718188e971fc5
f4d2aa63a4741c42282bb7f0a1b268ab5febd60cb7828dab0d396791a2a170a1
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f9a24f9dfb05a77991f0a2412563106e79d909f8e384cfe06c881fce9fc95ad8
fa185440b368fa090268f010095c9a583c578379a1e0e3db16f66a82874e0e01
fadf8e6cbd7b8b1b07184fc760be61dc5edf839c15a0d075ee489f3ddfb143d0
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0