www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

URL: https://vidverto.io/?utm_source=vidverto.io_branding&&utm_medium=www.bg3.co

URL: https://2mbxk5.llsdzktnxwnnr.com/
Title: Außensauna | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

URL: https://fqh1vk.llsdzktnxwnnr.com/
Title: Knieosteoarthritis -Behandlung | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

URL: https://fbae83.llsdzktnxwnnr.com/
Title: Wärmepumpen | Gesponserte Links

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&ri=ee588e79f3396b4579416cfb9b33e7fd&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&it=text&ii=~~V1~~7402967547609522460~~uRgrkJ1_YyDLY-24MbFcxkhnRf9aQNl1qY_HTasHHv3noZueAsnM0UTkqRiz-o8uV9GNaet_FWxUAZ9PPPsFwV16VlaXMAKuRVCs2qQLMgfgGve6sxh19RnZCaIv09ZE_OeFEccbM5tXcOHWzNhpSNMGwykWYp1mCZQKPKKViybtWQ4PJW7nz3LbTbvf3t7XQQmOD5A8UG6LyJMqijFljJxFtVj1S2j8Uvlszv9Rgm8&pt=text&li=rbox-t2v&sig=3ea99f5845040ed268bc4447013b18bf1781c1166480&redir=https%3A%2F%2Ffbae83.llsdzktnxwnnr.com%3Fnetwork%3Dtaboola%26subid1%3Dpalmate-bg3co%26adtitle%3DDenken%2BSie%2B%25C3%25BCber%2Beine%2BW%25C3%25A4rmepumpe%2Bnach%253F%2BSehen%2BSie%2Bdie%2BPreise%2Bhier%26subid3%3D1524057%26site%3Dpalmate-bg3co%26click_id%3DGiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCC4nFwo9aOKrInT_crRAQ%26subid4%3Deo-ch-a-hpmp1de-322806-a0103-tb%26kw1%3DVaillant%2BErdw%C3%A4rmepumpe%2BPreis%26kw2%3DW%C3%A4rmepumpe%2BKosten%26kw3%3DLuft%2BWasser%2BW%C3%A4rmepumpe%26kw4%3DMit%2BLuft%2BLuft%2BW%C3%A4rmepumpe%2BHeizen%26kw5%3DLuft%2BW%C3%A4rmepumpe%2BKosten%26kw6%3Dg%C3%BCnstig%2BVaillant%2BErdw%C3%A4rmepumpe%2BPreis%26kw7%3DVaillant%2BErdw%C3%A4rmepumpe%2BPreis%2BSchweiz%2B2023%26kw8%3DW%C3%A4rmepumpe%2BKosten%2BIn%2BSchweiz%26kw9%3D%7BCity%7D%3A%2BLuft%2BWasser%2BW%C3%A4rmepumpe%26kw10%3DAm%2Bbesten%2BMit%2BLuft%2BLuft%2BW%C3%A4rmepumpe%2BHeizen%23tblciGiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCC4nFwo9aOKrInT_crRAQ&vi=1694217006117&p=mmosworld-carpet-sc&r=52&tvi48=12004&tvi50=10367&lti=deflated&ppb=CHU&cpb=EhIyMDIzMDkwNS00LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI2NTiAwp71A0Cy0A1IyIgQUJPr4gNY____________AWMI-0YQ5F0YMGRjCP5IELZgGAFkYwibPRD_UBgyZGMI1xYQ1R8YI2RjCKohEKYtGAdkYwjSAxDgBhgIZGMIlhQQmBwYGGRjCPQUEJ4dGB9kYwikJxCDNRgvZHgBgAECiAHJgoxJkAEcmAH22M-5pzE&cta=true
Title: Mehr erfahren

URL: https://intouch.wunderweib.de/charlene-von-monaco-ihre-verwandlung-von-frueher-bis-heute-113992.html
Title: InTouch

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

URL: https://www.lecker.de/schnelle-vegetarische-gerichte-30-minuten-fertig-51981.html
Title: Lecker.de

URL: https://8q4p9p.llsdzktnxwnnr.com/
Title: Fettabsaugung | Gesponserte Links

URL: https://93f06b.zbrjtstrclnm.com/
Title: Kleines Elektroauto für Senioren | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%205:
Title: Sponsored

URL: https://9mq79m.llsdzktnxwnnr.com/
Title: Arztjob | Gesponserte Links

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&ri=3660ddce3bcd19098078050bc7c9fe69&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&it=text&ii=~~V1~~2012699719954622209~~3xM7FffsBaEWbOw0FV44TSRYE1vq2ZjhYLYXWYlLsP19_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l16xQ-F7zlBKXjBek9PAy_PSAvcPbaZCteIfcEM6ab0GSgg41dgAZMtE3ficY8PD7d0Yql0letgVuMS_qPCmnWeuME3FIWDZNlT7mtVeMfctYZpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=1be69d3b4129562de89a20a1cb907d92829d8dcd3a7e&redir=https%3A%2F%2F9mq79m.llsdzktnxwnnr.com%3Fnetwork%3Dtaboola%26subid1%3Dpalmate-bg3co%26adtitle%3DSo%2Bviel%2Bverdienen%2B%25C3%2584rztinnen%2Bund%2B%25C3%2584rzte%2Bin%2Bder%2BSchweiz%2B%2528siehe%2BGeh%25C3%25A4lter%2529%26subid3%3D1524057%26site%3Dpalmate-bg3co%26click_id%3DGiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCCEqk0ozeSMn4mCgcHKAQ%26subid4%3Dmt-ch-a-doct1de-488614-a1206-tb%26kw1%3DArzt%2BStellenangebote%26kw2%3DStellenangebote%2BArzt%26kw3%3DAssistenzarztstelle%2BAugenheilkunde%26kw4%3DHno%2BStellenangebote%2BAssistenzarzt%26kw5%3DDermatologie%2BStellenangebote%2BAssistenzarzt%26kw6%3DRadiologie%2BAssistenzarzt%2BStellenangebote%26kw7%3DStellenangebote%2BAssistenzarzt%2BAugenheilkunde%26kw8%3DAssistenzarzt%2BJob%2BSuchen%26kw9%3DUrologie%2BAssistenzarztstelle%26kw10%3DAssistenzarzt%2BStellenangebote%2BDermatologie%23tblciGiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCCEqk0ozeSMn4mCgcHKAQ&vi=1694217006117&p=mmosworldeducation-sc&r=60&tvi48=12004&tvi50=10367&lti=deflated&ppb=CKwG&cpb=EhIyMDIzMDkwNS00LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI3MTiAwp71A0Cy0A1IyIgQUJPr4gNY____________AWMI-0YQ5F0YMGRjCP5IELZgGAFkYwibPRD_UBgyZGMI1xYQ1R8YI2RjCKohEKYtGAdkYwiWFBCYHBgYZGMI0gMQ4AYYCGRjCKQnEIM1GC9kYwj0FBCeHRgfZHgBgAECiAHJgoxJkAEcmAHM3c-5pzE&cta=true
Title: Mehr erfahren

URL: https://electriccarsch.space/
Title: Elektrische Autos | Gesponserte Links

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&ri=3660ddce3bcd19098078050bc7c9fe69&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&it=text&ii=~~V1~~225206919705064668~~l0DBV1Ha1s9Jt3LK8Gc1qUnET0Z7qSFVl2-fdWqkgw5yNpbgedRdYuhjTdtdbeHkAMR6N-neyHTDxGkhKOVyKmZuWSKtCQnK1HQIrJoWRnHeOkHFJkdKeX-IzWZJXaz7RdbgwlJdnqyroTPEQNNEn-ZjJ_akNztDyaOSNr7hF5Y&pt=text&li=rbox-t2v&sig=fa6b62da8f6fc99f5ca08ff3f1c788fc654b74cada10&redir=https%3A%2F%2Felectriccarsch.space%2F%3Fnetwork%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DNiederg%25C3%25B6sgen%2BDie%2BLeute%2Bk%25C3%25B6nnten%2BElektroautos%2Bf%25C3%25BCr%2Bfast%2Bnichts%2Bbekommen%2521%26sub1%3D24648849%26sub2%3Dpalmate-bg3co%26sub3%3D2023-09-08%2B23%253A50%253A06%26pxtb%5Bid%5D%3D1160933%26pxtb%5Bec%5D%3Dclick_event%26pxtb%5Bcid%5D%3DGiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCD0-lso_Pn-mpfCoeedAQ%26kw1%3DBeste%20Elektroautos%202023%26kw2%3DBeste%20Elektroautos%202023%20F%C3%BCr%20Senioren%26kw3%3DBeste%20Elektrofahrzeuge%0A%23tblciGiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCD0-lso_Pn-mpfCoeedAQ&vi=1694217006117&p=medianet-generic7-pp&r=46&tvi48=12004&tvi50=10367&lti=deflated&ppb=CKwG&cpb=EhIyMDIzMDkwNS00LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI3MTiAwp71A0Cy0A1IyIgQUJPr4gNY____________AWMI-0YQ5F0YMGRjCP5IELZgGAFkYwibPRD_UBgyZGMI1xYQ1R8YI2RjCKohEKYtGAdkYwiWFBCYHBgYZGMI0gMQ4AYYCGRjCKQnEIM1GC9kYwj0FBCeHRgfZHgBgAECiAHJgoxJkAEcmAHM3c-5pzE&cta=true
Title: Mehr erfahren

URL: https://9flsg7.zbrjtstrclnm.com/
Title: Detox | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%207:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&ri=10f9354cefaef02720b4c0d104209ea4&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&it=text&ii=~~V1~~2512843388684840427~~R5n7tJhRa6Ur-RgoCn8hqUpeZPxo6Rd_HGvFveL6wTpw6cLzOYgYTH58zK8cIqqSdUudc3ZNUpLlGTEa2iDnAyu4CCMRHt9EeWxEOz1OTPUDEouc7kgqurErrZBl-3ShRdbgwlJdnqyroTPEQNNEn-ZjJ_akNztDyaOSNr7hF5Y&pt=text&li=rbox-t2v&sig=d4ca4164bb5cb56e21e177fe87c44e7bdf6da3378318&redir=https%3A%2F%2F9flsg7.zbrjtstrclnm.com%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26subid1%3D26706963%7Cpalmate-bg3co%7C3720530274%26subid2%3D1524057%26subid3%3DNiederg%25C3%25B6sgen%253A%2BEinfache%2BAns%25C3%25A4tze%2Bzur%2BEntgiftung%2BIhrer%2BLeber%2Bund%2Bzum%2BAbnehmen%26subid4%3Dch-de-tb-andrea-detoxpr-080823-all-v2%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DNiederg%25C3%25B6sgen%253A%2BEinfache%2BAns%25C3%25A4tze%2Bzur%2BEntgiftung%2BIhrer%2BLeber%2Bund%2Bzum%2BAbnehmen%26click_id%3DGiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCDi518o8dikvuPTht67AQ%26dpco%3D1%26tblci%3DGiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCDi518o8dikvuPTht67AQ%23tblciGiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCDi518o8dikvuPTht67AQ&vi=1694217006117&p=tasteful-detox-sc&r=73&tvi48=12004&tvi50=10367&lti=deflated&ppb=CJQB&cpb=EhIyMDIzMDkwNS00LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI3MTiAwp71A0Cy0A1IyIgQUJPr4gNY____________AWMI-0YQ5F0YMGRjCP5IELZgGAFkYwibPRD_UBgyZGMI1xYQ1R8YI2RjCKohEKYtGAdkYwiWFBCYHBgYZGMI0gMQ4AYYCGRjCKQnEIM1GC9kYwj0FBCeHRgfZHgBgAECiAHJgoxJkAEcmAHM3c-5pzE&cta=true
Title: Jetzt Suchen

URL: https://5b58fd.zbrjtstrclnm.com/
Title: Unverkaufte Autos und SUVs | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%209:
Title: Sponsored

URL: https://ressaymonstives.com/719ed8ca-3593-45bd-bbfb-ddec89552579
Title: Kredit | Gesponserte Links

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&ri=44a2d311faa0af48a193853924f6cb76&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&it=text&ii=~~V1~~5096249911952132729~~X_CXKYex-o-OaCV-LP8b95P--TZedY5Mu4wJ81Hgd-B9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l1707eJUPRlHB26DDBoWz_Nx9dx0QgIkBBd2_R8JmB7o2wg41dgAZMtE3ficY8PD7d1HiA6Zm24Wc6ozYqPg4maJME3FIWDZNlT7mtVeMfctYZpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=27675f5ab39e1e7c4d884e32299835c7f661328eb1d8&redir=https%3A%2F%2Fressaymonstives.com%2F719ed8ca-3593-45bd-bbfb-ddec89552579%3Fsite%3Dpalmate-bg3co%26site_id%3D1524057%26title%3DEinen%2BMinikredit%2Bohne%2BEinkommensnachweis%2Bzu%2Bbekommen%252C%2Bist%2Bm%25C3%25B6glicherweise%2Beinfacher%2Bals%2BSie%2Bdenken%26platform%3DDesktop%26campaign_id%3D26881179%26campaign_item_id%3D3722998406%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Fb464e2c247dbe4871755014a7046cf80.jpeg%26click_id%3DGiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCCaxV4ok829oIDC05sj%26site%3Dpalmate-bg3co%26site_id%3D1524057%26title%3DEinen%2BMinikredit%2Bohne%2BEinkommensnachweis%2Bzu%2Bbekommen%252C%2Bist%2Bm%25C3%25B6glicherweise%2Beinfacher%2Bals%2BSie%2Bdenken%26platform%3DDesktop%26campaign_id%3D26881179%26campaign_item_id%3D3722998406%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Fb464e2c247dbe4871755014a7046cf80.jpeg%26tblci%3DGiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCCaxV4ok829oIDC05sj%23tblciGiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCCaxV4ok829oIDC05sj&vi=1694217006117&p=wanduumdentalandteethcar-sc&r=74&tvi48=12004&tvi50=10367&lti=deflated&ppb=CDM&cpb=EhIyMDIzMDkwNS00LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI3MTiAwp71A0Cy0A1IyIgQUJPr4gNY____________AWMI-0YQ5F0YMGRjCP5IELZgGAFkYwibPRD_UBgyZGMI1xYQ1R8YI2RjCKohEKYtGAdkYwiWFBCYHBgYZGMI0gMQ4AYYCGRjCKQnEIM1GC9kYwj0FBCeHRgfZHgBgAECiAHJgoxJkAEcmAHM3c-5pzE&cta=true
Title: Jetzt Suchen

URL: https://1cd39e.snzgdl.com/
Title: SUV Deals | Suchanzeigen | Gesponserte Links

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&ri=44a2d311faa0af48a193853924f6cb76&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&it=text&ii=~~V1~~829268698882786042~~CPDWXmPo4-oc1ouXbYQ6znXM0YeC3yeTtAfS3dR9D2XpZyC7dGVdvKnSHsaHrNsFr6KHfhMNDc_prPncQ7T8QBLbjIP0R1GoNPTyITCKivdE64t9TxWI2Yf8Htwa9MLQsRk1I2x0esEumtsSzHbmN-47htvcERiHnGtIaxOC_tsvVDgyl_o_gzBWMx3H37PLTZmfHmbmRr17o5Ad-JuTyGNj-8m6MKXKpYR_soooARs&pt=text&li=rbox-t2v&sig=f83f5903bd93a5e5fae531b8f047220163289a0e3723&redir=https%3A%2F%2F1cd39e.snzgdl.com%3Fsubid1%3D23998236%26subid2%3D3673104457%26subid3%3D1524057---delimjuwe---palmate-bg3co%26subid4%3Dtaboola-GiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCCE3l0okZO3_IbZpswu%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DNiederg%25C3%25B6sgen%253A%2BUnverkaufte%2BAutos%2Bwerden%2Bfast%2Bverschenkt%26click_id%3DGiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCCE3l0okZO3_IbZpswu%26dpco%3D1%23tblciGiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCCE3l0okZO3_IbZpswu&vi=1694217006117&p=ajaskagmbh-search-suvdeals-cr&r=42&tvi48=12004&tvi50=10367&lti=deflated&ppb=CDM&cpb=EhIyMDIzMDkwNS00LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI3MTiAwp71A0Cy0A1IyIgQUJPr4gNY____________AWMI-0YQ5F0YMGRjCP5IELZgGAFkYwibPRD_UBgyZGMI1xYQ1R8YI2RjCKohEKYtGAdkYwiWFBCYHBgYZGMI0gMQ4AYYCGRjCKQnEIM1GC9kYwj0FBCeHRgfZHgBgAECiAHJgoxJkAEcmAHM3c-5pzE&cta=true
Title: Jetzt Suchen

URL: https://hjg1zc.llsdzktnxwnnr.com/
Title: Ringe | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%2011:
Title: Sponsored

URL: https://shefence-citional.com/7d579126-4d18-4d00-912f-43f83ac27ee6
Title: NutraFlex Nahrungsergänzungsmittel

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=rec-reel-sc2-delta:Below%20Article%20Feed%20|%20Card%2012:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&ri=4f29203eb0c5e774ba50d51f9f8d14d7&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&it=text&ii=~~V1~~7402967547609522460~~AfUVD_-EQi0RJ8eUEUkw40hnRf9aQNl1qY_HTasHHv3noZueAsnM0UTkqRiz-o8uV9GNaet_FWxUAZ9PPPsFwQiCDh1TQLPajqIVko_yUrngGve6sxh19RnZCaIv09ZE_OeFEccbM5tXcOHWzNhpSNMGwykWYp1mCZQKPKKViybtWQ4PJW7nz3LbTbvf3t7XQQmOD5A8UG6LyJMqijFljJxFtVj1S2j8Uvlszv9Rgm8&pt=text&li=rbox-t2v&sig=95a45bd3c127b96f1fea7165aeb1c699bb19decfe68d&redir=https%3A%2F%2Ffbae83.llsdzktnxwnnr.com%3Fnetwork%3Dtaboola%26subid1%3Dpalmate-bg3co%26adtitle%3DDenken%2BSie%2B%25C3%25BCber%2Beine%2BW%25C3%25A4rmepumpe%2Bnach%253F%2BSehen%2BSie%2Bdie%2BPreise%2Bhier%26subid3%3D1524057%26site%3Dpalmate-bg3co%26click_id%3DGiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCC4nFwosvLlwKqdh8rzAQ%26subid4%3Deo-ch-a-hpmp1de-322806-a0103-tb%26kw1%3DVaillant%2BErdw%C3%A4rmepumpe%2BPreis%26kw2%3DW%C3%A4rmepumpe%2BKosten%26kw3%3DLuft%2BWasser%2BW%C3%A4rmepumpe%26kw4%3DMit%2BLuft%2BLuft%2BW%C3%A4rmepumpe%2BHeizen%26kw5%3DLuft%2BW%C3%A4rmepumpe%2BKosten%26kw6%3Dg%C3%BCnstig%2BVaillant%2BErdw%C3%A4rmepumpe%2BPreis%26kw7%3DVaillant%2BErdw%C3%A4rmepumpe%2BPreis%2BSchweiz%2B2023%26kw8%3DW%C3%A4rmepumpe%2BKosten%2BIn%2BSchweiz%26kw9%3D%7BCity%7D%3A%2BLuft%2BWasser%2BW%C3%A4rmepumpe%26kw10%3DAm%2Bbesten%2BMit%2BLuft%2BLuft%2BW%C3%A4rmepumpe%2BHeizen%23tblciGiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCC4nFwosvLlwKqdh8rzAQ&vi=1694217006117&p=mmosworld-carpet-sc&r=32&tvi48=12004&tvi50=10367&lti=deflated&ppb=CL8F&cpb=EhIyMDIzMDkwNS00LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI2NTiAwp71A0Cy0A1IyIgQUJPr4gNY____________AWMI-0YQ5F0YMGRjCP5IELZgGAFkYwibPRD_UBgyZGMI1xYQ1R8YI2RjCKohEKYtGAdkYwjSAxDgBhgIZGMIlhQQmBwYGGRjCPQUEJ4dGB9kYwikJxCDNRgvZHgBgAECiAHJgoxJkAEcmAH22M-5pzE&cta=true
Title: Mehr erfahren

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbnails-vignette-la-delta:taboola-vignette:
Title: Sponsored

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 143

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&rid=esp&cc=1

Request Chain 179

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3Dfc8c07d1-ef7e-4a25-a938-7533834f7fe0%26p_id%3D23 HTTP 302
https://ad.vidverto.io/delivery/v2/sync?userid=fc8c07d1-ef7e-4a25-a938-7533834f7fe0&p_id=23

Request Chain 180

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=fc8c07d1-ef7e-4a25-a938-7533834f7fe0&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=fc8c07d1-ef7e-4a25-a938-7533834f7fe0&gdpr=0&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=dfcec428-e02e-4a58-b9ad-93530969c20a&ssp=prodoohmox&gdpr=0&gdpr_consent=

Request Chain 195

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LMB92AT9-1Y-2CGM&gdpr=0

Request Chain 196

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5041285962934866388

Request Chain 197

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=9830a46d95e9c8285d918a13cca4a9&gdpr_consent=&gdpr=0

Request Chain 199

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABincz9e-WkSEuogOQeBRMKoXyXnllVxqr_A

Request Chain 200

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=8150961790652044888

Request Chain 202

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=L4eG8jA3o53rlOlQ6FoltV0JD8sZlNQ2nLX5t8KiuGA

Request Chain 203

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0JBQzEyN0EtODA4Qi00MUFELTkzRDEtQjYxQ0MyMUYzQkQy&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=CBAC127A-808B-41AD-93D1-B61CC21F3BD2

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIQfSgf94dhyLdfM4Csgeiw&google_cver=1

Request Chain 205

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-WdnMC8RE2uEhPVYE.pChDD.Y9lCUKPuNuKIUUjE-~A

Request Chain 207

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=dfcec428-e02e-4a58-b9ad-93530969c20a&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-C29F9NRE2plu.BWSikeUGDaH804wkvWI9OxGjg--~A&expires=5&ssp=onetag HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=dfcec428-e02e-4a58-b9ad-93530969c20a&gdpr=&gdpr_consent=&us_privacy=

Request Chain 208

https://ad.mox.tv/delivery/sync?userid=DGO6HGeJK5RB9yQcORyNfS-0eLNP-uNcpWyoJZXzvdw&p_id=5 HTTP 301
https://ad.mox.tv/delivery/v2/sync?userid=DGO6HGeJK5RB9yQcORyNfS-0eLNP-uNcpWyoJZXzvdw&p_id=5

Request Chain 213

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 234

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 263

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8825347147267003637

Request Chain 264

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e33e5697-ed93-c364-34fe-cf0af85cde1e HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e33e5697-ed93-c364-34fe-cf0af85cde1e&dcc=t

Request Chain 267

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4i-en_P6KTakbTSBwHZoE&google_cver=1

Request Chain 302

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LMB92ATB-1H-86Y1 HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMB92ATB-1H-86Y1

Request Chain 303

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 304

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 305

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEPV4hunh2j3uFx_dszpl-Ds&google_cver=1

Request Chain 306

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWUwMDk2ZTc3YTgwMGFmOWU5ZmQzYjRkZTU2MTY5NTc1OWI1YzQwMQ&gdpr=1&us_privacy=1---

Request Chain 307

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMB92ATB-1H-86Y1&gdpr=1&us_privacy=1---

Request Chain 309

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/-Xlm4_wnR-UweJ1Le_zII8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Dk8o_2NE2oLwNOiObXNgxKzsLAU_2RO.o1CfFQ--~A

Request Chain 310

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1COTJBVEItMUgtODZZMQ==&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEIYDubWHPmHYdSJUgBkveuo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1COTJBVEItMUgtODZZMQ==&google_push=&gdpr=1

Request Chain 329

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301105&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694209810&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694217009298&bpp=425&bdt=1871&idt=1024&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3De5af56f3d36c29fc%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MbwquCYDRtz2511MTj_fk3zBUSYkQ&gpic=UID%3D00000c705b3057a1%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MYiYbbwIghzVdHHrK3Z-MEzJO6RAA&correlator=3540625913131&frm=23&ife=1&pv=2&ga_vid=643526638.1694217007&ga_sid=1694217010&ga_hid=1821871483&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4494&biw=1600&bih=1200&isw=336&ish=280&ifk=200447026&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077559%2C31076996&oid=2&pvsid=3074765075984818&tmod=627814206&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b62qe0n13g5&btvi=1&fsb=1&dtd=1037 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 339

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=a0faaa1a-92e5-4ffb-bdaa-1a5fa2ba3449&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=88f67165-68c8-4086-95b8-5dc1cfac11ed&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Db16828c06fe847d5b7c599ebbe5da7cc%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=2901080684617500945 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=b16828c06fe847d5b7c599ebbe5da7cc&SNR=1&GV=2&med=10

Request Chain 382

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIC0qNUzJwUbJpiXGmfYWSs&google_cver=1

Request Chain 383

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPuzM9sKmtBP3-I44bwq0QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIC0qNUzJwUbJpiXGmfYWSs&google_cver=1

Request Chain 392

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Cifv24IG-5Jl2K2uqyhjJ88fpE9GnRfi5LenIQ&google_cm&google_hm=ay1DaWZ2MjRJRy01SmwySzJ1cXloako4OGZwRTlHblJmaTVMZW5JUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Cifv24IG-5Jl2K2uqyhjJ88fpE9GnRfi5LenIQ&google_gid=CAESECEkzl41foEanwMbNQfrkbQ&google_cver=1&google_ula=913071,0

Request Chain 394

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5041285962934866388

Request Chain 407

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=CFYD5JYZK74ZaCN7jv9nCzpQpNZ2sat7

Request Chain 425

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=zf4cPY6NhEmyJDd9WFU05WMlwy_UqPpu

Request Chain 437

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=wxJN18piYpGHXC2Oyg8G-h3yyn6kcDj1

Request Chain 450

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKo0gUng-cKyPDi1btBQF7o&google_cver=1&google_push=AXcoOmQyvILMbcJrFnMuOLlcJruCooODXPfO6OCV-tppB70xitm3pBD98fvavnpPqYqS0jfKnRvUnkWnEMIbBnDzGSl_EjuDbWKg6Cu4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQyvILMbcJrFnMuOLlcJruCooODXPfO6OCV-tppB70xitm3pBD98fvavnpPqYqS0jfKnRvUnkWnEMIbBnDzGSl_EjuDbWKg6Cu4&google_hm=eS1leHNOdW5GRTJwRWZ4cElZMFdlZzZzWkFfQkJZWXFTUX5B

Request Chain 451

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA2clrENrz6T6-6wZ4CASis&google_cver=1&google_push=AXcoOmTNMQIv2U6u6TBC497hCCDs6UHhygF7V9ogijHyEGDeHIhwlMsWjljgYD7GgY2ZurTqfVx8c-S-mv6uDr4yy2s2gGFL4VEo7ts HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODgyNTM0NzE0NzI2NzAwMzYzNw&google_push=AXcoOmTNMQIv2U6u6TBC497hCCDs6UHhygF7V9ogijHyEGDeHIhwlMsWjljgYD7GgY2ZurTqfVx8c-S-mv6uDr4yy2s2gGFL4VEo7ts

Request Chain 475

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABinc0BJP46Kx25LxPgmR14N5_lZ_whsPMKw

Request Chain 477

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=9072932ffdbdc751a6aca8aee44e426a&gdpr_consent=&gdpr=1

Request Chain 481

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIQfSgf94dhyLdfM4Csgeiw&google_cver=1

Request Chain 488

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ZL6g1li_wbAShAEqQ3YvRA==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 490

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=dfcec428-e02e-4a58-b9ad-93530969c20a

Request Chain 492

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=pTQR5fEzRLW-NRKzpmRasKJiErC-ZRXh92Ok2m1U

Request Chain 495

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQVP_7UYK31vtRAX6R9MtEs3bm7dOQLbvlDdbTZiYQd_zvmYMgfhgnoHeP6nfpmRX-n6Ga7iahRRSAhn50MvbUiAAUsHIk&google_gid=CAESECEkzl41foEanwMbNQfrkbQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Cifv24IG-5Jl2K2uqyhjJ88fpE9GnRfi5LenIQ&google_push=AXcoOmQVP_7UYK31vtRAX6R9MtEs3bm7dOQLbvlDdbTZiYQd_zvmYMgfhgnoHeP6nfpmRX-n6Ga7iahRRSAhn50MvbUiAAUsHIk

Request Chain 498

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELFUMscddaCv-gmAnJtGQVk&google_cver=1&google_push=AXcoOmTSHj4xVG-G-TF9YOfxXfJuyd_7nHr_bfYcf7nRFYyf2G43AzErgnSyR7lR0XHLyNfmmJ8AO4zuDFW6ZdVBItxa8CrFdgc HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTSHj4xVG-G-TF9YOfxXfJuyd_7nHr_bfYcf7nRFYyf2G43AzErgnSyR7lR0XHLyNfmmJ8AO4zuDFW6ZdVBItxa8CrFdgc&google_gid=CAESELFUMscddaCv-gmAnJtGQVk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDYzNjE3ODMzNDAyNTMxNzI2MDgzMA%3D%3D&google_push=AXcoOmTSHj4xVG-G-TF9YOfxXfJuyd_7nHr_bfYcf7nRFYyf2G43AzErgnSyR7lR0XHLyNfmmJ8AO4zuDFW6ZdVBItxa8CrFdgc

Request Chain 527

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/eaa7714cd18539877e165c45dc9fee?gdpr_consent=&gdpr=0

556 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html Show response
www.bg3.co/a/ 56 KB
17 KB 2077ms
1064ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ee3b82edc792768907948575c87f6ceca7bfbd8c4200da98ed416747fa3e4fc5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 08 Sep 2023 23:50:05 GMT
etag: "de0a-Fl6Y1SLCwdCwSV8kOcUcCwwDbOQ"
expires: Sat, 09 Sep 2023 00:05:05 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 1052ms
548ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 08 Sep 2023 23:50:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72941
x-xss-protection: 0
server: sffe
etag: "1fd4dd9eff57c430"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 08 Sep 2023 23:50:06 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 724ms
221ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74ef1dc879279b310d54c27709e0b28aa7d18b1f7c23b4f1733b03047d538f2c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 08 Sep 2023 23:50:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9642
x-xss-protection: 0
server: sffe
etag: "02dd63e520ffd2e6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 08 Sep 2023 23:50:06 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
8 KB 706ms
220ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5302bfe1d93dd4e0efef96171eda6cc8a0a07b18d1ed21d428db1e49c397d33b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 08 Sep 2023 23:50:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7559
x-xss-protection: 0
server: sffe
etag: "7e5f99ff05e5cd4c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 08 Sep 2023 23:50:06 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 752ms
273ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1285b227e431eb77deb3a06380b39f4c8685c8d03dd7f89753919c0e6513adfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29301
x-xss-protection: 0
server: cafe
etag: 986 / 19608 / m202309050101 / config-hash: 18345592501010170579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 23:50:06 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 40 KB
15 KB 257ms
104ms Script
application/javascript 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 10:08:08 GMT
server: cloudflare
age: 32642
etag: W/"64faf288-a067"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 803b177dcc47ba80-MXP
expires: Sat, 09 Sep 2023 02:46:02 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

817ms
154ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1671
alt-svc: h3=":443"; ma=86400
content-length: 40188
last-modified: Mon, 28 Aug 2023 06:02:11 GMT
server: cloudflare
etag: "64ec3863-9cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTWHxSGi%2Buoq0HKZLxh0VjeuAXLHdaZXN5mMWsDqW%2BqUW29SSNBxGIbDZG2EQHc7ri4%2BaMcaGJiZA%2BeU%2BIIvNzk%2Fy6nK7IU5x6%2BRe2qH3bIYtFTgTywRkpibHfrTrDAK6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 803b1787c9d7ba85-MXP

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 37 KB
11 KB 360ms
102ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF4) /
Resource Hash: b21c93f1bc4f1cb986408d47255e2fd7f6cdba26b0238b2a9240bcce7f79faf7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Fri, 08 Sep 2023 23:50:05 GMT
content-encoding: gzip
age: 60033
x-cache: HIT
x-client-device: desktop
content-length: 10581
x-ap-device: MOBILE
last-modified: Fri, 08 Sep 2023 07:00:32 GMT
server: ECAcc (frc/4CF4)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: IQ
expires: Sat, 09 Sep 2023 00:50:05 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 662 KB
140 KB 635ms
75ms Script
application/javascript 23.216.77.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-49.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 5b118e1496dca781d14a6f7e0dee34cc5cdb3d5b78f26d77b54089da8dbe7a1c

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Fri, 08 Sep 2023 23:50:06 GMT
x-ap-device: DESKTOP
content-encoding: br
last-modified: Fri, 08 Sep 2023 14:04:50 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-ap-geo: CH
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1694217006017_34631473_62904512_86_1222_79_117_146";dur=1
content-length: 142572
expires: Sat, 09 Sep 2023 00:50:06 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 493 KB
53 KB 253ms
109ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1da8c9de4dd18fb2f600f2aaabe17fba093ff3e313b073bc5099775744e9590d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: B7ESEqt9U0d0JJqnlCaJeGglIiWiYfbN
content-encoding: gzip
via: 1.1 varnish
date: Fri, 08 Sep 2023 23:50:05 GMT
x-amz-request-id: QKW8BEW0A65GJSQK
age: 10
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 54035
x-amz-id-2: z6+wC52bI0N7QwPlilP89jR1Q0+18pSyTRYp9XLhTld/DJKMc91o03AHPf9FyEzapstmgq/xDkU=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 06 Sep 2023 15:17:43 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694217006.731607,VS0,VE1
etag: "b35382d57c6b5b9ac2f9d781f1578799"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 82
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
589 B 285ms
276ms XHR
application/json 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12918656&u1=075063A237444FE5398B7AC1CEAF69F7&java=1&security=dd738f34&sc_snum=1&sess=c49b29&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&t=%E8%97%8D%E7%89%A1%E4%B8%B9%E3%80%8C%E9%8D%B5%E7%9B%A4%E6%8A%93%E7%99%A2%E3%80%8D%E5%A5%BD%E8%88%92%E6%9C%8D%EF%BC%81%E3%80%80%E5%BF%98%E6%83%85%E5%BC%B5%E5%98%B4%E3%80%8C%E5%93%A6%EF%BD%9E%E3%80%8D%E5%AE%9A%E6%A0%BC%E5%9A%87%E5%A3%9E%E5%AA%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2366&sc_rum_e_e=2370&sc_rum_f_s=0&sc_rum_f_e=2364&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://www.bg3.co
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 803b177efd25ba80-MXP
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 impl.20230905-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 804 KB
167 KB 84ms
83ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 68c9b585e4b7bed0162034533ab90f9a0c90d308b059fddc9a21a483c6d065ab

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: DHSY4h5zVk1UjTokLGTmT4IpOCy1UIOB
content-encoding: br
via: 1.1 varnish
date: Fri, 08 Sep 2023 23:50:05 GMT
x-amz-request-id: KTJ5G1T2ZY79WG4Y
age: 22851
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 170225
x-amz-id-2: N19IwH4/N/0qjpx6UPvM4DrF7NvGmP8xnhrV6k24mww9BeCqS8cdgMqnU30S0hJvfiOoiWuNEek=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Tue, 05 Sep 2023 09:28:59 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694217006.931735,VS0,VE0
etag: "02e831e0d003d619395b9b4db0013950"
vary: Accept-Encoding
content-type: application/javascript
abp: 70
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 6317

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 869ms
343ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:06 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e98"
vary: Accept-Encoding
x-hw: 1694217006.dop233.fr8.t,1694217006.cds212.fr8.hn,1694217006.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29880

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 929ms
203ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:06 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 204791
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 73 KB
18 KB 459ms
451ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=01%3A50%3A06.120&lti=deflated&data=%7B%22id%22%3A177%2C%22ii%22%3A%22%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1694013456733%2C%22vi%22%3A1694217006117%2C%22cv%22%3A%2220230905-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html%22%2C%22vpi%22%3A%22%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3204%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1182%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ceab98b89f4e5bac3d94ff0f3ba4f41f29281f77c99761db5cf420d62aa02929

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 300
date: Fri, 08 Sep 2023 23:50:06 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 59185
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230029-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1694217006.164175,VS0,VE300
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/palmate-bg3co/log/3/ 0
244 B 567ms
266ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.bg3.co
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 495ms
414ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:06 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1694217006.dop233.fr8.t,1694217006.cds212.fr8.hn,1694217006.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/ 404 KB
127 KB 87ms
86ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:57:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28373
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129878
x-xss-protection: 0
server: cafe
etag: 7992010681825974757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 07 Sep 2024 15:57:13 GMT

GET
H2 200 floating-unit.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 231ms
231ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6b7babf84ce7797789a5680401cb436cdc9118988848a158ca54418412d1083

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: V1rselWEQkmv8ejM_YOT9pvQ4PsP3pyq
content-encoding: gzip
via: 1.1 varnish
date: Fri, 08 Sep 2023 23:50:06 GMT
x-amz-request-id: YMYSCWQ4HDFV88QA
age: 203781
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2474
x-amz-id-2: uc/TxTGKFcoM/JlekznaoFnw684uXNLIBkSY9K6l8dG1BXVc/d0aUPhpx7nxrtygWl9fxEaNMqY=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 06 Sep 2023 15:13:46 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694217007.706521,VS0,VE0
etag: "9b0b24e2992039edeafef2deb5f869d2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 82
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 3964

GET
H2 200 taboola-vignette-new-scanning.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 232ms
232ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9da2d7a84e76c27b93b2c4cacf7d94664404afa4c832a51b61516c3e510467c8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: nyBLekRqWpLwFsYJ1PM2htL48qH2exXE
content-encoding: gzip
via: 1.1 varnish
date: Fri, 08 Sep 2023 23:50:06 GMT
x-amz-request-id: GG3SZN1QSGHYAPZ8
age: 203760
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8019
x-amz-id-2: o+B0AKbDwwOufquBUhKM603c+EpaE5eo//GnTgnjAMIFfA/OIdq8E/w8MrYBJjugsAxyTQGJywI=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 06 Sep 2023 15:14:06 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694217007.706511,VS0,VE0
etag: "fcf081c3f2e178fc5d019b3ef2860ee1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 25
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 3288

GET
H2 200 distance-from-article.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 228ms
227ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2667c5a21fcde467613da8c09a1137467ff3ddbefd3cd4a8cc9f1b794524fba

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: em2XoJWhDIGX2pPbKxuWmMDgPsr_r4ef
content-encoding: gzip
via: 1.1 varnish
date: Fri, 08 Sep 2023 23:50:06 GMT
x-amz-request-id: VB7GC7DNR3DBAGXN
age: 203792
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1133
x-amz-id-2: MwndNzSFMrfPZuXlmjg+CH3RvIMFhrFGJpJWlIU4n1N0LM64WpnV/AGfobY9J5d7i0GAmvKutRg=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 06 Sep 2023 15:13:35 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694217007.759993,VS0,VE0
etag: "0a16ddc5535f3ec9c04adb198a63ab57"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 92
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 62948

GET
H2 200 article-detection.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 228ms
228ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f149685a7ee57be9021e9195fe13705d2656c54b066f08be7c06a22c91b30585

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VYQg0KzRzVKgsOUVIwoGWUZcIizdfOKZ
content-encoding: gzip
via: 1.1 varnish
date: Fri, 08 Sep 2023 23:50:06 GMT
x-amz-request-id: F29PXCZ8HNKVHJH3
age: 203799
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1292
x-amz-id-2: v/a7T3HLPP9VJKIs/ZoINAzTkQ4zUgmrWpgtYsjY3+QlOMnzxtML84PR9LAS30+tHp6+1yAQ708=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 06 Sep 2023 15:13:28 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694217007.759988,VS0,VE0
etag: "a684a25a6af049d0fee39485c35b845e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 63099

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.3.0/ 127 KB
36 KB 540ms
230ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c44e080ef80f83f7fc346253431046ff2bfe10ff0762acc1c247be5e169547ea

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 225931
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 36498
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Wed, 06 Sep 2023 09:01:32 GMT
server: AmazonS3
x-timer: S1694217007.106441,VS0,VE0
etag: "1865860838c0a4f202ab61510882ea01"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: MBwNQWWoasK9QdVBzfrJSMb4dGtXeyY63MWPfWLulxwQ0SOIpiRafA==
x-cache-hits: 25436

GET
H2 200 feed-card-placeholder.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 224ms
224ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c0b56e48f5c453c09b9229d70e9e85aead182f70b1ff39245061bf60af6bc0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .8WMZOWcDpNm0.Ccx52jyM8r4MC6976_
content-encoding: gzip
via: 1.1 varnish
date: Fri, 08 Sep 2023 23:50:06 GMT
x-amz-request-id: 3KKZJT1BHCRVXYWY
age: 203787
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: k6bhlbvN6KLmcGsQRfjoz7YptQAdyVlsTRKrgkvp9A4tCI+2N2yMesYwCKScEwY2BQFGyzS5cgE=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 06 Sep 2023 15:13:40 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694217007.759491,VS0,VE0
etag: "a682091ea54d189e1c90f84edb66dc6a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 33
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 41800

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 220ms
220ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Fri, 08 Sep 2023 23:50:06 GMT
x-amz-request-id: CCG7A4WVWN5WJAVZ
age: 72
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694217007.759474,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 14
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 21

GET
H2 200 userx.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 213ms
211ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 659c04daa2a54bef52f7966dc3500b8e702c6c8cd1c4a3bf5516234d3fb10a74

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: s_CdpOrxd5OMAuEV0GJ7BKn.ddN4GAhu
content-encoding: gzip
via: 1.1 varnish
date: Fri, 08 Sep 2023 23:50:06 GMT
x-amz-request-id: J4VM1AJYK6QJHX3G
age: 203757
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: FIq2NZRhejRV5eG0EITjnAVmFsTjNMpRi7giTA5FIjJKU6MUOB1ZCrrt1gNGOY6UXpqajzBu4iw=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 06 Sep 2023 15:14:10 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694217007.759435,VS0,VE0
etag: "22ce59d71c04e51e63a2870100dee4d6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 91
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 24109

GET
H2 200 explore-more.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 194ms
194ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfb968ff7ebcfc502af4bee0e5b4fce1b3ddfc29b883947aa18737c7ddf4dc05

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: nTny9pOwUaN6ss1oAQu2PcehWgBYcg1r
content-encoding: gzip
via: 1.1 varnish
date: Fri, 08 Sep 2023 23:50:06 GMT
x-amz-request-id: NASXNJWVBD4GEBA1
age: 203788
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8803
x-amz-id-2: V0wstXoV0n2+bJL8i51/PcQ4dHD4ffSYa39uaMHin2aUHH5b6pD7SOELnFltwMEFSga3o5C2Ra0=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 06 Sep 2023 15:13:38 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694217007.759422,VS0,VE0
etag: "0da94878b067376092df0c027b53d238"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 32
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 24363

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 630ms
257ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12004&tvi50=10367&lti=deflated&ri=041065e701762312996b2f5e13200a68&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&pi=/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&wi=4433115819816846865&pt=text&vi=1694217006117&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=01%3A50%3A06.598&id=5809&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 630ms
257ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12004&tvi50=10367&lti=deflated&ri=041065e701762312996b2f5e13200a68&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&pi=/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&wi=4433115819816846865&pt=text&vi=1694217006117&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1694217006599%7D&tim=01%3A50%3A06.599&id=3421&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 631ms
258ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12004&tvi50=10367&lti=deflated&ri=041065e701762312996b2f5e13200a68&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&pi=/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&wi=4433115819816846865&pt=text&vi=1694217006117&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1694217006605%7D&tim=01%3A50%3A06.605&id=5255&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 630ms
258ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12004&tvi50=10367&lti=deflated&ri=041065e701762312996b2f5e13200a68&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&pi=/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&wi=4433115819816846865&pt=text&vi=1694217006117&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A50%3A06.641&id=913&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 599ms
256ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A50%3A06.651&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=9846&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86995

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 206ms
205ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A50%3A06.652&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=6767&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86995

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 206ms
206ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A50%3A06.662&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=8632&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86995

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 206ms
206ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A50%3A06.664&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=4048&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86995

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 207ms
206ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A50%3A06.675&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=6774&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86995

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 22 KB
7 KB 421ms
421ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=01%3A50%3A06.684&route=AM:IL:V&tvi48=12004&tvi50=10367&lti=deflated&data=%7B%22id%22%3A723%2C%22ii%22%3A%22%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA%22%2C%22ui%22%3A%22111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae%22%2C%22uifp%22%3A%22111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae%22%2C%22lbt%22%3A1694013456733%2C%22vi%22%3A1694217006117%2C%22cv%22%3A%2220230905-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html%22%2C%22vpi%22%3A%22%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4271%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1182%2C%22mw%22%3A760%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 30ab66e97c681f9e0910029a008dbe319fac1224448aa72d9eaa5b58a35b2614

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 242
date: Fri, 08 Sep 2023 23:50:07 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 59106
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230029-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1694217007.761563,VS0,VE242
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 bulk-metrics Show response
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
243 B 619ms
255ms XHR
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?tvi48=12004&tvi50=10367&route=AM%3AIL%3AV&lti=deflated&bulkSize=8
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.bg3.co
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_780%2Cw_1040%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 120 KB
121 KB 161ms
145ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_780%2Cw_1040%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 029ab26f8db318ba8c0c96ccf5c9aece71f2182b331d520c07958ee71318fff2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 08 Sep 2023 23:50:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_780%2Cw_1040%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age: 3672058
edge-cache-tag: 356686445197087509435470419559440289029,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356686445197087509435470419559440289029,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 517
expiration: expiry-date="Fri, 11 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://wissensiedas.de/
content-length: 122394
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000028-IAD, cache-iad-kiad7000098-IAD, cache-lga21980-LGA, cache-iad-kcgs7200022-IAD, cache-fra-eddf8230029-FRA
last-modified: Tue, 11 Jul 2023 03:38:46 GMT
server: nginx
x-timer: S1694217007.914493,VS0,VE2
etag: "e00df394c71531c4b5ea0c7f18e73922"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 2, 1

GET
H2 200 6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 82 KB
83 KB 162ms
161ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a8a347e67412b43a5f7b1f5dd68e82101655949c78da94255ae1708e5ff38819

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 08 Sep 2023 23:50:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age: 3230841
edge-cache-tag: 356686445197087509435470419559440289029,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356686445197087509435470419559440289029,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 402
expiration: expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sport1.de/
content-length: 83890
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200035-IAD, cache-iad-kjyo7100036-IAD, cache-sna10739-LGB, cache-iad-kcgs7200070-IAD, cache-fra-eddf8230029-FRA
last-modified: Mon, 10 Jul 2023 10:04:45 GMT
server: nginx
x-timer: S1694217007.986756,VS0,VE2
etag: "81f305b7f9c27554fb01203c3e1001ff"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 7, 1

GET
H2 200 cea80ddf3609efb290faf64050ec1637.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
11 KB 187ms
187ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cea80ddf3609efb290faf64050ec1637.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c5b0e49e3944dbfaed572cb581440050393e979e01dcec9120589bb31303bd62

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cea80ddf3609efb290faf64050ec1637.jpg
age: 1746046
edge-cache-tag: 424011715391862438643660917372215574904,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 424011715391862438643660917372215574904,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 414
expiration: expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://todaynews.world/
content-length: 10216
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200168-IAD, cache-iad-kjyo7100162-IAD, cache-lax10657-LGB, cache-iad-kcgs7200069-IAD, cache-fra-eddf8230029-FRA
last-modified: Tue, 01 Aug 2023 16:41:14 GMT
server: nginx
x-timer: S1694217007.111812,VS0,VE1
etag: "23cc301e9c64cefcf712e642c88b24fe"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 18, 1

GET
H2 200 HeatPumps.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/qgjZTJg/ 25 KB
26 KB 149ms
149ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/qgjZTJg/HeatPumps.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bba2901b453396fd28eee2860a3961dec0cc6304686a482877fd987201edd417

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/qgjZTJg/HeatPumps.jpg
age: 3357395
edge-cache-tag: 448920162400575584526001447155013022787,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 448920162400575584526001447155013022787,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 390
expiration: expiry-date="Fri, 18 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://wistjijdit.nl/
content-length: 25764
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000034-IAD, cache-iad-kjyo7100021-IAD, cache-chi-klot8100118-CHI, cache-iad-kiad7000043-IAD, cache-fra-eddf8230029-FRA
last-modified: Tue, 18 Jul 2023 13:29:49 GMT
server: nginx
x-timer: S1694217007.111811,VS0,VE0
etag: "182d9c82029718df6cd29116bdb9955a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 119, 2

GET
H2 200 eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 35 KB
36 KB 190ms
190ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 44c9e4d6cc84fe235db0800274090c3335ecc1fcb54bbbebc324c278bb50c197

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age: 4012887
edge-cache-tag: 486431112865747330230722196242728132931,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 486431112865747330230722196242728132931,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 315
expiration: expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.express.de/
content-length: 35954
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000071-IAD, cache-iad-kjyo7100118-IAD, cache-sna10735-LGB, cache-iad-kcgs7200136-IAD, cache-fra-eddf8230029-FRA
last-modified: Sat, 15 Jul 2023 22:28:28 GMT
server: nginx
x-timer: S1694217007.166824,VS0,VE1
etag: "f9d7aab2dcdde7833ec39551e6347199"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 25, 1

GET
H2 200 1884056dac9af304595355348ba8b2a5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 26 KB
27 KB 143ms
142ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1884056dac9af304595355348ba8b2a5.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 27ba5a28c6f6171b3773b9b2df503c765a676c983f4ef6f644581260416f5ae7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1884056dac9af304595355348ba8b2a5.jpg
age: 1422742
edge-cache-tag: 492496024810385513339299449246031022522,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 492496024810385513339299449246031022522,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 166
req-referer: https://www.gazzetta.it/
content-length: 27004
x-request-id: feb99f20f018b8d914075d1f545bd0e6
x-backend-name: CH_nlb802
x-served-by: cache-iad-kjyo7100069-IAD, cache-iad-kiad7000161-IAD, cache-iad-kiad7000055-IAD, cache-fra-eddf8230029-FRA
last-modified: Wed, 09 Aug 2023 06:41:14 GMT
server: nginx
x-timer: S1694217007.294166,VS0,VE1
etag: "019224b829cc544f2a77564b1e355909"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 7, 1

GET
H2 200 49a65433a0e00aa6375452e026770fa8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 167ms
166ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49a65433a0e00aa6375452e026770fa8.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b02dcc8bd959fe51fe0a1fc45f404f8625615f6c0af6e773d74a69bc5efe59b2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49a65433a0e00aa6375452e026770fa8.jpg
age: 1834274
edge-cache-tag: 301222070070333916538293516185212795574,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 301222070070333916538293516185212795574,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 170
expiration: expiry-date="Wed, 30 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.lefigaro.fr/
content-length: 15846
x-backend-name: CH_nlb803
x-served-by: cache-iad-kcgs7200167-IAD, cache-iad-kiad7000062-IAD, cache-iad-kcgs7200124-IAD, cache-fra-eddf8230029-FRA
last-modified: Sun, 30 Jul 2023 10:04:53 GMT
server: nginx
x-timer: S1694217007.329503,VS0,VE1
etag: "29b44a453c455f5dcd8e23a9ea663c1e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 25, 1

GET
H2 200 6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 92 KB
93 KB 167ms
167ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 223b0d1f5fe9805e59af9f9b4eca70ba74d52431790f365d72f6c4c761d1c961

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age: 2183772
edge-cache-tag: 356686445197087509435470419559440289029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356686445197087509435470419559440289029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 387
req-referer: https://www.sueddeutsche.de/
content-length: 94302
x-request-id: c7d4a079e800f2cfac01ffed59a7e79b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100133-IAD, cache-iad-kjyo7100128-IAD, cache-sna10744-LGB, cache-iad-kjyo7100132-IAD, cache-fra-eddf8230029-FRA
last-modified: Thu, 10 Aug 2023 11:47:17 GMT
server: nginx
x-timer: S1694217007.329496,VS0,VE1
etag: "78af0e2d92f1d0853f93e08bf0474e82"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 1

GET
H2 200 eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 42 KB
43 KB 113ms
113ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ca8807fbc1da6011747cf687c91060ced3e90e0e6ff78da4813186f5fc09e54e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age: 1632646
edge-cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 480
expiration: expiry-date="Mon, 18 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.hoerzu.de/
content-length: 42778
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kiad7000064-IAD, cache-lga21931-LGA, cache-iad-kjyo7100053-IAD, cache-fra-eddf8230029-FRA
last-modified: Fri, 18 Aug 2023 15:33:27 GMT
server: nginx
x-timer: S1694217007.329470,VS0,VE1
etag: "0a2c75440724365af393e298015be867"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1345, 1

GET
H2 200 cea80ddf3609efb290faf64050ec1637.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
23 KB 189ms
188ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cea80ddf3609efb290faf64050ec1637.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 91eea04a2b7be10820e7adf0c0cf6a1aa2cdc24f60c419fc6020f0369f048ce4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cea80ddf3609efb290faf64050ec1637.jpg
age: 4262208
edge-cache-tag: 424011715391862438643660917372215574904,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 424011715391862438643660917372215574904,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 357
expiration: expiry-date="Fri, 28 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://13tv.co.il/
content-length: 22490
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200079-IAD, cache-iad-kjyo7100122-IAD, cache-lga21922-LGA, cache-iad-kcgs7200125-IAD, cache-fra-eddf8230029-FRA
last-modified: Tue, 27 Jun 2023 06:08:43 GMT
server: nginx
x-timer: S1694217007.390214,VS0,VE1
etag: "28ff65357179fbced0eb34ee398279c5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 9, 1

GET
H2 200 HeatPumps.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/qgjZTJg/ 80 KB
81 KB 157ms
157ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/qgjZTJg/HeatPumps.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a68b9e280379e7db941dd091b92b08b3ae7408fa62d2bc535e311371f5cea9f6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/qgjZTJg/HeatPumps.jpg
age: 3947640
edge-cache-tag: 448920162400575584526001447155013022787,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 448920162400575584526001447155013022787,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 862
expiration: expiry-date="Fri, 18 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.midilibre.fr/
content-length: 82402
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100040-IAD, cache-iad-kjyo7100021-IAD, cache-sna10727-LGB, cache-iad-kiad7000079-IAD, cache-fra-eddf8230029-FRA
last-modified: Tue, 18 Jul 2023 13:29:49 GMT
server: nginx
x-timer: S1694217007.390222,VS0,VE1
etag: "182d9c82029718df6cd29116bdb9955a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 80, 1

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 919ms
244ms Script
text/javascript 18.66.127.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.127.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-127-127.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date: Fri, 08 Sep 2023 03:41:04 GMT
Via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 72545
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: 7o6Hq9k-S-AJWpEB1EcBp03ycq2LdOUEl3zNAIxfYH-OaH2AiOthfw==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 139 KB
31 KB 873ms
198ms Script
text/javascript 104.22.52.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 09:30:49 GMT
server: cloudflare
x-amz-request-id: DZ733E8TTZ7SG4FA
age: 835
etag: W/"1a5f44cdb786ba83a7fa05963228f464"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 803b178c8bbdbb14-MXP
x-amz-id-2: nN6Gk3FwfXeIF/Grp2NxGQawjCk/tIPjc7BmC3AdATaD7bV0Kpd7FKxjR/ntCHnwTAikKxSAAbm/tjtUe+vCjQ==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 872ms
197ms Script
application/javascript 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20759
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbKcOy9%2FXocEe1x1eaOFfQkLVAngcICbmb%2Fi1LKeXaAnvGNTFG6MHe1ah9A4AsFsCazerE6WtKx3dj8HRQkU44BVIT%2B18VFzmmViz0DEM%2Bn8OFK6fNBMXGwJppxVle9fD%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 803b178c7ea224c2-ZRH

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 793ms
171ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Sep 2023 23:50:08 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 407ms
117ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 04:27:21 GMT
content-encoding: gzip
age: 1020166
x-guploader-uploadid: ADPycdvO63Bs2hpfvrq4P31AF9LvzTxHSA_jJUqYOnbEjFh1BfJWVElI9jTga5pYHwO5mvT4IwwwIh1cSCracbb_xVSxAQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 27 Aug 2024 04:27:21 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 165ms
165ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2988591314597230&correlator=1899911881860234&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1694217006726&lmt=1694209806&adxs=220&adys=228&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&vis=1&psz=760x0&msz=760x0&fws=0&ohw=0&ga_vid=643526638.1694217007&ga_sid=1694217007&ga_hid=1583246668&ga_fc=false&dlt=1694217005528&idt=1175&adks=3605545259&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5aa4ef830e99f217a5637b23389c42ca47f06e101df457ea3756ca21b8a81c80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12495
x-xss-protection: 0
google-lineitem-id: 6344488284
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440076868
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b50fa299e04c5600dfa32dd877c0a0e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 609F 6 KB
3 KB 827ms
143ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b50fa299e04c5600dfa32dd877c0a0e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 23:50:07 GMT
expires: Sat, 07 Sep 2024 23:50:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET 163945881beb99920728a460a0c17b59.jpg
static.bg3.co/imgs/202105/ 0
0

GET dd0b7d0920dd746646c6ae9295a8eff8.jpg
static.bg3.co/imgs/202105/ 0
0

GET fde3259f97a1c1e0ee1de12fe2145d4f.jpg
static.bg3.co/imgs/202105/ 0
0

GET bdf57306eac65f9ebb4f9e317b59f48a.jpg
static.bg3.co/imgs/202105/ 0
0

GET 42b977a15805e66f6bc8c167a1d72ed1.jpg
static.bg3.co/imgs/202106/ 0
0

GET a68a677b905dccb1ff89aac3adc13ec5.jpg
static.bg3.co/imgs/202106/ 0
0

GET ca4ecb8c38623a44c7b49dadeda60666.jpg
static.bg3.co/imgs/202206/ 0
0

GET 461d7c25dd47ca59f46440b3269e1cda.jpg
static.bg3.co/imgs/202105/ 0
0

GET cd46188f6efdb25732d7af639068710e.jpg
static.bg3.co/imgs/202105/ 0
0

GET f14ca4028cbffc8160e2438e8b4b95b6.jpg
static.bg3.co/imgs/202105/ 0
0

GET fe77ee9e45aafad7ff6a2622a5922df1.jpg
static.bg3.co/imgs/202105/ 0
0

GET 4b39b9a185819849c56d4c2d26ec8749.jpg
static.bg3.co/imgs/202105/ 0
0

GET ecf843921a32f9e769b120c9ca22858e.jpg
static.bg3.co/imgs/202106/ 0
0

GET 58fe02e24660d7f0ff1405dae3303d29.jpg
static.bg3.co/imgs/202106/ 0
0

GET f3b8bf683b955be9c8fa2d4215c202f3.jpg
static.bg3.co/imgs/202106/ 0
0

GET 809e017592f9a1f717eebd7db110855e.jpg
static.bg3.co/imgs/202106/ 0
0

GET 726249ec20db32879469052b87e50cc2.jpg
static.bg3.co/imgs/202105/ 0
0

GET 382d7ce4e73a1d650047a5e86fd0452b.jpg
static.bg3.co/imgs/202105/ 0
0

GET 64a59a07fb57a4eef632b571c2845345.jpg
static.bg3.co/imgs/202105/ 0
0

GET 7137b200cc581ccdcef67f080d8788be.jpg
static.bg3.co/imgs/202105/ 0
0

GET 4bfdf0c16371dd1c5f63ca808037c456.jpg
static.bg3.co/imgs/202105/ 0
0

GET ef390a0aa6c235106d5340bbbd27916b.jpg
static.bg3.co/imgs/202105/ 0
0

GET df8e73dadf3bc99422247adb23a2ceff.jpg
static.bg3.co/imgs/202204/ 0
0

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 8 KB
3 KB 785ms
185ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:40 GMT
age: 281007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2968
x-xss-protection: 0
server: sffe
etag: "20a8808a3fce3085"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:40 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 82 KB
23 KB 792ms
192ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:40 GMT
age: 281007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23124
x-xss-protection: 0
server: sffe
etag: "91fba5c7cd59114d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:40 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 5 KB
903 B 922ms
250ms Fetch
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dd10c4eabe829c55b6dc7b0b3c581ef3809a309008d16aa34ba0ba092f2b1d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
x-xss-protection: 0

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 12 KB
5 KB 777ms
182ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

sffe /

Resource Hash

83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:40 GMT
age: 281007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3948
x-xss-protection: 0
server: sffe
etag: "a02df160e36bd176"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:40 GMT

GET
H2 200 next-up-widget.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 109ms
108ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71e375d5444b117a25725466b97c277c7b7243523340f8ace4c58ad259f28982

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 16i_W0SfO4iu5HUNttGCzqfI5eyuaJk9
content-encoding: gzip
via: 1.1 varnish
date: Fri, 08 Sep 2023 23:50:06 GMT
x-amz-request-id: 5Z6D55KEA63Q4GDX
age: 203778
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: zbA9d3vwZFWk0ANy7tqhXOmmLnCfK5m/3x33rRTsy4bo2JGe2Az9RZf1dL8FcKvA8rZnXttJGN0=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 06 Sep 2023 15:13:49 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694217007.882049,VS0,VE0
etag: "206e75ae80c2530bd7615c594f84c2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 71
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 3916

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 276ms
274ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12004&tvi50=10367&lti=deflated&ri=041065e701762312996b2f5e13200a68&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&pi=/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&wi=4433115819816846865&pt=text&vi=1694217006117&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1313%7D%22%2C%22eventTime%22%3A1694217006838%7D&tim=01%3A50%3A06.839&id=4698&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 769ms
147ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Sep 2023 23:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 23:23:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Sep 2023 23:50:07 GMT

GET
H2 200 spa-detector.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 156ms
155ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e016d3df93459256a6fe9e8138adba21bfba1589672c6149fb5bbde470580c20

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KEGvtegWzhSmJ0zyOWVzsjMEuOiRrSzx
content-encoding: gzip
via: 1.1 varnish
date: Fri, 08 Sep 2023 23:50:06 GMT
x-amz-request-id: 5Z1CHXFC88GT13TW
age: 203770
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 779
x-amz-id-2: 1R6YEO9Myr91tXufEJQPPNQ2KLQnJQ8K96AKA2aZIoxRcffRrKxm7cTEbrWPZe7wMn0nAh2HBz4=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 06 Sep 2023 15:13:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694217007.914500,VS0,VE0
etag: "f7cc4f6d837535cfe5c09f38624a17a0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 96
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 24921

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 276ms
275ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12004&tvi50=10367&lti=deflated&ri=041065e701762312996b2f5e13200a68&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&pi=/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&wi=4433115819816846865&pt=text&vi=1694217006117&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A50%3A06.851&id=4143&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 277ms
275ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12004&tvi50=10367&lti=deflated&ri=041065e701762312996b2f5e13200a68&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&pi=/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&wi=4433115819816846865&pt=text&vi=1694217006117&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1694217006852%7D&tim=01%3A50%3A06.852&id=147&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 277ms
275ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12004&tvi50=10367&lti=deflated&ri=041065e701762312996b2f5e13200a68&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&pi=/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&wi=4433115819816846865&pt=text&vi=1694217006117&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A50%3A06.854&id=5384&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 278ms
277ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12004&tvi50=10367&lti=deflated&ri=041065e701762312996b2f5e13200a68&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&pi=/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&wi=4433115819816846865&pt=text&vi=1694217006117&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1694217006856%7D&tim=01%3A50%3A06.856&id=973&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 277ms
276ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A50%3A06.878&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=5261&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 100707

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 278ms
276ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12004&tvi50=10367&lti=deflated&ri=041065e701762312996b2f5e13200a68&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&pi=/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&wi=4433115819816846865&pt=text&vi=1694217006117&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2218.15625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A50%3A06.887&id=3236&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 bulk-metrics Show response
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
244 B 408ms
255ms XHR
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?tvi48=12004&tvi50=10367&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.bg3.co
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
799 B 163ms
162ms Image
image/jpeg 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1694217006950
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC2) /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 07 Sep 2024 23:50:07 GMT
date: Fri, 08 Sep 2023 23:50:07 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: ECAcc (frc/4CC2)
age: 1947283
etag: "60d2d6c2-277"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-client-device: desktop
content-length: 631
x-client-geo: CH

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 823ms
250ms Script
application/javascript 23.216.77.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-49.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Fri, 08 Sep 2023 23:50:07 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: nginx/1.18.0
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1694217007454_34631473_62904880_561_1482_104_0_146";dur=1
content-length: 122286
expires: Sat, 07 Sep 2024 23:50:07 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
559 B 756ms
233ms Script
application/javascript 23.216.77.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-49.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Fri, 08 Sep 2023 23:50:07 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1694217007702_34631473_62904882_54_1443_104_0_146";dur=1
content-length: 211
expires: Sat, 07 Sep 2024 23:50:07 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 755ms
237ms Script
application/javascript 23.216.77.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-49.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Fri, 08 Sep 2023 23:50:07 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1694217007702_34631473_62904881_514_1455_104_130_146";dur=1
content-length: 18371
expires: Sat, 09 Sep 2023 00:50:07 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
318 B 499ms
142ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQyMTcwMDcwMTEsInBhY2tldElkIjoiMDAwMEE3MDEtYmYwMTYzYmYtN2E2NC00NDNlLWJlN2QtMDBhY2E3OWRmZGU4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2xhbi1tdS1kYW4tamlhbi1wYW4temh1YS15YW5nLWhhby1zaHUtZnUtd2FuZy1xaW5nLXpoYW5nLXp1aS1lLWRpbmctZ2UteGlhLXBpLW1hLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IkNIIn0%3D&c_b=3565.099998474121
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
364 B 495ms
142ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
server: nginx/1.18.0 (Ubuntu)
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame BAD8 0
0 201ms
200ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOGuu0ENvnmMmjcz9AZKnVwNIxhcWyLqgnuaY5bRlq_WTha623C80JFi9eusPRtJrc7mBR-M1ZCOTXSrlIZ5WisD2UIdxNyTTw5Sg_1RIeMMH22hsmiHtKLkGFwZEau29jKrvrQPq4DAOA4cyWT0P9DfooizULiwhnKffzQjiElev_sJZvVI8eyJRjL83zZpagMu6ksxs43vu-Ek4LcN1OLbCdm65gfhfGrJNTsZs7vCAOOGwcH77nshN99jZEVXbLLIeUThlzTxN7vYa0IPsKh7NSG0vAA--Qpuhm0v2R6XtL_0dyRdYnZBCRhf_vC8xzoQ&sai=AMfl-YTQ-2ff1BXI5fdO6G4XyAA8iRR0pis-v4LFwWVsxLL-IWYqvKL2QORF2KwZPWnBVs1meaRhwqrcMVAk7ei-BxdmjLLomDxsdRM_TSmhXKVchu04Tep_2vfqtZZf6dlJ1OdWaMv9RXKPb5dQsVK1&sig=Cg0ArKJSzGE6BtB9NtAGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Sep 2023 23:50:07 GMT

GET
H2 200 invocation.js Show response
ad.vidverto.io/vidverto/js/aries/v1/ 26 KB
8 KB 543ms
156ms Script
application/javascript 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:07 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 14:03:06 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64df7a1a-66bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sat, 09 Sep 2023 00:50:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BAD8 181 KB
57 KB 759ms
129ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 23:50:07 GMT

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 250ms
249ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A50%3A07.189&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-c-delta&llvl=2&id=2173&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 92222

GET
H2 204 719ed8ca-3593-45bd-bbfb-ddec89552579
ressaymonstives.com/impression/ 0
1 KB 525ms
216ms Image
text/plain 18.195.23.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ressaymonstives.com/impression/719ed8ca-3593-45bd-bbfb-ddec89552579?site=palmate-bg3co&site_id=1524057&title=Einen+Minikredit+ohne+Einkommensnachweis+zu+bekommen%2C+ist+m%C3%B6glicherweise+einfacher+als+Sie+denken&platform=Desktop&campaign_id=26881179&campaign_item_id=3722998406&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fb464e2c247dbe4871755014a7046cf80.jpeg&click_id=GiA85iNlLIIxVuxkwjOOzLZwlEzxTRqSbyRTYlPAzsqyXCCaxV4ok829oIDC05sj
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.195.23.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-23-231.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
server: nginx
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 394ms
143ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQyMTcwMDcyMjksInBhY2tldElkIjoiMDAwMEE3MDEtYmYwMTYzYmYtN2E2NC00NDNlLWJlN2QtMDBhY2E3OWRmZGU4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2xhbi1tdS1kYW4tamlhbi1wYW4temh1YS15YW5nLWhhby1zaHUtZnUtd2FuZy1xaW5nLXpoYW5nLXp1aS1lLWRpbmctZ2UteGlhLXBpLW1hLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3783
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 394ms
143ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQyMTcwMDcyMzUsInBhY2tldElkIjoiMDAwMEE3MDEtYmYwMTYzYmYtN2E2NC00NDNlLWJlN2QtMDBhY2E3OWRmZGU4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2xhbi1tdS1kYW4tamlhbi1wYW4temh1YS15YW5nLWhhby1zaHUtZnUtd2FuZy1xaW5nLXpoYW5nLXp1aS1lLWRpbmctZ2UteGlhLXBpLW1hLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3788.099998474121
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 208ms
208ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQyMTcwMDcyMzcsInBhY2tldElkIjoiMDAwMEE3MDEtYmYwMTYzYmYtN2E2NC00NDNlLWJlN2QtMDBhY2E3OWRmZGU4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2xhbi1tdS1kYW4tamlhbi1wYW4temh1YS15YW5nLWhhby1zaHUtZnUtd2FuZy1xaW5nLXpoYW5nLXp1aS1lLWRpbmctZ2UteGlhLXBpLW1hLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfMzM2WDI4MF84NjFlMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfMzM2WDI4MF84NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZXJ2aWNlcyI6WzVdLCJhZFVuaXRUeXBlIjo4fV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3790.7999992370605
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 926 B
772 B 364ms
363ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2988591314597230&correlator=1798606030470232&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3De5af56f3d36c29fc%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MbwquCYDRtz2511MTj_fk3zBUSYkQ&gpic=UID%3D00000c705b3057a1%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MYiYbbwIghzVdHHrK3Z-MEzJO6RAA&arp=1&abxe=1&dt=1694217007245&lmt=1694209807&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=643526638.1694217007&ga_sid=1694217007&ga_hid=1583246668&ga_fc=false&dlt=1694217005528&idt=1175&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_16_0_pv%26cluster_reporting%3Dchrome_DESKTOP_16_1_active_0_pv%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c&adks=3412779558&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b949af46588581bf48db390dde1397833d0480d79acd72fea96237b6e320aa26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 438
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/ 38 KB
13 KB 104ms
104ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d12a9bf1fe15f8267e78800c4d420cd2012119edce1c7a2734de411fbe4c336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 14:48:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32525
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13603
x-xss-protection: 0
server: cafe
etag: 10298091897263888815
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 07 Sep 2024 14:48:02 GMT

POST
H2 204 bulk-metrics Show response
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
243 B 198ms
194ms XHR
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?tvi48=12004&tvi50=10367&route=IL%3AIL%3AV&lti=deflated&bulkSize=8
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.bg3.co
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 266ms
266ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&tvi48=12004&tvi50=10367&lti=deflated&ri=e61bfbaa3fbff0e070e2f2301b61f05b&sd=v2_5f6195f1cc2d48bca1a3a6bca633d351_111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae_1694217006_1694217006_CNawjgYQ2YJdGKXYz7mnMSABKAEwKziy0A1AyIgQSJPr4gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&pi=/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&wi=4433115819816846865&pt=text&vi=1694217006117&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1694217007270%7D&tim=01%3A50%3A07.270&id=9415&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 03cad2af8f8bdaf368ad0aecb584bbbb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 34 KB
35 KB 163ms
161ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 95340d68557bff28d6455d5dd904ee2f72fe02b7f1fe156154079039d003fb19

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
age: 4176739
edge-cache-tag: 629278368362485812204278233016319296852,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629278368362485812204278233016319296852,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 240
expiration: expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.ratemyprofessors.com/
content-length: 34966
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000150-IAD, cache-iad-kjyo7100141-IAD, cache-chi-klot8100117-CHI, cache-iad-kjyo7100100-IAD, cache-fra-eddf8230029-FRA
last-modified: Sat, 15 Jul 2023 22:44:19 GMT
server: nginx
x-timer: S1694217008.899477,VS0,VE1
etag: "05686e725bd7c1ab25724df4bdd17390"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 4, 1, 122, 1

GET
H2 200 568f2d6b-fd24-499e-8287-1e998cdc3c7e__WN2kk04r.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 7 KB
8 KB 153ms
151ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/568f2d6b-fd24-499e-8287-1e998cdc3c7e__WN2kk04r.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ad82d7e7253038b209950cb1c87e708c33758d7d22a00a887cd913bc3d2bb9f6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/568f2d6b-fd24-499e-8287-1e998cdc3c7e__WN2kk04r.jpg
age: 1042249
edge-cache-tag: 529458497558877268241541876610268522961,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 529458497558877268241541876610268522961,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 214
expiration: expiry-date="Tue, 29 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://voilesetvoiliers.ouest-france.fr/
content-length: 7012
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100167-IAD, cache-iad-kjyo7100116-IAD, cache-iad-kjyo7100102-IAD, cache-fra-eddf8230029-FRA
last-modified: Sat, 29 Jul 2023 03:56:54 GMT
server: nginx
x-timer: S1694217008.982056,VS0,VE1
etag: "5bbf0e2b2c6294ce7187c6df17a2df93"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 9, 1

GET
H2 200 01031fc497abec8bd15795314d57f9d8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 153ms
151ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01031fc497abec8bd15795314d57f9d8.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9352a4fbd8610214af6ef7a7587084f0db18b2aa4d780afa0568b3953baaa43a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01031fc497abec8bd15795314d57f9d8.jpg
age: 3079908
edge-cache-tag: 416337079958561538479242309346705382157,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 416337079958561538479242309346705382157,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 228
expiration: expiry-date="Wed, 16 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.irishsun.com/
content-length: 13200
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200164-IAD, cache-iad-kjyo7100089-IAD, cache-sna10729-LGB, cache-iad-kjyo7100123-IAD, cache-fra-eddf8230029-FRA
last-modified: Sun, 16 Jul 2023 15:28:07 GMT
server: nginx
x-timer: S1694217008.982038,VS0,VE1
etag: "c19cb3815bc01051e367a650a30f5da3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 63, 1

GET
H2 200 7e041cc1be1a03c8dfb18b18f83b2768.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 21 KB
22 KB 171ms
169ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7e041cc1be1a03c8dfb18b18f83b2768.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 672d8d3591ed8d41e55bed6cf689bd2b3d8dc74221eb4be39ffa2559da439213

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7e041cc1be1a03c8dfb18b18f83b2768.jpg
age: 1700576
edge-cache-tag: 460508691337522213755631526822140511193,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 460508691337522213755631526822140511193,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 328
req-referer: https://canadamirror.com/
content-length: 21920
x-request-id: 0479078757ef6c083a9b659b62ec85cd
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000106-IAD, cache-iad-kjyo7100174-IAD, cache-iad-kjyo7100113-IAD, cache-fra-eddf8230029-FRA
last-modified: Tue, 08 Aug 2023 13:17:11 GMT
server: nginx
x-timer: S1694217008.982025,VS0,VE1
etag: "6e33a4b2d9fa31321df0b1b43cafc418"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 4, 1

GET
H2 200 03189ac2845d38a8b7a3c816acbe4705.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 81 KB
82 KB 133ms
130ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03189ac2845d38a8b7a3c816acbe4705.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 03a4c58a30d642dce8d4c675c1fc2663b9467929bb7355913ff5beeb86eee4e9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03189ac2845d38a8b7a3c816acbe4705.jpg
age: 3813732
edge-cache-tag: 605294521975574540276488412410482252536,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 605294521975574540276488412410482252536,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 213
expiration: expiry-date="Fri, 25 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tips-and-tricks.co/
content-length: 82740
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000091-IAD, cache-iad-kjyo7100068-IAD, cache-chi-klot8100135-CHI, cache-iad-kjyo7100102-IAD, cache-fra-eddf8230029-FRA
last-modified: Tue, 25 Jul 2023 12:35:50 GMT
server: nginx
x-timer: S1694217008.982019,VS0,VE0
etag: "e9b11423092488b715bfcf058c5aebfd"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 16, 2

GET
H2 200 b464e2c247dbe4871755014a7046cf80.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 25 KB
26 KB 193ms
193ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b464e2c247dbe4871755014a7046cf80.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 52a5a27eb10b2931b330ad142365a714c05c7bcc4b6901039c0942d0f72c3b08

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b464e2c247dbe4871755014a7046cf80.jpeg
age: 1958970
edge-cache-tag: 539519184516368707920457952998024054956,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 539519184516368707920457952998024054956,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 229
req-referer: https://tamilwin.com/
content-length: 25832
x-request-id: 5014201353ddb9120715b14af0d3e459
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100024-IAD, cache-iad-kjyo7100081-IAD, cache-sna10746-LGB, cache-iad-kiad7000131-IAD, cache-fra-eddf8230029-FRA
last-modified: Thu, 17 Aug 2023 07:10:18 GMT
server: nginx
x-timer: S1694217008.117243,VS0,VE1
etag: "dce0b87e813a8b9ab81d0bf9f38aec2a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 20, 1

GET
H2 200 c6239d26c1081015da8050230fbf269b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 30 KB
31 KB 238ms
238ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6239d26c1081015da8050230fbf269b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 06cad48c2acc8db6b29fb6d99765a9bc5bfa6d61ea4690a484612cd4d4265e3c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6239d26c1081015da8050230fbf269b.jpg
age: 5723519
edge-cache-tag: 587356268005097457686237049894664356422,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 587356268005097457686237049894664356422,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 128
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.jamaicaobserver.com/
content-length: 30980
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000074-IAD, cache-iad-kiad7000057-IAD, cache-chi-klot8100044-CHI, cache-iad-kcgs7200033-IAD, cache-fra-eddf8230029-FRA
last-modified: Tue, 13 Jun 2023 05:44:52 GMT
server: nginx
x-timer: S1694217008.117241,VS0,VE1
etag: "8664d86dacc63024c3a286ec8f3736ea"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 214, 1

GET
H2 200 dab0e53b0f3f4798483c1e0557ecc75d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 30 KB
31 KB 171ms
170ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dab0e53b0f3f4798483c1e0557ecc75d.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 24f61c5dfbc89231d63d1f643abf09f59e7268feff16a94787bd6fa402b9e80a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dab0e53b0f3f4798483c1e0557ecc75d.png
age: 3337055
edge-cache-tag: 510039608198547542900711623465015880692,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 510039608198547542900711623465015880692,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 259
req-referer: https://elecbean.com/pages/games/fruit-fever-world/detail.html
content-length: 30876
x-request-id: 7a74ccdf03f1943f3cb18507960ab519
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000123-IAD, cache-iad-kjyo7100068-IAD, cache-sna10744-LGB, cache-iad-kiad7000105-IAD, cache-fra-eddf8230029-FRA
last-modified: Tue, 18 Jul 2023 20:02:01 GMT
server: nginx
x-timer: S1694217008.159660,VS0,VE1
etag: "747a3082c1ca2907a530cd7cfd62a9c3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 4, 1

GET
H2 200 bb436eb3-d369-4282-a4d7-7a71d2cd4030__0tinstJL.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 24 KB
24 KB 166ms
166ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/bb436eb3-d369-4282-a4d7-7a71d2cd4030__0tinstJL.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ec4b861a5e854f6db529042bf9fab9f50cb1c4f313e30c2e2d14dc4cc2720ef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/bb436eb3-d369-4282-a4d7-7a71d2cd4030__0tinstJL.jpg
age: 1006980
edge-cache-tag: 630110180662670617661162683403545880420,357773110264649676584837152029025937901,29ecf9b93bbf306179626feeda1fab70
cache-tag: 630110180662670617661162683403545880420,357773110264649676584837152029025937901,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 273
expiration: expiry-date="Thu, 07 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://wordsa.com/
content-length: 24312
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100144-IAD, cache-iad-kcgs7200121-IAD, cache-ewr18135-EWR, cache-iad-kcgs7200151-IAD, cache-fra-eddf8230029-FRA
last-modified: Mon, 07 Aug 2023 07:16:07 GMT
server: nginx
x-timer: S1694217008.159646,VS0,VE1
etag: "19c2c06e393f60ef78256f0882ea2c8a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 5, 1

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 162ms
162ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQyMTcwMDcyMjksInBhY2tldElkIjoiMDAwMEE3MDEtYmYwMTYzYmYtN2E2NC00NDNlLWJlN2QtMDBhY2E3OWRmZGU4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2xhbi1tdS1kYW4tamlhbi1wYW4temh1YS15YW5nLWhhby1zaHUtZnUtd2FuZy1xaW5nLXpoYW5nLXp1aS1lLWRpbmctZ2UteGlhLXBpLW1hLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3845.599998474121
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 149ms
149ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 50fb084e53a8aeffaefffbe1612b995ff22ec168455280aae50f40187263fbeb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age: 1853626
edge-cache-tag: 356686445197087509435470419559440289029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356686445197087509435470419559440289029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 79
req-referer: http://geekhebdo.com/
content-length: 8250
x-request-id: a9345f3c6a017abfd5fd26145d40a354
x-backend-name: CH_nlb801
x-served-by: cache-iad-kcgs7200023-IAD, cache-iad-kiad7000082-IAD, cache-iad-kiad7000124-IAD, cache-fra-eddf8230029-FRA
last-modified: Thu, 10 Aug 2023 11:47:17 GMT
server: nginx
x-timer: S1694217008.159648,VS0,VE1
etag: "0f290e0e1bf2b6824ad4b0ee1e205321"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1

GET
H2 200 eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 147ms
147ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 92b6509860512f6d249439e8a2b559c5334d94187d276ea02b245d528e3870d1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Sep 2023 23:50:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age: 2119231
edge-cache-tag: 486431112865747330230722196242728132931,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 486431112865747330230722196242728132931,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 95
expiration: expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://news.livedoor.com/
content-length: 6140
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000027-IAD, cache-iad-kiad7000169-IAD, cache-lga21955-LGA, cache-iad-kcgs7200051-IAD, cache-fra-eddf8230029-FRA
last-modified: Sat, 15 Jul 2023 22:51:17 GMT
server: nginx
x-timer: S1694217008.159632,VS0,VE1
etag: "d556883197025a9ed2665876d1876378"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 26, 1

GET
H2 200 cea80ddf3609efb290faf64050ec1637.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
5 KB 194ms
185ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cea80ddf3609efb290faf64050ec1637.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 82172bc7e1c9226575321094ddd3afc7b3a421ad38925564ec0bd042fe58acbb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 4
date: Fri, 08 Sep 2023 23:50:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cea80ddf3609efb290faf64050ec1637.jpg
age: 1242792
edge-cache-tag: 424011715391862438643660917372215574904,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 424011715391862438643660917372215574904,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time: 210
req-referer: https://www.backzeit.eu/
content-length: 4088
x-request-id: 807f060a254ce5530dc95a1ba3308e84
x-backend-name: LA_nlb202
x-served-by: cache-iad-kiad7000142-IAD, cache-iad-kiad7000142-IAD, cache-sna10725-LGB, cache-iad-kjyo7100033-IAD, cache-fra-eddf8230029-FRA
last-modified: Wed, 26 Jul 2023 16:02:45 GMT
server: nginx
x-timer: S1694217008.356672,VS0,VE4
etag: "f2e9e0c666c8d66a4ef155f80c48048f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 0, 1

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
615 B 146ms
146ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3681
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yMdgu6cLC4svvUpY8a1DJAKl9EmGTIR2bZ2U7c988PntY%2BoS7XtkcUcQLNrJfGD1dfPqpPcHCZgi%2F%2Bl2jPsPO9v2FyqAyadoc4e3mNiom2%2Bs8RLtKBE9iYDxtoF4cc8SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 803b1788fa9aba85-MXP

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 1111ms
287ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a6dcc1980d9fabbbccb4e43cbb8027bcb3a912131df5b017806ba0bb8acd61b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 23:50:08 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 1143ms
287ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a6dcc1980d9fabbbccb4e43cbb8027bcb3a912131df5b017806ba0bb8acd61b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 23:50:08 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 984ms
437ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.28552561783836805&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 23:50:08 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 881ms
335ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.9028244227433608&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 23:50:08 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 9059 422 B
414 B 211ms
209ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Y2cCLAaYrDvL3zW62BEwWXeWv2t0sSsAAABgYID-AAm5hqPVyDJZiywui1s08ZjcEo9v4dbYHIvlbLBxbDYWIyAh13C0Glkma5HFZXGLJh6TW-LxLdwam2OxnA02js3GYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZqaDodPte9Xvf73SU-z1zj9yv8YofdrXa9RQ67W-p02N2Ch90tPboebuXD7nMLHX635uh6y1xv3cPucyuedp9benTYfW7p6-lWuUVOu8-tc7mFT4db8HSrHXah6W22AwAAAIAH_____xAAAAAAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAz_____GgCeOTC402VyWX5-z89l9wcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hkyPEfi3X67JECl4LcIIAAAAgM9paNqRSTpBxaLK__9_vxWAKwAAAYp3M-zBWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9SjF54G6N-VQs0vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAamZbbFczRwbj2VkGk48DsfCs7BNPA7bZjPyrBbbo7Wg6hyZTe7WZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCCYWi5Vtt9y4ZQ7ncC1aLDdrhW22WAsWm9FyZpo4FivbWvT6mC4212a4cHmRYADcXiRPi3QimRhnG9vM5HINF6ONbzAyzCy74cQ0shgGI4_JNBFLNCeLdCK77Fsz22K5mjk2HsvINJx4HI6FZ2GbeBy2zWbkWS32jcViZdstN26ZwzlcixbLzVphmy3WgsVmtJyZJo7FyrYWvT6mi821GS5c_sZsOZosdoPBbN-YLUeTxW4wmO07dIbv6nM2KssqycclNqu_td3NaVC4DBbvS306DwvGgvnkOTpVQuW0szP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9hhd6tdb5HD7pY6HXa34GF3S4-uh1v5sPvcQoffrTm63jLXW_ew-9yKp93nlh4ddp9b-nq6VW6R0-5z61xu4dPhFjzdaoddaHqbLWKJ4HSRTkQv4-mi_iMHm8wVs91cMVvMFYPVKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_DwAAAAAAAACAX0EMNrPd_gGoEGu1Wt1urNVqBTSQ0XAxXE3g____Pw!&cmcv=&pix=undefined&cb=1694217007568&uv=3334&tms=1694217007568&abt=adxLoadDist5-out_vG!nonrv_vA!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d5845d22-dbeb-4bcd-bc7a-cf11960c13cb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ff2885166c78bc615762235be438f27259fb2f45531033d1f8b08082e5ad0e7

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Fri, 08 Sep 2023 23:50:07 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230029-FRA
x-timer: S1694217008.702002,VS0,VE10

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 6CBF 439 B
524 B 242ms
197ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8Y2cCLAaYrDvL3zW62BEwWXeWv2t0sSsAAABgYID-AAm5hqPVyDJZiywui1s08ZjcEo9v4dbYHIvlbLBxbDYWIyAh13C0Glkma5HFZXGLJh6TW-LxLdwam2OxnA02js3GYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZqaDodPte9Xvf73SU-z1zj9yv8YofdrXa9RQ67W-p02N2Ch90tPboebuXD7nMLHX635uh6y1xv3cPucyuedp9benTYfW7p6-lWuUVOu8-tc7mFT4db8HSrHXah6W22AwAAAIAH_____xAAAAAAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAz_____GgCeOTC402VyWX5-z89l9wcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hkyPEfi3X67JECl4LcIIAAAAgM9paNqRSTpBxaLK__9_vxWAKwAAAYp3M-zBWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9SjF54G6N-VQs0vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAamZbbFczRwbj2VkGk48DsfCs7BNPA7bZjPyrBbbo7Wg6hyZTe7WZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCCYWi5Vtt9y4ZQ7ncC1aLDdrhW22WAsWm9FyZpo4FivbWvT6mC4212a4cHmRYADcXiRPi3QimRhnG9vM5HINF6ONbzAyzCy74cQ0shgGI4_JNBFLNCeLdCK77Fsz22K5mjk2HsvINJx4HI6FZ2GbeBy2zWbkWS32jcViZdstN26ZwzlcixbLzVphmy3WgsVmtJyZJo7FyrYWvT6mi821GS5c_sZsOZosdoPBbN-YLUeTxW4wmO07dIbv6nM2KssqycclNqu_td3NaVC4DBbvS306DwvGgvnkOTpVQuW0szP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9hhd6tdb5HD7pY6HXa34GF3S4-uh1v5sPvcQoffrTm63jLXW_ew-9yKp93nlh4ddp9b-nq6VW6R0-5z61xu4dPhFjzdaoddaHqbLWKJ4HSRTkQv4-mi_iMHm8wVs91cMVvMFYPVKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_DwAAAAAAAACAX0EMNrPd_gGoEGu1Wt1urNVqBTSQ0XAxXE3g____Pw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: f22d4e6b91c8f0ce76566dabf80011da1ba6240db3b0e7675b0a8023bab29a5a

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 08 Sep 2023 23:50:07 GMT
machineid: 3408
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
731 B 230ms
209ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694217007574&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1548&pt=2045060697&tz=120&viewable=true&ddast=V8Y2cCLAaYrDvL3zW62BEwWXeWv2t0sSsAAABgYID-AAm5hqPVyDJZiywui1s08ZjcEo9v4dbYHIvlbLBxbDYWIyAh13C0Glkma5HFZXGLJh6TW-LxLdwam2OxnA02js3GYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZqaDodPte9Xvf73SU-z1zj9yv8YofdrXa9RQ67W-p02N2Ch90tPboebuXD7nMLHX635uh6y1xv3cPucyuedp9benTYfW7p6-lWuUVOu8-tc7mFT4db8HSrHXah6W22AwAAAIAH_____xAAAAAAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAz_____GgCeOTC402VyWX5-z89l9wcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hkyPEfi3X67JECl4LcIIAAAAgM9paNqRSTpBxaLK__9_vxWAKwAAAYp3M-zBWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9SjF54G6N-VQs0vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAamZbbFczRwbj2VkGk48DsfCs7BNPA7bZjPyrBbbo7Wg6hyZTe7WZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCCYWi5Vtt9y4ZQ7ncC1aLDdrhW22WAsWm9FyZpo4FivbWvT6mC4212a4cHmRYADcXiRPi3QimRhnG9vM5HINF6ONbzAyzCy74cQ0shgGI4_JNBFLNCeLdCK77Fsz22K5mjk2HsvINJx4HI6FZ2GbeBy2zWbkWS32jcViZdstN26ZwzlcixbLzVphmy3WgsVmtJyZJo7FyrYWvT6mi821GS5c_sZsOZosdoPBbN-YLUeTxW4wmO07dIbv6nM2KssqycclNqu_td3NaVC4DBbvS306DwvGgvnkOTpVQuW0szP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9hhd6tdb5HD7pY6HXa34GF3S4-uh1v5sPvcQoffrTm63jLXW_ew-9yKp93nlh4ddp9b-nq6VW6R0-5z61xu4dPhFjzdaoddaHqbLWKJ4HSRTkQv4-mi_iMHm8wVs91cMVvMFYPVKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_DwAAAAAAAACAX0EMNrPd_gGoEGu1Wt1urNVqBTSQ0XAxXE3g____Pw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vG!nonrv_vA!ufm_vD!ufrlt_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c569065c32a76fdabd354e28723483ab221a9db68fc807aa2970249b9920e8a

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 08 Sep 2023 23:50:07 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1436
x-cache: MISS
x-served-by: cache-fra-eddf8230029-FRA
pragma: no-cache
server: nginx
x-timer: S1694217008.702085,VS0,VE33
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 252ms
192ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Y2cCLAaYrDvL3zW62BEwWXeWv2t0sSsAAABgYID-AAm5hqPVyDJZiywui1s08ZjcEo9v4dbYHIvlbLBxbDYWIyAh13C0Glkma5HFZXGLJh6TW-LxLdwam2OxnA02js3GYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZqaDodPte9Xvf73SU-z1zj9yv8YofdrXa9RQ67W-p02N2Ch90tPboebuXD7nMLHX635uh6y1xv3cPucyuedp9benTYfW7p6-lWuUVOu8-tc7mFT4db8HSrHXah6W22AwAAAIAH_____xAAAAAAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAz_____GgCeOTC402VyWX5-z89l9wcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hkyPEfi3X67JECl4LcIIAAAAgM9paNqRSTpBxaLK__9_vxWAKwAAAYp3M-zBWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9SjF54G6N-VQs0vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAamZbbFczRwbj2VkGk48DsfCs7BNPA7bZjPyrBbbo7Wg6hyZTe7WZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCCYWi5Vtt9y4ZQ7ncC1aLDdrhW22WAsWm9FyZpo4FivbWvT6mC4212a4cHmRYADcXiRPi3QimRhnG9vM5HINF6ONbzAyzCy74cQ0shgGI4_JNBFLNCeLdCK77Fsz22K5mjk2HsvINJx4HI6FZ2GbeBy2zWbkWS32jcViZdstN26ZwzlcixbLzVphmy3WgsVmtJyZJo7FyrYWvT6mi821GS5c_sZsOZosdoPBbN-YLUeTxW4wmO07dIbv6nM2KssqycclNqu_td3NaVC4DBbvS306DwvGgvnkOTpVQuW0szP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9hhd6tdb5HD7pY6HXa34GF3S4-uh1v5sPvcQoffrTm63jLXW_ew-9yKp93nlh4ddp9b-nq6VW6R0-5z61xu4dPhFjzdaoddaHqbLWKJ4HSRTkQv4-mi_iMHm8wVs91cMVvMFYPVKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_DwAAAAAAAACAX0EMNrPd_gGoEGu1Wt1urNVqBTSQ0XAxXE3g____Pw!&cmcv=&pix=31589837&cb=1694217007568&uv=3334&tms=1694217007568&abt=adxLoadDist5-out_vG!nonrv_vA!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1694217003447.2!ts:1694217007568&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
content-length: 0
server: nginx

GET
H2 200 impress Show response
ad.vidverto.io/delivery/ 53 KB
18 KB 367ms
366ms XHR
application/json 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&referrer=&async=1&uid=5739113122&gdpr=0&gdpr_consent=
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4fac8a7a161175024c75b6f18797df2a6159f89998945af3f2bc4edae3e78c4b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 08 Sep 2023 23:50:07 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
230 B 277ms
276ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=12004&tvi50=10367&route=AM%3AIL%3AV&lti=deflated&bulkSize=20
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 120
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 59079
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230029-FRA
pragma: no-cache
server: nginx
x-timer: S1694217008.764627,VS0,VE120
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 40 KB
10 KB 117ms
116ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:40 GMT
age: 281007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10339
x-xss-protection: 0
server: sffe
etag: "6b0a8d436e5c7ad3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:40 GMT

GET
H2 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 213 KB
57 KB 164ms
160ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

851e04ab30d3036701fa3d2b2a3db761579f1319cda0819efb17a2d7cf3a2862

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:40 GMT
age: 281007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57751
x-xss-protection: 0
server: sffe
etag: "df3f5bf96724b1a9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:40 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 942ms
257ms Script
application/javascript 91.228.74.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: gzip
etag: "6ioqmyHWSWLYz5hkRjy8Uw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 15 Sep 2023 23:50:09 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9059 70 B
265 B 634ms
280ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Y2cCLAaYrDvL3zW62BEwWXeWv2t0sSsAAABgYID-AAm5hqPVyDJZiywui1s08ZjcEo9v4dbYHIvlbLBxbDYWIyAh13C0Glkma5HFZXGLJh6TW-LxLdwam2OxnA02js3GYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZqaDodPte9Xvf73SU-z1zj9yv8YofdrXa9RQ67W-p02N2Ch90tPboebuXD7nMLHX635uh6y1xv3cPucyuedp9benTYfW7p6-lWuUVOu8-tc7mFT4db8HSrHXah6W22AwAAAIAH_____xAAAAAAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAz_____GgCeOTC402VyWX5-z89l9wcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hkyPEfi3X67JECl4LcIIAAAAgM9paNqRSTpBxaLK__9_vxWAKwAAAYp3M-zBWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9SjF54G6N-VQs0vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAamZbbFczRwbj2VkGk48DsfCs7BNPA7bZjPyrBbbo7Wg6hyZTe7WZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCCYWi5Vtt9y4ZQ7ncC1aLDdrhW22WAsWm9FyZpo4FivbWvT6mC4212a4cHmRYADcXiRPi3QimRhnG9vM5HINF6ONbzAyzCy74cQ0shgGI4_JNBFLNCeLdCK77Fsz22K5mjk2HsvINJx4HI6FZ2GbeBy2zWbkWS32jcViZdstN26ZwzlcixbLzVphmy3WgsVmtJyZJo7FyrYWvT6mi821GS5c_sZsOZosdoPBbN-YLUeTxW4wmO07dIbv6nM2KssqycclNqu_td3NaVC4DBbvS306DwvGgvnkOTpVQuW0szP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9hhd6tdb5HD7pY6HXa34GF3S4-uh1v5sPvcQoffrTm63jLXW_ew-9yKp93nlh4ddp9b-nq6VW6R0-5z61xu4dPhFjzdaoddaHqbLWKJ4HSRTkQv4-mi_iMHm8wVs91cMVvMFYPVKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_DwAAAAAAAACAX0EMNrPd_gGoEGu1Wt1urNVqBTSQ0XAxXE3g____Pw!&cmcv=&pix=undefined&cb=1694217007568&uv=3334&tms=1694217007568&abt=adxLoadDist5-out_vG!nonrv_vA!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d5845d22-dbeb-4bcd-bc7a-cf11960c13cb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 9059 43 B
425 B 1005ms
325ms Image
image/gif 52.208.254.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Y2cCLAaYrDvL3zW62BEwWXeWv2t0sSsAAABgYID-AAm5hqPVyDJZiywui1s08ZjcEo9v4dbYHIvlbLBxbDYWIyAh13C0Glkma5HFZXGLJh6TW-LxLdwam2OxnA02js3GYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZqaDodPte9Xvf73SU-z1zj9yv8YofdrXa9RQ67W-p02N2Ch90tPboebuXD7nMLHX635uh6y1xv3cPucyuedp9benTYfW7p6-lWuUVOu8-tc7mFT4db8HSrHXah6W22AwAAAIAH_____xAAAAAAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAz_____GgCeOTC402VyWX5-z89l9wcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hkyPEfi3X67JECl4LcIIAAAAgM9paNqRSTpBxaLK__9_vxWAKwAAAYp3M-zBWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9SjF54G6N-VQs0vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAamZbbFczRwbj2VkGk48DsfCs7BNPA7bZjPyrBbbo7Wg6hyZTe7WZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCCYWi5Vtt9y4ZQ7ncC1aLDdrhW22WAsWm9FyZpo4FivbWvT6mC4212a4cHmRYADcXiRPi3QimRhnG9vM5HINF6ONbzAyzCy74cQ0shgGI4_JNBFLNCeLdCK77Fsz22K5mjk2HsvINJx4HI6FZ2GbeBy2zWbkWS32jcViZdstN26ZwzlcixbLzVphmy3WgsVmtJyZJo7FyrYWvT6mi821GS5c_sZsOZosdoPBbN-YLUeTxW4wmO07dIbv6nM2KssqycclNqu_td3NaVC4DBbvS306DwvGgvnkOTpVQuW0szP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9hhd6tdb5HD7pY6HXa34GF3S4-uh1v5sPvcQoffrTm63jLXW_ew-9yKp93nlh4ddp9b-nq6VW6R0-5z61xu4dPhFjzdaoddaHqbLWKJ4HSRTkQv4-mi_iMHm8wVs91cMVvMFYPVKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_DwAAAAAAAACAX0EMNrPd_gGoEGu1Wt1urNVqBTSQ0XAxXE3g____Pw!&cmcv=&pix=undefined&cb=1694217007568&uv=3334&tms=1694217007568&abt=adxLoadDist5-out_vG!nonrv_vA!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d5845d22-dbeb-4bcd-bc7a-cf11960c13cb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.254.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 9059 43 B
146 B 582ms
242ms Image
image/gif 18.193.190.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Y2cCLAaYrDvL3zW62BEwWXeWv2t0sSsAAABgYID-AAm5hqPVyDJZiywui1s08ZjcEo9v4dbYHIvlbLBxbDYWIyAh13C0Glkma5HFZXGLJh6TW-LxLdwam2OxnA02js3GYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZqaDodPte9Xvf73SU-z1zj9yv8YofdrXa9RQ67W-p02N2Ch90tPboebuXD7nMLHX635uh6y1xv3cPucyuedp9benTYfW7p6-lWuUVOu8-tc7mFT4db8HSrHXah6W22AwAAAIAH_____xAAAAAAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAz_____GgCeOTC402VyWX5-z89l9wcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hkyPEfi3X67JECl4LcIIAAAAgM9paNqRSTpBxaLK__9_vxWAKwAAAYp3M-zBWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9SjF54G6N-VQs0vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAamZbbFczRwbj2VkGk48DsfCs7BNPA7bZjPyrBbbo7Wg6hyZTe7WZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCCYWi5Vtt9y4ZQ7ncC1aLDdrhW22WAsWm9FyZpo4FivbWvT6mC4212a4cHmRYADcXiRPi3QimRhnG9vM5HINF6ONbzAyzCy74cQ0shgGI4_JNBFLNCeLdCK77Fsz22K5mjk2HsvINJx4HI6FZ2GbeBy2zWbkWS32jcViZdstN26ZwzlcixbLzVphmy3WgsVmtJyZJo7FyrYWvT6mi821GS5c_sZsOZosdoPBbN-YLUeTxW4wmO07dIbv6nM2KssqycclNqu_td3NaVC4DBbvS306DwvGgvnkOTpVQuW0szP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9hhd6tdb5HD7pY6HXa34GF3S4-uh1v5sPvcQoffrTm63jLXW_ew-9yKp93nlh4ddp9b-nq6VW6R0-5z61xu4dPhFjzdaoddaHqbLWKJ4HSRTkQv4-mi_iMHm8wVs91cMVvMFYPVKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_DwAAAAAAAACAX0EMNrPd_gGoEGu1Wt1urNVqBTSQ0XAxXE3g____Pw!&cmcv=&pix=undefined&cb=1694217007568&uv=3334&tms=1694217007568&abt=adxLoadDist5-out_vG!nonrv_vA!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d5845d22-dbeb-4bcd-bc7a-cf11960c13cb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.190.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-190-7.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_3_4/infra/ 880 KB
144 KB 170ms
160ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 2733f4c9d329a470c14450dd885bf02219a19ee63d30c67439a250ebbabc107c

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1693922380
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: FPEQYM4MR0ZRP5J1
age: 294500
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1693922381
x-amz-meta-mode: 33188
content-length: 147123
x-amz-id-2: EBlzWPD6iKqbOB4H1z5wHohK8Wh0TTibYEfCs5fBpD2xxbylSU0TWKUB2Q0mV8JFlBxT6dJUGQc=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Tue, 05 Sep 2023 13:59:42 GMT
server: AmazonS3-br
x-timer: S1694217008.899314,VS0,VE0
etag: "38ea6c5249cc72e909660623b02bf7b8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 279761

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_3_4/assets/css/ 60 KB
8 KB 169ms
159ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_3_4/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1693922399
date: Fri, 08 Sep 2023 23:50:07 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: FPEY0CJZ5CP448HD
age: 294500
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1693922400
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: gVazDaezCRHQYY8kPxJDod2jVIgirHImf1myU/cjbP0xNs8QizH4a+tId0Tt1JKOHSNppWVNwEE=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Tue, 05 Sep 2023 14:00:01 GMT
server: AmazonS3-br
x-timer: S1694217008.899484,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 334969

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&rid=esp&cc=1

85 B
203 B

298ms
297ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&rid=esp&cc=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 40bd2182c5fbc8131110bc794573f5e72efceef81367c8e553454aecdd54c414

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-SfiGBNEZf/prLRaKjko9ZAqpZ9Q"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 08 Sep 2023 23:50:08 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.bg3.co
location: /esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6CBF 70 B
264 B 599ms
281ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Y2cCLAaYrDvL3zW62BEwWXeWv2t0sSsAAABgYID-AAm5hqPVyDJZiywui1s08ZjcEo9v4dbYHIvlbLBxbDYWIyAh13C0Glkma5HFZXGLJh6TW-LxLdwam2OxnA02js3GYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZqaDodPte9Xvf73SU-z1zj9yv8YofdrXa9RQ67W-p02N2Ch90tPboebuXD7nMLHX635uh6y1xv3cPucyuedp9benTYfW7p6-lWuUVOu8-tc7mFT4db8HSrHXah6W22AwAAAIAH_____xAAAAAAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAz_____GgCeOTC402VyWX5-z89l9wcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hkyPEfi3X67JECl4LcIIAAAAgM9paNqRSTpBxaLK__9_vxWAKwAAAYp3M-zBWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9SjF54G6N-VQs0vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAamZbbFczRwbj2VkGk48DsfCs7BNPA7bZjPyrBbbo7Wg6hyZTe7WZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCCYWi5Vtt9y4ZQ7ncC1aLDdrhW22WAsWm9FyZpo4FivbWvT6mC4212a4cHmRYADcXiRPi3QimRhnG9vM5HINF6ONbzAyzCy74cQ0shgGI4_JNBFLNCeLdCK77Fsz22K5mjk2HsvINJx4HI6FZ2GbeBy2zWbkWS32jcViZdstN26ZwzlcixbLzVphmy3WgsVmtJyZJo7FyrYWvT6mi821GS5c_sZsOZosdoPBbN-YLUeTxW4wmO07dIbv6nM2KssqycclNqu_td3NaVC4DBbvS306DwvGgvnkOTpVQuW0szP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9hhd6tdb5HD7pY6HXa34GF3S4-uh1v5sPvcQoffrTm63jLXW_ew-9yKp93nlh4ddp9b-nq6VW6R0-5z61xu4dPhFjzdaoddaHqbLWKJ4HSRTkQv4-mi_iMHm8wVs91cMVvMFYPVKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_DwAAAAAAAACAX0EMNrPd_gGoEGu1Wt1urNVqBTSQ0XAxXE3g____Pw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 6CBF 43 B
426 B 969ms
324ms Image
image/gif 52.208.254.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Y2cCLAaYrDvL3zW62BEwWXeWv2t0sSsAAABgYID-AAm5hqPVyDJZiywui1s08ZjcEo9v4dbYHIvlbLBxbDYWIyAh13C0Glkma5HFZXGLJh6TW-LxLdwam2OxnA02js3GYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZqaDodPte9Xvf73SU-z1zj9yv8YofdrXa9RQ67W-p02N2Ch90tPboebuXD7nMLHX635uh6y1xv3cPucyuedp9benTYfW7p6-lWuUVOu8-tc7mFT4db8HSrHXah6W22AwAAAIAH_____xAAAAAAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAz_____GgCeOTC402VyWX5-z89l9wcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hkyPEfi3X67JECl4LcIIAAAAgM9paNqRSTpBxaLK__9_vxWAKwAAAYp3M-zBWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9SjF54G6N-VQs0vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAamZbbFczRwbj2VkGk48DsfCs7BNPA7bZjPyrBbbo7Wg6hyZTe7WZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCCYWi5Vtt9y4ZQ7ncC1aLDdrhW22WAsWm9FyZpo4FivbWvT6mC4212a4cHmRYADcXiRPi3QimRhnG9vM5HINF6ONbzAyzCy74cQ0shgGI4_JNBFLNCeLdCK77Fsz22K5mjk2HsvINJx4HI6FZ2GbeBy2zWbkWS32jcViZdstN26ZwzlcixbLzVphmy3WgsVmtJyZJo7FyrYWvT6mi821GS5c_sZsOZosdoPBbN-YLUeTxW4wmO07dIbv6nM2KssqycclNqu_td3NaVC4DBbvS306DwvGgvnkOTpVQuW0szP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9hhd6tdb5HD7pY6HXa34GF3S4-uh1v5sPvcQoffrTm63jLXW_ew-9yKp93nlh4ddp9b-nq6VW6R0-5z61xu4dPhFjzdaoddaHqbLWKJ4HSRTkQv4-mi_iMHm8wVs91cMVvMFYPVKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_DwAAAAAAAACAX0EMNrPd_gGoEGu1Wt1urNVqBTSQ0XAxXE3g____Pw!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.254.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 6CBF 0
125 B 547ms
240ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 864ms
242ms XHR
application/json 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230909

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddc9142d756ee21e54f3a35794d50954db4e1e00afeca4c181a7d7a6963588f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 28159
x-jsd-version: 1.0.1807
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1654-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"63c-19nn2qAjh+v9PgbzMwWf/CEgP0w"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6eMiRA0%2FaKN6B87bVNK8vJ1%2BZccc6UUCxU92TdMvwt5ureZrYfvNUwfH4qPzvjKPHVSKN0wsuX5lrrqEbZvM99BNkUY13tW7y24jjMfIpjVTXGAYgHI4TN8F8TcsBIt2s8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 803b17901d3a233d-ZRH

POST
H2 200 adreq Show response
ads.servenobid.com/ 981 B
780 B 557ms
179ms XHR
application/json 52.210.70.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=9145
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
307 B 510ms
182ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 803b178dfa393745-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 18 KB
10 KB 974ms
447ms XHR
application/json 18.192.235.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.235.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-235-121.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ba14c154c8216d3347260ae80a4864e2811420c44612a5a8752b3d313ed6c3eb

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Sep 2023 23:50:08 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 9565

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
469 B 899ms
184ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 82b40b9813d7f4014844ff8367f041a8a3be4774027e513bd3393bf3faeda17d

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/1.128.0
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 15 KB
8 KB 1089ms
335ms XHR
application/json 213.19.162.51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=0aac6c66-effa-4851-afb9-1f4cc8ebb66e%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E8%97%8D%E7%89%A1%E4%B8%B9%E3%80%8C%E9%8D%B5%E7%9B%A4%E6%8A%93%E7%99%A2%E3%80%8D%E5%A5%BD%E8%88%92%E6%9C%8D%EF%BC%81%E5%BF%98%E6%83%85%E5%BC%B5%E5%98%B4%E3%80%8C%E5%93%A6%EF%BD%9E%E3%80%8D%E5%AE%9A%E6%A0%BC%E5%9A%87%E5%A3%9E%E5%AA%BD&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=215fa63e-850c-4810-be19-00d4725cdbdb&l_pb_bid_id=8d90a79269fa7f&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=215fa63e-850c-4810-be19-00d4725cdbdb&rp_maxbids=1&slots=1&rand=0.3218092706286313
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 793274344b840e44d795f0f71c38878cbc0edbc54ad877a93b33a8c3c53f882f

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 39 KB
16 KB 636ms
310ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb0db2c66b100bc06a0c732bd54e22cb423be722f35c70bb73cf06218bd44f3e

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKKDsdVmYWzCjT%2FxEIVtjkKMA%2FiVRK6CBVxL27sHXfoPOzL%2B3VqqNFNWi2tVgwOZetlnvNHgVoQi%2ByW%2Fmu4GMc3QptUe%2BZ4ud2kSFEqFZM%2BbcOnbUrwF8o7aiYQSJj14AAn25a0I"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 803b178dfe8601f0-ZRH
alt-svc: h3=":443"; ma=86400
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
544 B 554ms
229ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec63b4cf47bf89a0bcab6911486f446668f9d39fee42ec3c0b89454bb5972ce7

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUWg6PW3YHBmcn6jQMsyAnGZULBvQeIH3FcIKVeLNMV9LCGqt%2BMrKwO4YFoatsK%2BjeGSunZQeVyP%2BgDk1DFnaI0ro6h9zdiIGZyUvZkx%2FTcB2leOPsKbGDoLoOsNTkTp4boZGhDk"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 803b178dfe8801f0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 779ms
455ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b224d847c735a45ecd6ca62ad92471292ab6d8149008da8b57067f90e92f3e6e

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 08 Sep 2023 23:50:08 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
493 B 753ms
385ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 08 Sep 2023 23:50:08 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
497 B 506ms
184ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 15 KB
7 KB 645ms
325ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: dfbb84f3e18d58ecdef7a3f7676a5a2ab456e77c80ed7bf4fac8142917e5daa6

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
145 B 501ms
181ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 08 Sep 2023 23:50:08 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 3 B
453 B 514ms
196ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 6
content-length: 3
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
189 B 940ms
242ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=38588868290&lsavail=0

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 08 Sep 2023 23:50:07 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 145 B
960 B 659ms
276ms XHR
application/json 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-18-159-76-58.eu-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

dd601ac5602491051cb40ea4a858e4426502ac8c4708afa1709dd05b03ac3fa2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
an-x-request-uuid: c4f0869c-319d-48d3-bddf-3a031f754ebd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 62.167.161.105; 62.167.161.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
272 B 1283ms
181ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 08 Sep 2023 23:50:08 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
620 B 596ms
285ms XHR
application/json 18.159.76.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&tmax=3000

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.76.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
accept-ch: sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status: 29, 29, 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
767 B 188ms
187ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Fri, 08 Sep 2023 23:50:08 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 4964
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1694217008.027347,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 27
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 622

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 110 KB
31 KB 141ms
141ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:40 GMT
age: 281008
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32129
x-xss-protection: 0
server: sffe
etag: "d5ab003501cb3fb7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:40 GMT

GET
H2 200 nameframe.html
d-41312868011269022054.ampproject.net/2308242321000/ 0
0 908ms
244ms Other
text/html 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-41312868011269022054.ampproject.net/2308242321000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame BAD8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7c6c4e93a533c880cac5474f19190af4737511fca97abcf631f88e549f622f5

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame BAD8 0
0 836ms
209ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteIVhrX8yM16NOFktvcIFqzfRo5OhaWgboMI9oV4WBTFUPL4aqnZ6_dpx5kAbnLYtv737nyiP5IVgDcJ3yOlN7QY7cca8uAYKYz5iGL1XZezKmycXbtuuW77d-2KBSxKvFtGuqru_oETbY1axQSeHdPcX0wPqaXtqy-sFVhdRzhMkW4fIaE9X939OyEZ64zFB5PmjOQ-vVZJmtbn39MEwu2MDH7FxTvNan61nosqakPV9wrX-OPT3HQm92kx5T68pWe5nS5Xd8Co8ovtqIvI8zeLHKR-KF3R6fPQPoLisaYzK2Oxv5DBcBruSA1FzW941TEoAZ&sai=AMfl-YT5mnuU856n7G7IP3l6rGPwhuYXtGWGaGosXHz5KPzxJKSZSwvZrMtFKR99tqipi-AVOBJMoyP7w_NFJLT4iaY0CBxyrUhZU1n-QD1FZNNlY85vj8g4fQeEYslujmTFyVrMdUojAlgSKascYOm2&sig=Cg0ArKJSzNDkzKhxMBnNEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Sep 2023 23:50:08 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 093B 4 KB
2 KB 302ms
184ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

6a27afee90ca928345474346441ea88a315e09e3dd03d189e962baafe8f2244f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1439
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 moxplayer.css
ad.vidverto.io/js/moxplayer/ 51 KB
8 KB 192ms
187ms Stylesheet
text/css 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-cbf7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public, max-age=3600
expires: Sat, 09 Sep 2023 00:50:08 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 358 KB
124 KB 959ms
289ms Script
text/javascript 216.58.206.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9848fd9c8e8d1002001cd245c2218c1c51d6e0aa9f543a0163e19bf6899af172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126091
x-xss-protection: 0
expires: Fri, 08 Sep 2023 23:50:09 GMT

GET
H2 200 inview.min.js Show response
ad.vidverto.io/js/ima2/2/ 5 KB
2 KB 243ms
241ms Script
application/javascript 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-1389"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sat, 09 Sep 2023 00:50:08 GMT

GET
H2 200 vast-client.min.js Show response
ad.vidverto.io/js/ima2/2/ 59 KB
13 KB 274ms
272ms Script
application/javascript 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
last-modified: Fri, 21 Apr 2023 17:10:25 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6442c381-edf4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sat, 09 Sep 2023 00:50:08 GMT

GET
H2 200 ima.min.js Show response
ad.vidverto.io/js/ima2/2/ 87 KB
23 KB 294ms
292ms Script
application/javascript 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/ima.min.js?08092023
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dae0b88c1732815e47cb0d2d0d7e270b9225d316216ee4ba20ab74eea6d8525c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
last-modified: Fri, 08 Sep 2023 10:57:53 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64fafe31-15d8c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sat, 09 Sep 2023 00:50:08 GMT

GET
H2 200 vidvertoplayer.js Show response
ad.vidverto.io/vidverto/player/ 129 KB
41 KB 294ms
293ms Script
application/javascript 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 07:44:44 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62fdedec-205ff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sat, 09 Sep 2023 00:50:08 GMT

GET
H2 200 prebid.js Show response
ad.vidverto.io/js/achernar/ 280 KB
94 KB 302ms
302ms Script
application/javascript 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/achernar/prebid.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0eabf223abecabda52f55a16a73a20e2465beacb8811cdb8d129b4e8378937b6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
last-modified: Thu, 07 Sep 2023 17:02:00 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64fa0208-461ba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sat, 09 Sep 2023 00:50:08 GMT

GET
H2 200 invocation.min.css
ad.vidverto.io/vidverto/ 3 KB
850 B 331ms
328ms Stylesheet
text/css 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/invocation.min.css
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 16:53:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5fac1711-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2

200

sync
ad.vidverto.io/delivery/v2/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3Dfc8c07d1-ef7e-4a25-a938-7533834f7fe0%26p_id%3D23
https://ad.vidverto.io/delivery/v2/sync?userid=fc8c07d1-ef7e-4a25-a938-7533834f7fe0&p_id=23

0
151 B

236ms
235ms

Image
text/plain

175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/v2/sync?userid=fc8c07d1-ef7e-4a25-a938-7533834f7fe0&p_id=23
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.vidverto.io/delivery/v2/sync?userid=fc8c07d1-ef7e-4a25-a938-7533834f7fe0&p_id=23
date: Fri, 08 Sep 2023 23:50:08 GMT
cache-control: no-store no-transform
server: nginx
content-length: 161
content-type: text/html; charset=utf-8

GET
H2

200

sync
odr.mookie1.com/t/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=fc8c07d1-ef7e-4a25-a938-7533834f7fe0&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=fc8c07d1-ef7e-4a25-a938-7533834f7fe0&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=dfcec428-e02e-4a58-b9ad-93530969c20a&ssp=prodoohmox&gdpr=0&gdpr_consent=

42 B
213 B

572ms
212ms

Image
image/gif

34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=dfcec428-e02e-4a58-b9ad-93530969c20a&ssp=prodoohmox&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=dfcec428-e02e-4a58-b9ad-93530969c20a&ssp=prodoohmox&gdpr=0&gdpr_consent=
date: Fri, 08 Sep 2023 23:50:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 favicon-16px.png
ad.vidverto.io/images/ 900 B
1 KB 317ms
316ms Image
image/png 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/images/favicon-16px.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ee0f3c3-384"
content-type: image/png
cache-control: max-age=604800, public, max-age=604800
accept-ranges: bytes
content-length: 900
expires: Fri, 15 Sep 2023 23:50:08 GMT

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 241ms
240ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 1991876
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1694217008.416867,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits: 43759

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.8/ 448 KB
85 KB 159ms
158ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.8/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: ab26e5fdc70f81dec778eb313ee86ff75d9f2c539e406790c1ca3e664838f1be

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1693904460
date: Fri, 08 Sep 2023 23:50:08 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: HYK8AJ9H52WB6KA4
age: 312498
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1693904472
x-amz-meta-mode: 33188
content-length: 86274
x-amz-id-2: t1lNyGed3NAQ57eXbmNV3qVCMiGjwwYQ92oCZvFfitu9WKbobo/2tqpNuGO2BTlGE6TqMOiZWNA=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Tue, 05 Sep 2023 09:01:13 GMT
server: AmazonS3-br
x-timer: S1694217008.361593,VS0,VE0
etag: "e792bcdfdedece52c8d382e55db7d6bd"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 310067

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 4D29 577 B
671 B 167ms
167ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8Y2cCLAaYrDvL3zW62BEwWXeWv2t0sSsAAABgYID-AAm5hqPVyDJZiywui1s08ZjcEo9v4dbYHIvlbLBxbDYWIyAh13C0Glkma5HFZXGLJh6TW-LxLdwam2OxnA02js3GYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZqaDodPte9Xvf73SU-z1zj9yv8YofdrXa9RQ67W-p02N2Ch90tPboebuXD7nMLHX635uh6y1xv3cPucyuedp9benTYfW7p6-lWuUVOu8-tc7mFT4db8HSrHXah6W22AwAAAIAH_____xAAAAAAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAz_____GgCeOTC402VyWX5-z89l9wcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hkyPEfi3X67JECl4LcIIAAAAgM9paNqRSTpBxaLK__9_vxWAKwAAAYp3M-zBWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9SjF54G6N-VQs0vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAamZbbFczRwbj2VkGk48DsfCs7BNPA7bZjPyrBbbo7Wg6hyZTe7WZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCCYWi5Vtt9y4ZQ7ncC1aLDdrhW22WAsWm9FyZpo4FivbWvT6mC4212a4cHmRYADcXiRPi3QimRhnG9vM5HINF6ONbzAyzCy74cQ0shgGI4_JNBFLNCeLdCK77Fsz22K5mjk2HsvINJx4HI6FZ2GbeBy2zWbkWS32jcViZdstN26ZwzlcixbLzVphmy3WgsVmtJyZJo7FyrYWvT6mi821GS5c_sZsOZosdoPBbN-YLUeTxW4wmO07dIbv6nM2KssqycclNqu_td3NaVC4DBbvS306DwvGgvnkOTpVQuW0szP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9hhd6tdb5HD7pY6HXa34GF3S4-uh1v5sPvcQoffrTm63jLXW_ew-9yKp93nlh4ddp9b-nq6VW6R0-5z61xu4dPhFjzdaoddaHqbLWKJ4HSRTkQv4-mi_iMHm8wVs91cMVvMFYPVKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_DwAAAAAAAACAX0EMNrPd_gGoEGu1Wt1urNVqBTSQ0XAxXE3g____Pw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: f15ff5b9b57b32a77b252d3e2a9edd4fde7c12a5fbf882aae8165c2c844f3fdd

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 08 Sep 2023 23:50:08 GMT
machineid: 3402
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 167ms
167ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Y2cCLAaYrDvL3zW62BEwWXeWv2t0sSsAAABgYID-AAm5hqPVyDJZiywui1s08ZjcEo9v4dbYHIvlbLBxbDYWIyAh13C0Glkma5HFZXGLJh6TW-LxLdwam2OxnA02js3GYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZqaDodPte9Xvf73SU-z1zj9yv8YofdrXa9RQ67W-p02N2Ch90tPboebuXD7nMLHX635uh6y1xv3cPucyuedp9benTYfW7p6-lWuUVOu8-tc7mFT4db8HSrHXah6W22AwAAAIAH_____xAAAAAAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAz_____GgCeOTC402VyWX5-z89l9wcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hkyPEfi3X67JECl4LcIIAAAAgM9paNqRSTpBxaLK__9_vxWAKwAAAYp3M-zBWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9SjF54G6N-VQs0vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAamZbbFczRwbj2VkGk48DsfCs7BNPA7bZjPyrBbbo7Wg6hyZTe7WZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCCYWi5Vtt9y4ZQ7ncC1aLDdrhW22WAsWm9FyZpo4FivbWvT6mC4212a4cHmRYADcXiRPi3QimRhnG9vM5HINF6ONbzAyzCy74cQ0shgGI4_JNBFLNCeLdCK77Fsz22K5mjk2HsvINJx4HI6FZ2GbeBy2zWbkWS32jcViZdstN26ZwzlcixbLzVphmy3WgsVmtJyZJo7FyrYWvT6mi821GS5c_sZsOZosdoPBbN-YLUeTxW4wmO07dIbv6nM2KssqycclNqu_td3NaVC4DBbvS306DwvGgvnkOTpVQuW0szP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9hhd6tdb5HD7pY6HXa34GF3S4-uh1v5sPvcQoffrTm63jLXW_ew-9yKp93nlh4ddp9b-nq6VW6R0-5z61xu4dPhFjzdaoddaHqbLWKJ4HSRTkQv4-mi_iMHm8wVs91cMVvMFYPVKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_DwAAAAAAAACAX0EMNrPd_gGoEGu1Wt1urNVqBTSQ0XAxXE3g____Pw!&cmcv=&pix=31579697&cb=1694217008280&uv=3334&tms=1694217008280&su=3&abt=adxLoadDist5-out_vG!nonrv_vA!ufm_vG!ufrlt_vA&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
content-length: 0
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 171ms
170ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Fri, 08 Sep 2023 23:50:08 GMT
via: 1.1 a6e32bd914015b20776b115cfb4ba692.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: MRS52-C1
age: 1459268
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1694217008.416854,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: IIclY0Hd02bh9imcq0tMJSCTDo5LewOaeFyq25cNLCQUuYWH0yvLeA==
x-cache-hits: 220357

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame BE23 18 KB
8 KB 937ms
254ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

cafe /

Resource Hash

d9cc058fdbe87ea1f0c0fd8420cdb3295ce451e70c2a9f1138a742e07245c51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7891
x-xss-protection: 0
server: cafe
etag: 10624974250136638755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 23:50:09 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 17DC 15 KB
6 KB 181ms
181ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 23:50:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 340178
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
319 B 598ms
250ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 08 Sep 2023 23:50:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 2 KB
980 B 160ms
160ms Fetch
application/json 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:49 GMT
age: 280999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "13417016125ec007"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:49 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 864ms
179ms Fetch
application/json 172.64.197.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.197.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28256
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Sep 2023 15:59:13 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70BMN4aYQD1kkavD7LgOFKZKshDw8Ez1JwILcaNylxszNQuULgDuE%2Fle60XdAhMkyeycmAa%2F20WA4SchZe31rc92CMp03xy8iANDlri%2Bnd%2FKyujv4XEihEghRzqJmjrpVNoLPx8J3Tf84xjOUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 803b1793492f9189-FRA

GET
H2 200 gtag.json Show response
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 3 KB
1009 B 220ms
220ms Fetch
application/json 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:49 GMT
age: 280999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "2053776e7f80c73d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:49 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 7F25 18 KB
8 KB 852ms
287ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09045fb9ab5b5622682e93e42823dd7c17b7c11c0d891497c1be916bbe2e53ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7902
x-xss-protection: 0
server: cafe
etag: 1476151780234157748
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 23:50:09 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 093B 43 B
443 B 600ms
198ms Image
image/gif 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master cdg cdg-pixel-x35 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 23:50:09 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x35 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Fri, 08 Sep 2023 23:50:08 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 093B
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LMB92AT9-1Y-2CGM&gdpr=0

0
291 B

182ms
181ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LMB92AT9-1Y-2CGM&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LMB92AT9-1Y-2CGM&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 093B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5041285962934866388

0
291 B

195ms
193ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5041285962934866388

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
an-x-request-uuid: f49845b2-e586-4890-a793-7ce23ca915df
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5041285962934866388
x-proxy-origin: 62.167.161.105; 62.167.161.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 093B
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=9830a46d95e9c8285d918a13cca4a9&gdpr_consent=&gdpr=0

0
291 B

180ms
179ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=9830a46d95e9c8285d918a13cca4a9&gdpr_consent=&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Fri, 08 Sep 2023 23:50:09 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=9830a46d95e9c8285d918a13cca4a9&gdpr_consent=&gdpr=0
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1694217009138016-561
Expires: Fri, 08 Sep 2023 23:50:09 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 093B 42 B
773 B 784ms
160ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=DGO6HGeJK5RB9yQcORyNfS-0eLNP-uNcpWyoJZXzvdw
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 093B
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABincz9e-WkSEuogOQeBRMKoXyXnllVxqr_A

170 B
243 B

518ms
344ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABincz9e-WkSEuogOQeBRMKoXyXnllVxqr_A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABincz9e-WkSEuogOQeBRMKoXyXnllVxqr_A
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 093B
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=8150961790652044888

0
291 B

181ms
181ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=8150961790652044888

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=8150961790652044888
date: Fri, 08 Sep 2023 23:50:08 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 093B 0
0 516ms
205ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 093B
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=L4eG8jA3o53rlOlQ6FoltV0JD8sZlNQ2nLX5t8KiuGA

43 B
479 B

1212ms
338ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=L4eG8jA3o53rlOlQ6FoltV0JD8sZlNQ2nLX5t8KiuGA

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Sep 2023 23:50:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YC5QHNRZDVSVV3396VG7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=L4eG8jA3o53rlOlQ6FoltV0JD8sZlNQ2nLX5t8KiuGA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 093B
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0JBQzEyN0EtODA4Qi00MUFELTkzRDEtQjYxQ0MyMUYzQkQy&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=CBAC127A-808B-41AD-93D1-B61CC21F3BD2

0
291 B

99ms
99ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=CBAC127A-808B-41AD-93D1-B61CC21F3BD2

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=CBAC127A-808B-41AD-93D1-B61CC21F3BD2
date: Fri, 08 Sep 2023 23:50:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame 093B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIQfSgf94dhyLdfM4Csgeiw&google_cver=1

0
291 B

123ms
120ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIQfSgf94dhyLdfM4Csgeiw&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIQfSgf94dhyLdfM4Csgeiw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 093B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-WdnMC8RE2uEhPVYE.pChDD.Y9lCUKPuNuKIUUjE-~A

0
291 B

153ms
153ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-WdnMC8RE2uEhPVYE.pChDD.Y9lCUKPuNuKIUUjE-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-WdnMC8RE2uEhPVYE.pChDD.Y9lCUKPuNuKIUUjE-~A
date: Fri, 08 Sep 2023 23:50:08 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 093B 70 B
264 B 210ms
208ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

/
onetag-sys.com/match/ Frame 093B
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=dfcec428-e02e-4a58-b9ad-93530969c20a&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-C29F9NRE2plu.BWSikeUGDaH804wkvWI9OxGjg--~A&expires=5&ssp=onetag
https://onetag-sys.com/match/?int_id=30&uid=dfcec428-e02e-4a58-b9ad-93530969c20a&gdpr=&gdpr_consent=&us_privacy=

0
291 B

156ms
155ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=dfcec428-e02e-4a58-b9ad-93530969c20a&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=dfcec428-e02e-4a58-b9ad-93530969c20a&gdpr=&gdpr_consent=&us_privacy=
date: Fri, 08 Sep 2023 23:50:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sync
ad.mox.tv/delivery/v2/ Frame 093B
Redirect Chain

https://ad.mox.tv/delivery/sync?userid=DGO6HGeJK5RB9yQcORyNfS-0eLNP-uNcpWyoJZXzvdw&p_id=5
https://ad.mox.tv/delivery/v2/sync?userid=DGO6HGeJK5RB9yQcORyNfS-0eLNP-uNcpWyoJZXzvdw&p_id=5

0
158 B

150ms
150ms

Image
text/plain

185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/v2/sync?userid=DGO6HGeJK5RB9yQcORyNfS-0eLNP-uNcpWyoJZXzvdw&p_id=5
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.mox.tv/delivery/v2/sync?userid=DGO6HGeJK5RB9yQcORyNfS-0eLNP-uNcpWyoJZXzvdw&p_id=5
date: Fri, 08 Sep 2023 23:50:09 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 194
content-type: text/html

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4D29 70 B
264 B 269ms
268ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Y2cCLAaYrDvL3zW62BEwWXeWv2t0sSsAAABgYID-AAm5hqPVyDJZiywui1s08ZjcEo9v4dbYHIvlbLBxbDYWIyAh13C0Glkma5HFZXGLJh6TW-LxLdwam2OxnA02js3GYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZqaDodPte9Xvf73SU-z1zj9yv8YofdrXa9RQ67W-p02N2Ch90tPboebuXD7nMLHX635uh6y1xv3cPucyuedp9benTYfW7p6-lWuUVOu8-tc7mFT4db8HSrHXah6W22AwAAAIAH_____xAAAAAAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAz_____GgCeOTC402VyWX5-z89l9wcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hkyPEfi3X67JECl4LcIIAAAAgM9paNqRSTpBxaLK__9_vxWAKwAAAYp3M-zBWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9SjF54G6N-VQs0vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAamZbbFczRwbj2VkGk48DsfCs7BNPA7bZjPyrBbbo7Wg6hyZTe7WZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCCYWi5Vtt9y4ZQ7ncC1aLDdrhW22WAsWm9FyZpo4FivbWvT6mC4212a4cHmRYADcXiRPi3QimRhnG9vM5HINF6ONbzAyzCy74cQ0shgGI4_JNBFLNCeLdCK77Fsz22K5mjk2HsvINJx4HI6FZ2GbeBy2zWbkWS32jcViZdstN26ZwzlcixbLzVphmy3WgsVmtJyZJo7FyrYWvT6mi821GS5c_sZsOZosdoPBbN-YLUeTxW4wmO07dIbv6nM2KssqycclNqu_td3NaVC4DBbvS306DwvGgvnkOTpVQuW0szP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9hhd6tdb5HD7pY6HXa34GF3S4-uh1v5sPvcQoffrTm63jLXW_ew-9yKp93nlh4ddp9b-nq6VW6R0-5z61xu4dPhFjzdaoddaHqbLWKJ4HSRTkQv4-mi_iMHm8wVs91cMVvMFYPVKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_DwAAAAAAAACAX0EMNrPd_gGoEGu1Wt1urNVqBTSQ0XAxXE3g____Pw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 4D29 43 B
425 B 289ms
289ms Image
image/gif 52.208.254.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.254.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-76-58.eu-central-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6BAA 281 B
554 B 647ms
310ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Y2cCLAaYrDvL3zW62BEwWXeWv2t0sSsAAABgYID-AAm5hqPVyDJZiywui1s08ZjcEo9v4dbYHIvlbLBxbDYWIyAh13C0Glkma5HFZXGLJh6TW-LxLdwam2OxnA02js3GYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZqaDodPte9Xvf73SU-z1zj9yv8YofdrXa9RQ67W-p02N2Ch90tPboebuXD7nMLHX635uh6y1xv3cPucyuedp9benTYfW7p6-lWuUVOu8-tc7mFT4db8HSrHXah6W22AwAAAIAH_____xAAAAAAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAz_____GgCeOTC402VyWX5-z89l9wcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hkyPEfi3X67JECl4LcIIAAAAgM9paNqRSTpBxaLK__9_vxWAKwAAAYp3M-zBWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9SjF54G6N-VQs0vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAamZbbFczRwbj2VkGk48DsfCs7BNPA7bZjPyrBbbo7Wg6hyZTe7WZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCCYWi5Vtt9y4ZQ7ncC1aLDdrhW22WAsWm9FyZpo4FivbWvT6mC4212a4cHmRYADcXiRPi3QimRhnG9vM5HINF6ONbzAyzCy74cQ0shgGI4_JNBFLNCeLdCK77Fsz22K5mjk2HsvINJx4HI6FZ2GbeBy2zWbkWS32jcViZdstN26ZwzlcixbLzVphmy3WgsVmtJyZJo7FyrYWvT6mi821GS5c_sZsOZosdoPBbN-YLUeTxW4wmO07dIbv6nM2KssqycclNqu_td3NaVC4DBbvS306DwvGgvnkOTpVQuW0szP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9hhd6tdb5HD7pY6HXa34GF3S4-uh1v5sPvcQoffrTm63jLXW_ew-9yKp93nlh4ddp9b-nq6VW6R0-5z61xu4dPhFjzdaoddaHqbLWKJ4HSRTkQv4-mi_iMHm8wVs91cMVvMFYPVKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_DwAAAAAAAACAX0EMNrPd_gGoEGu1Wt1urNVqBTSQ0XAxXE3g____Pw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Sep 2023 23:50:09 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame E5C2 714 B
617 B 149ms
148ms Document
text/html 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 2990
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 803b17902f65ba85-MXP
content-encoding: br
content-type: text/html
date: Fri, 08 Sep 2023 23:50:08 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvpB%2F88FM%2FgK9anVz11caKR7OUYN%2BC98gG3ciH0HFHKtsvgO1itKDMasrSu2Fr6W4YfpWDlxav6ZCYBQPyQa1wtzs%2F%2BAHAY%2FmOFHA6g3HABdGUzBUGWcGQUCPYIPdbvvzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 09E2
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

348ms
155ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Sep 2023 23:50:09 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 08 Sep 2023 23:50:09 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
273 B 844ms
285ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 23:50:09 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
571 B 200ms
199ms XHR
application/json 18.159.76.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&tmax=3000

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.76.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
accept-ch: sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status: 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
835 B 249ms
248ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 26621ebb09c27f2b3a7abca9f4a31b0a718d0dad5618d61a29568f24da471848

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 08 Sep 2023 23:50:08 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 3 B
138 B 186ms
185ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 5
content-length: 3
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 2 KB
2 KB 407ms
402ms XHR
application/json 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=93579351294&lsavail=0

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c8b86c22945fa0e82dfb77f847787a2ca51b58a07d025c1ca253fb1674a90e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 13 KB
7 KB 245ms
241ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5299b2d97f1a6e4faa113ce8327fa4cabf767615a4eeab9fd2aa14ff6976f447

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SI2f3%2Bu2VDQN8OLRTJ%2FKOKOgh%2BD%2FDDbYswSxbDDmisUSF4m%2BkmT5GKyIKBOLo0Qes8MwSMyMZ3d5H6l4cAiaZ9ujoJ%2BBGdSwIKhXXGaf0utKWO%2FhmNlSOwLFlE5I%2BGoJv1KCLWgj"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 803b179049ce01f0-ZRH
alt-svc: h3=":443"; ma=86400
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
312 B 243ms
240ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f962d8411bf70f5b333aa592b5b82933ee5af108ecfd5bfab840f3d1153792f7

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbK21QldBVDZMICPgauSIOSo06RKpO%2FIzZdBxxAxLB1O6v%2BurAdFN78LxsM41EibbJlWNxGeVUPoBDwmR2AtG3kRSaxIGSfIhCL1VmMvthcnyuh3EDRjxyCj6BNyYN39s9QWy73O"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 803b179049d101f0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
311 B 244ms
241ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f962d8411bf70f5b333aa592b5b82933ee5af108ecfd5bfab840f3d1153792f7

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voDsiOAIQpyQC88Jw%2FbVsoBYOIkvKf1wyg8Af3qHuAdOdz0hRz0KL5w6UTtZ%2Ba5y%2FThDx%2BozLdFXMBvVR5cuQKOT22TPkvDn10ZPCtNAj8jS3qGxiqApLTaYEX2RTjk1ewVNft2s"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 803b179049d201f0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 15 KB
7 KB 316ms
313ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 3bd40a617aedec3fdf6ab774e42440550daa578b2770c5f71387280da67b463d

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
41 B 190ms
188ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 08 Sep 2023 23:50:08 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
468 B 404ms
209ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 580eaba66c0f9bce596de06c6adc1a7ea7f19392d70bfb1c7d13f0f29fbbbf8b

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/1.128.0
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 15 KB
7 KB 477ms
431ms XHR
application/json 213.19.162.51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=2&alt_size_ids=1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=0aac6c66-effa-4851-afb9-1f4cc8ebb66e%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E8%97%8D%E7%89%A1%E4%B8%B9%E3%80%8C%E9%8D%B5%E7%9B%A4%E6%8A%93%E7%99%A2%E3%80%8D%E5%A5%BD%E8%88%92%E6%9C%8D%EF%BC%81%E5%BF%98%E6%83%85%E5%BC%B5%E5%98%B4%E3%80%8C%E5%93%A6%EF%BD%9E%E3%80%8D%E5%AE%9A%E6%A0%BC%E5%9A%87%E5%A3%9E%E5%AA%BD&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=11d8a53b-5efd-4ac5-8e8f-c1f17fb0bea7&l_pb_bid_id=71ae09246f79a12&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=11d8a53b-5efd-4ac5-8e8f-c1f17fb0bea7&rp_maxbids=1&slots=1&rand=0.9097961432528459
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 345a0c3b9f7d9828640dece16cd5825d54c2ebb1893ed8bdf8231371d9494ccf

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
497 B 187ms
187ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 189ms
189ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 803b17905b5f3745-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 18 KB
10 KB 599ms
333ms XHR
application/json 18.192.235.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.235.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-235-121.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c346d726026a255bf9a95387642298efc254a732c26c71b1230412764ac32bcf

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Sep 2023 23:50:09 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 9691

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
130 B 588ms
183ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 08 Sep 2023 23:50:08 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 adreq Show response
ads.servenobid.com/ 981 B
779 B 310ms
310ms XHR
application/json 52.210.70.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=10974
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 8 KB
4 KB 334ms
333ms XHR
application/json 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

2bcad2125eb56a4572d7ab941f633fbd6b802a27fb10afac8eb0899dcb3391ed

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
an-x-request-uuid: 2113f978-9016-4073-9ccc-aeaf4e2d926c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 62.167.161.105; 62.167.161.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
493 B 399ms
399ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 08 Sep 2023 23:50:08 GMT

GET
H2 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 448D 714 B
553 B 180ms
180ms Document
text/html 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 2990
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 803b17909fafba85-MXP
content-encoding: br
content-type: text/html
date: Fri, 08 Sep 2023 23:50:08 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PtYBeNy7ribVwjwkoshaHwSqRUUbM6GxBLn1d9s0JiSsFY2pdGrHilaNGntSZo%2BUkcBdyo5nBIg6%2BRvghqEGrAoh1aOsofZqtQz17EWn4gbnJv7%2FB6M2k8UWygYqIc5Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 938C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

194ms
162ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Sep 2023 23:50:09 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 08 Sep 2023 23:50:09 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 171ms
170ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Fri, 08 Sep 2023 23:50:08 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 213
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1694217009.719400,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 24
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 271

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 171ms
171ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Fri, 08 Sep 2023 23:50:08 GMT
x-amz-request-id: AXB48TVMJDNAM2N4
age: 23311
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694217009.719409,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 51
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 26644

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 17DC 425 B
549 B 185ms
185ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

88742c07adff4f4a422defc614630ef6480b77c9c87c484e821a25464cde683b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 967453
expires: 0

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 824ms
221ms Fetch
application/json 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame E5C2 98 KB
28 KB 273ms
272ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8efb26e61884c44752ae790e576302a3fe5cad798cd8f4d2cdc22bd7ba053f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28946
x-xss-protection: 0
server: cafe
etag: 660 / 19608 / m202309050101 / config-hash: 18345592501010170579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 23:50:08 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 448D 98 KB
28 KB 317ms
316ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6c23fa76fb5a1d1c95a6bbf23d5691707867273f00e36e9cd6971d6b68afded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28952
x-xss-protection: 0
server: cafe
etag: 77 / 19608 / m202309050101 / config-hash: 18345592501010170579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 23:50:09 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
96 B 250ms
242ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230137-FRA
date: Fri, 08 Sep 2023 23:50:08 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame E610 572 B
801 B 612ms
218ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: edba0b6551d67ebb021b5ce7c06f874beedd3575e5d9c12d21a0aedfcf95fbab

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 375
content-type: text/html
date: Fri, 08 Sep 2023 23:50:09 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 404 L2EvbGFuLW11LWRhbi1qaWFuLXBhbi16aHVhLXlhbmctaGFvLXNodS1mdS13YW5nLXFpbmctemhhbmctenVpLWUtZGluZy1nZS14aWEtcGktbWEuaHRtbA==.json Show response
cdn.adpushup.com/42753/ 555 B
875 B 612ms
612ms XHR
text/html 23.216.77.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvbGFuLW11LWRhbi1qaWFuLXBhbi16aHVhLXlhbmctaGFvLXNodS1mdS13YW5nLXFpbmctemhhbmctenVpLWUtZGluZy1nZS14aWEtcGktbWEuaHRtbA==.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-49.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Fri, 08 Sep 2023 23:50:09 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=4, origin; dur=373, ak_p; desc="1694217008955_34631473_62905235_37727_1349_59_0_219";dur=1
content-length: 555
expires: Sat, 09 Sep 2023 00:50:09 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/ Frame E5C2 404 KB
127 KB 203ms
202ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:57:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28376
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129878
x-xss-protection: 0
server: cafe
etag: 7992010681825974757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 07 Sep 2024 15:57:13 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 962ms
360ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=111e679c-fa98-4193-a661-01349f4b11e6-tuctbf538ae&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Sep 2023 23:50:09 GMT
cache-control: no-store
server: nginx

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
633 B 774ms
151ms Script
application/javascript 99.84.88.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-35.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:17:16 GMT
via: 1.1 c4c822c878c22be90d0bb70ab49a395a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 1973
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: HEPFyJrZjemGUi4tG-XZ4VkAuFH4VlWyQp30IYtnTlmed8iL8AeJiQ==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/ Frame 448D 404 KB
127 KB 186ms
185ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:57:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28376
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129878
x-xss-protection: 0
server: cafe
etag: 7992010681825974757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 07 Sep 2024 15:57:13 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6BAA 35 KB
10 KB 493ms
207ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5808454badb7af9321ed7e4c1ff21edbdd449266c49c8c003f7bc06106fbc404

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 23:50:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Sep 2023 13:30:29 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=49173
Connection: keep-alive
Content-Length: 10211
Expires: Sat, 09 Sep 2023 13:29:42 GMT

GET
H2 200 auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 70 B
317 B 128ms
125ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9sYW4tbXUtZGFuLWppYW4tcGFuLXpodWEteWFuZy1oYW8tc2h1LWZ1LXdhbmctcWluZy16aGFuZy16dWktZS1kaW5nLWdlLXhpYS1waS1tYS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtYmYwMTYzYmYtN2E2NC00NDNlLWJlN2QtMDBhY2E3OWRmZGU4IiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI3ZmRlYTUxMy00NWQwLTQwNmQtYjI0Mi0yZDI2MzJmYjVhNTgiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk0MjE3MDA3OTAwLCJiaWRzIjpbeyJjcG0iOjAuMDQsImFkSWQiOiI4OTFlN2U3NDEzZTZmMGUiLCJvcmlnaW5hbENwbSI6MC4wNCwiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDA0LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo3MTUsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MjE3MDA4NjMwfSx7ImNwbSI6MC4wNCwiYWRJZCI6IjkwZWU0NDY0MWViZTAyZSIsIm9yaWdpbmFsQ3BtIjowLjA0LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjcxNiwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQyMTcwMDg2MzF9LHsiY3BtIjowLjAxLCJhZElkIjoiOTE1OWQwOTc1M2Q1ZmVmIiwib3JpZ2luYWxDcG0iOjAuMDEsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NzE3LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDIxNzAwODYzMn0seyJjcG0iOjAuMDEzLCJhZElkIjoiOTJhNGNkZTAyNmIyOTE2Iiwib3JpZ2luYWxDcG0iOjAuMDEzLCJiaWRkZXIiOiJvcGVueCIsInJldmVudWUiOjAuMDAwMDEzLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo3MTQsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MjE3MDA4NjM1fSx7ImNwbSI6MC4wMDg1NjgwMDAwMDAwMDAwMDEsImFkSWQiOiI5NGYxZjdmNWM3ZDUyMTIiLCJvcmlnaW5hbENwbSI6MC4wMTAwOCwiYmlkZGVyIjoiYWRsaXZldGVjaCIsInJldmVudWUiOjAuMDAwMDA4NTY4MDAwMDAwMDAwMDAyLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo5ODQsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MjE3MDA4ODkzfSx7ImNwbSI6MC4wNiwiYWRJZCI6Ijk4ODYwZmU4ZTFkMzNhYSIsIm9yaWdpbmFsQ3BtIjowLjA2LCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwNTk5OTk5OTk5OTk5OTk5OTUsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjEwOTcsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MjE3MDA5MDA3fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6InJ1Ymljb24iLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijk4ODYwZmU4ZTFkMzNhYSIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwNTk5OTk5OTk5OTk5OTk5OTV9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=5774.399997711182
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:09 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
14 KB 497ms
497ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2988591314597230&correlator=20623490889031&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De5af56f3d36c29fc%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MbwquCYDRtz2511MTj_fk3zBUSYkQ&gpic=UID%3D00000c705b3057a1%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MYiYbbwIghzVdHHrK3Z-MEzJO6RAA&arp=1&abxe=1&dt=1694217009236&lmt=1694209809&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&psts=AOrYGsmVN5u9DCLYgmA11ZWkcQe7COKbqJJp3c5AQULFIVyc&ga_vid=643526638.1694217007&ga_sid=1694217007&ga_hid=1583246668&ga_fc=false&ga_cid=amp-m-dZYfwRDp0kRAEJCjofpQ&dlt=1694217005528&idt=1175&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_16_0%26cluster_reporting%3Dchrome_DESKTOP_16_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.06%26hb_ap_adid%3D98860fe8e1d33aa%26hb_ap_bidder%3Drubicon%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c&adks=3805778231&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ae3e261066066bca4a59abe2e9e059aadcd11d1a96f59edcd3bdfc23a5cc1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14277
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 70 B
317 B 179ms
174ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9sYW4tbXUtZGFuLWppYW4tcGFuLXpodWEteWFuZy1oYW8tc2h1LWZ1LXdhbmctcWluZy16aGFuZy16dWktZS1kaW5nLWdlLXhpYS1waS1tYS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtYmYwMTYzYmYtN2E2NC00NDNlLWJlN2QtMDBhY2E3OWRmZGU4IiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6ImZhZDgyNzVlLTUxZTYtNGI1My1hMjFmLWY3OTc2N2UzNWM0NiIsInRpbWVPZkF1Y3Rpb24iOjE2OTQyMTcwMDc5MzUsImJpZHMiOlt7ImNwbSI6MC4wNCwiYWRJZCI6IjkzZDNiNGExZmQzN2I1NiIsIm9yaWdpbmFsQ3BtIjowLjA0LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjI0OCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQyMTcwMDg4Njh9LHsiY3BtIjowLjAxMywiYWRJZCI6Ijk1MWIwOTc4NzI5NDdhYSIsIm9yaWdpbmFsQ3BtIjowLjAxMywiYmlkZGVyIjoib3BlbngiLCJyZXZlbnVlIjowLjAwMDAxMywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MzIyLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDIxNzAwODk0NH0seyJjcG0iOjAuMDg4NjQzLCJhZElkIjoiOTY3N2M4MDkzYTZkZTNlIiwib3JpZ2luYWxDcG0iOjAuMDg4NjQzLCJiaWRkZXIiOiJhcHBuZXh1cyIsInJldmVudWUiOjAuMDAwMDg4NjQzLCJmb3JtYXRUeXBlIjoibmF0aXZlIiwicmVzcG9uc2VUaW1lIjozMzgsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MjE3MDA4OTY1fSx7ImNwbSI6MC4wOTUwNjUzMTA1OTc0MTk3NCwiYWRJZCI6Ijk5N2QzM2FlZjQyNDg0ZiIsIm9yaWdpbmFsQ3BtIjowLjA5NTA2NTMxMDU5NzQxOTc0LCJiaWRkZXIiOiJjcml0ZW8iLCJyZXZlbnVlIjowLjAwMDA5NTA2NTMxMDU5NzQxOTc0LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0MTEsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MjE3MDA5MDMwfSx7ImNwbSI6MC4wNiwiYWRJZCI6IjEwMGRjZDgzNDRmYzgxZmIiLCJvcmlnaW5hbENwbSI6MC4wNiwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDU5OTk5OTk5OTk5OTk5OTk1LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0ODYsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MjE3MDA5MTA5fSx7ImNwbSI6MC4wMjM0ODU1MDAwMDAwMDAwMDMsImFkSWQiOiIxMDFhNTY1ZjkzYTdkOWMzIiwib3JpZ2luYWxDcG0iOjAuMDI3NjMwMDAwMDAwMDAwMDAyLCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwMjM0ODU1MDAwMDAwMDAwMDQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjYyMCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQyMTcwMDkyNDZ9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoiY3JpdGVvIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI5OTdkMzNhZWY0MjQ4NGYiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDk1MDY1MzEwNTk3NDE5NzR9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=5803.899997711182
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:09 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 465ms
464ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2988591314597230&correlator=1641077868148070&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De5af56f3d36c29fc%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MbwquCYDRtz2511MTj_fk3zBUSYkQ&gpic=UID%3D00000c705b3057a1%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MYiYbbwIghzVdHHrK3Z-MEzJO6RAA&arp=1&abxe=1&dt=1694217009271&lmt=1694209809&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGsmVN5u9DCLYgmA11ZWkcQe7COKbqJJp3c5AQULFIVyc&ga_vid=643526638.1694217007&ga_sid=1694217007&ga_hid=1583246668&ga_fc=false&ga_cid=amp-m-dZYfwRDp0kRAEJCjofpQ&dlt=1694217005528&idt=1175&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_16_0%26cluster_reporting%3Dchrome_DESKTOP_16_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.09%26hb_ap_adid%3D997d33aef42484f%26hb_ap_bidder%3Dcriteo%26hb_native_linkurl_ap%3Dhb_native_linkurl%253A9677c8093a6de3e%26hb_native_image_appn%3Dhb_native_image%253A9677c8093a6de3e%26hb_native_body_appne%3Dhb_native_body%253A9677c8093a6de3e%26hb_native_title_appn%3Dhb_native_title%253A9677c8093a6de3e%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c&adks=3374688892&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be39d0db843eee337c60c51bb4abc84763cc92ce3d8810a9cd2c1ca953cd48b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11610
x-xss-protection: 0
google-lineitem-id: 5221734848
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440838533
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BE23 143 KB
49 KB 241ms
238ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f11d7109366b01448f26f1173e15f305d5bf380174dbb48aa3517c2ac2d534fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50430
x-xss-protection: 0
server: cafe
etag: 3987341094166073808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 23:50:09 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 801ms
158ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5823&cid=amp-m-dZYfwRDp0kRAEJCjofpQ&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&dr=&dt=%E8%97%8D%E7%89%A1%E4%B8%B9%E3%80%8C%E9%8D%B5%E7%9B%A4%E6%8A%93%E7%99%A2%E3%80%8D%E5%A5%BD%E8%88%92%E6%9C%8D%EF%BC%81%E3%80%80%E5%BF%98%E6%83%85%E5%BC%B5%E5%98%B4%E3%80%8C%E5%93%A6%EF%BD%9E%E3%80%8D%E5%AE%9A%E6%A0%BC%E5%9A%87%E5%A3%9E%E5%AA%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1694217009&sct=1&seg=1&_et=1000&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
497 B 143ms
143ms Fetch
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 766ms
125ms Ping
text/plain 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-m-dZYfwRDp0kRAEJCjofpQ&aip=1&sid=1694217009&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 049A 57 KB
20 KB 1102ms
466ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1370185463893459587&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3104&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=5823&ga_hid=1583246668&dt=1694217008743&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&bdt=3215&dtd=2&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e0462be61b14e4255755833621ff3f175471f80a5aa52bf8f933d08ec0de987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 20035
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 23:50:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 938C 35 KB
10 KB 324ms
259ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5808454badb7af9321ed7e4c1ff21edbdd449266c49c8c003f7bc06106fbc404

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 23:50:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Sep 2023 13:30:29 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=49173
Connection: keep-alive
Content-Length: 10211
Expires: Sat, 09 Sep 2023 13:29:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7F25 143 KB
49 KB 292ms
289ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

177a3731ade2f2268ad81c86dd40212085d0d42060d186898d62f2cb7d9cc154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50436
x-xss-protection: 0
server: cafe
etag: 11711555301549121261
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 23:50:09 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E5C2 498 B
335 B 239ms
235ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2020108888822938&correlator=339336672896958&eid=31077648&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694217009441&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=h12669ekczen&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qMQII6tD-LA60jv-QyIkEG4Q84Tc0ou0kcKhF4MJkxGNXnamCkjh0cJ8H_D1Oog5B-quR_I_OJeaRW3MlPond0D3G3ntXbeDPD5vPs_VA7YnVY2gJN2Xghi7WOQY1UND6mGElkO-VZdMUYAvWOMhkyzsy1C9V7MaEq8GOOlbSsYYkVQONS7g2-Ylw4&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1341630922.1694217009&ga_sid=1694217009&ga_hid=339578671&ga_fc=false&dlt=1694217008751&idt=661&adks=64515409&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ac192c78cf739caf7457e7fc049ec5c817565a00d5a7aa15f7b0659b533bd6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E5C2 15 KB
12 KB 291ms
287ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44b4116b6f1d030d9fc8be06e043d79d8fd32632c5307f36612c64ebf6f208b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11723
x-xss-protection: 0

GET
H2 200 container.html Show response
8cc17a66cbbda56781c702a43fad66e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F913 6 KB
3 KB 232ms
185ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8cc17a66cbbda56781c702a43fad66e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 23:50:09 GMT
expires: Sat, 07 Sep 2024 23:50:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E610
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8825347147267003637

43 B
106 B

201ms
183ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8825347147267003637
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:10 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8825347147267003637
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame E610
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e33e5697-ed93-c364-34fe-cf0af85cde1e
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e33e5697-ed93-c364-34fe-cf0af85cde1e&dcc=t

43 B
855 B

408ms
302ms

Image
image/gif

67.220.228.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e33e5697-ed93-c364-34fe-cf0af85cde1e&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

HTTP/1.1

Server

67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Sep 2023 23:50:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RM2C11H345TJW9C6RQVN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Sep 2023 23:50:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: F0H703MZRJTQHTF3BBZB
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e33e5697-ed93-c364-34fe-cf0af85cde1e&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame E610 70 B
264 B 259ms
256ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=bbe82aea-f139-789e-f4f0-4d9d906f15fe&gdpr=0
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame E610 170 B
232 B 270ms
269ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTc4N2Y5MjAtMzg0ZS0yNjNhLWUxMTAtMTcyNDVhOGRkYjll

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E610
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4i-en_P6KTakbTSBwHZoE&google_cver=1

43 B
180 B

192ms
169ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4i-en_P6KTakbTSBwHZoE&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:09 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4i-en_P6KTakbTSBwHZoE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
89 KB 266ms
266ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

24f9fa161f834a34295d819cea4de7502d0f63c82604147cb2487a6fff7c205a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90918
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Sep 2023 23:50:09 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 448D 498 B
320 B 243ms
243ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3699389707604895&correlator=1359704983404671&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694217009487&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=hy1dnyvsksn1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qMQII6tD-LA60jv-QyIkEG4Q84Tc0ou0kcKhF4MJkxGNXnamCkjh0cJ8H_D1Oog5B-quR_I_OJeaRW3MlPond0D3G3ntXbeDPD5vPs_VA7YnVY2gJN2Xghi7WOQY1UND6mGElkO-VZdMUYAvWOMhkyzsy1C9V7MaEq8GOOlbSsYYkVQONS7g2-Ylw4&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=880201291.1694217009&ga_sid=1694217009&ga_hid=603678266&ga_fc=false&dlt=1694217008825&idt=626&adks=64515409&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d96e066a1e676294d0ebfcb4566b044ae542d771cc18d28093f3f0854e94442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 448D 15 KB
11 KB 246ms
246ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1553ebbe5c5bd5e37678d9f557bd61fecb23317e0512cfa5924aada36f76d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11701
x-xss-protection: 0

GET
H2 200 container.html Show response
6d8b086528eae1d02c744470cb4b5b1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 131D 6 KB
3 KB 250ms
220ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6d8b086528eae1d02c744470cb4b5b1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 23:50:09 GMT
expires: Sat, 07 Sep 2024 23:50:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 09E2 35 KB
10 KB 220ms
219ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5808454badb7af9321ed7e4c1ff21edbdd449266c49c8c003f7bc06106fbc404

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 23:50:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Sep 2023 13:30:29 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=49173
Connection: keep-alive
Content-Length: 10211
Expires: Sat, 09 Sep 2023 13:29:42 GMT

GET
H2 200 video_playlist.js Show response
ad.vidverto.io/vidverto/player/ui/js/ 111 KB
32 KB 284ms
284ms Script
application/javascript 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 08:21:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62fdf69b-1bc07"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sat, 09 Sep 2023 00:50:09 GMT

GET
H2 200 video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 61 KB
9 KB 285ms
284ms Stylesheet
text/css 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: gzip
last-modified: Sun, 28 Feb 2021 22:32:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"603c1a08-f52f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 bridge3.588.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 231B 721 KB
231 KB 203ms
202ms Document
text/html 216.58.206.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 360874
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236614
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 19:35:35 GMT
expires: Tue, 03 Sep 2024 19:35:35 GMT
last-modified: Mon, 04 Sep 2023 19:31:10 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 875ms
269ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Sep 2023 23:50:10 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 663D 40 KB
14 KB 247ms
245ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 09 Sep 2023 00:26:08 GMT

GET
H2 200 video
ad.vidverto.io/delivery/rtb/ 0
0 338ms
337ms Image
text/xml 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/rtb/video?data=fe5a7HmKNM1fibYAb%2Fzdt8B3JUJnSjcyahca0m13OVCy3XClqJXZXADxMuQrZyqDVdNIlAsRKtuTkJrniggj9ipp6xMk%2FYQ4Xuxa%2Fe29Yj3ShcFtyOKJA1FddvhklvOU6YdC0vJveeaHjgUW4PtOkvyquUTLOjOGh8gkP%2BfsZI3RKcvVs0y11XqKH7bKlc0gvosvsN6nwD%2Fueg57wV3IqX9UIcyQeqW2RW%2FQZIxfb2qwTPhwh8b7vz%2FDUDPqKmcqQdGUC6ICuIGoZfmdFig2A%2FYEvFruVdfXZ6sSIRNWIxR%2FVR0jp%2F2Ka3MtFxRidA1d2%2B84dKEisoS8Zr46nA1IGPRT4kavKX%2FjthKgWdzFTpxvBpjbqa0bipKlrVZLBNrU%2BZYszHYFeEADHiVuA3SwIAYyX590huMcRIuICWqwFEXaRIBZW2H5CKKSrwpTrAMlQRA1tbswkKekLafk%2BR9hdzLbDKaUFs96wcPEqEU6fBF866RWFl4QFuuALoWkNaXzZmrJMgU%2B3DacCEIJIqrSv7xBNkxEWU6j5pLif9kLSK9JCRop82LrmiQge84WRQdu
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
303 B 836ms
254ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%97%8D%E7%89%A1%E4%B8%B9%E3%80%8C%E9%8D%B5%E7%9B%A4%E6%8A%93%E7%99%A2%E3%80%8D%E5%A5%BD%E8%88%92%E6%9C%8D%EF%BC%81%E3%80%80%E5%BF%98%E6%83%85%E5%BC%B5%E5%98%B4%E3%80%8C%E5%93%A6%EF%BD%9E%E3%80%8D%E5%AE%9A%E6%A0%BC%E5%9A%87%E5%A3%9E%E5%AA%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-m-dZYfwRDp0kRAEJCjofpQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.8454367481026857&gjid=0.6832617263074199&_r=1&a=5823&z=0.6395481625766146&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/sBTWk3MHLZKcJ8xJ2G2hww:1694220607/1327/video/1813/ 96 KB
0 577ms
158ms Media
video/mp4 212.8.250.43
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/sBTWk3MHLZKcJ8xJ2G2hww:1694220607/1327/video/1813/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.43 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 08 Sep 2023 23:50:10 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd37-1069ee0"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-17211103/17211104
Connection: keep-alive
Content-Length: 17211104

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 6BAA 0
239 B 1131ms
242ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LMB92ATB-1H-86Y1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 368ba1c92c09ff88b641150fbbf94341
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ Frame BE23 379 KB
129 KB 328ms
328ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d067c090d3f42aedfa9ce1d659852e4cca29a1355234cabde372f82456f7338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131764
x-xss-protection: 0
server: cafe
etag: 13719761642322018809
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 23:50:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/ Frame AF98 10 KB
5 KB 365ms
118ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 28378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 15:57:12 GMT
etag: 8554266389219770021
expires: Fri, 22 Sep 2023 15:57:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E5C2 17 KB
7 KB 922ms
246ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 23:50:10 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 448D 17 KB
6 KB 997ms
324ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 23:50:10 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame A198 222 KB
61 KB 130ms
128ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 62778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame A198 15 KB
5 KB 198ms
197ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 62778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame A198 94 KB
28 KB 174ms
173ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 62778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame A198 5 KB
2 KB 197ms
196ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 62778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame A198 40 KB
13 KB 172ms
171ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 62778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A198 14 KB
1 KB 138ms
138ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 21:58:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Sep 2023 23:50:09 GMT

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A198 3 KB
3 KB 832ms
216ms Image
image/png 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:34:30 GMT
x-content-type-options: nosniff
server: cafe
age: 58540
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 09 Sep 2023 07:34:30 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A198 344 B
714 B 826ms
210ms Image
image/png 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 13:47:11 GMT
x-content-type-options: nosniff
server: cafe
age: 36179
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 09 Sep 2023 13:47:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A198 0
0 800ms
95ms Image
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8ZC5Ya1kiVwDEsSMyopCrFw53Yxczv-mbX6BbA59FG4HT9DAa6qfKaP5-TLjiSF6cQ1sK-dkITVTEOYiS-GuUMcSeLA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B094 0
0 158ms
158ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiqtgXDzwf6Ty7fNqy-L86hFrl1aTCIXrMdEnNt4ovr-AmDtHULOguaTWexjTQGvwJNoz_l2h_1HfZMH2qu5zYl21GFdW5-kJO0OKk5IN9-Gc07aiGEVbpG7mCcXtcRnlJMYSM3CNHUjxWdpehAqt1X3zfIZeWkNqQjbEgWVPIAyIGN4UGWsXIWKdlPr9t4jrBbIMJDPsXX1aAOWSY0R7-_j7GWORC373ysFx4UMGlCiniyAJpIczOafr5Xgqk_PCYki2DkgSW9qvYerHgnLrz1DEAURjd5LJ0quDdBYXS3PLKhxBxzmG3KGb9hlDqjHY&sai=AMfl-YSVKTOShrFHsULS7B-mUwmWnS5US5VWQaQUWLr7t2zfmo7hqIlXw4KOQefLGpNi1XL4IbEJiXaBOZkRcKAgyJW2iCuIp3jx-r21HUkSkDDWwt9DlapQE1e0Ay9VQWs&sig=Cg0ArKJSzHMeuGcFRo7mEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-233-155-176.compute-1.amazonaws.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 1491ms
517ms Fetch
application/json 3.233.155.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.155.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4AEC 148 KB
51 KB 994ms
276ms Document
text/html 178.250.1.17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CmT7RzXv%2FAut9avXymY%2FmZ8qgBGVzwG1MHO6l0Wm5xGQ%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsNk0cMylxNjnhqF-vATb6wTU7cTB0_CareeZRGlUz4POYD4ixdgW2Uw2QMjXSP4Pl8toMTZthOQ4gzN5dQHeoagZIaKl1gFP7r5iFnD7s3NUWi_K-7L4mTrI-9ISEThx36guRsZ-vA6q_6WMaTjHiFDy485bDSJ4h2jdKhktraVIcUSLuO9CDLIBCuaY8KMNZphBr9hbhl8ZodaU0GhxgUWxG2DZTP66fT35Sti9wTJKq_6qlqR8149q1rdPTfDYNXnsX6vR7m5lq5QkwmUrg7rrq-_Wh43Xy4YqPw-Hb7trNDDRAR8gpnXg1YzUeezNuflmG2SnlFrV6HL48ReqojGkG64m5CNp7JpZIKmwkurJ5yZwR981v93PZo4EcVaxi_iNRX06tkZYJwX_RkPDfDuWb5SkAF-rL78Z33xQy0wN3WTBlcnD0u-tDrM_8FKKZ3Ph3sDfu5AHFS6JhnH4sV5jTXfic4xOYaPt8wfcXC4_CD4ndmdgOM-JE9KOug2qYaQItZSXHn6ta6Vd3h72aHKm6p4qnJovEP4o1W2gIwWn4vpYZWL4WBtvR8RIizJXYqH7oBEj3LGO3SBaABpAxHgSH7Bpsfi7lxdQq7cpn8FEFCNjaHwwVBa4XlKGGkN5Es5aGZIYwj7mnvVY5joAfLhu99MXq4jO2LDg8eUqXhpnGFKM7e11-ev83xh2UdloMW1QGFu4JJ8Y

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0295634877c99ab11418e385924383be09e3f33b8d1ff8d76b380cbfdb22ef5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 23:50:10 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=0c9E1HYVxp-7XfPrUUidLlW-lQIIZ8-az8Acs38E7dY2l4fCBXSKogd-1ULzgRie7mXB4Qa5eBAVBumR7ecp_M0X9YgtOdO6-1Fj1lRKGtUh4tVrXICtkkwq0pMsynXvUHbunj9oiw4bLD7lBL1lsZT1Xq2pTM3LD1ePWUWbVFzRigrl7FpvoES06iWn4ETx-CaQ3A5vXsZpUFyJXRuqBE7a4N_78uR3zLIGN7pM9jiJyodkROOSmDXsG1m3BgkwcznZIQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 44922872
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B094 181 KB
57 KB 122ms
121ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 23:50:09 GMT

GET
H2 200 aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 123ms
122ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9sYW4tbXUtZGFuLWppYW4tcGFuLXpodWEteWFuZy1oYW8tc2h1LWZ1LXdhbmctcWluZy16aGFuZy16dWktZS1kaW5nLWdlLXhpYS1waS1tYS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtYmYwMTYzYmYtN2E2NC00NDNlLWJlN2QtMDBhY2E3OWRmZGU4IiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiYmlkcyI6W3siYmlkZGVyIjoiY3JpdGVvIiwicmV2ZW51ZSI6MC4wMDAwOTUwNjUzMTA1OTc0MTk3NCwicmVzcG9uc2VUaW1lIjo0MTEsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6ImNyaXRlbyIsIndpbm5lck5ldHdvcmtSZWxhdGlvbiI6MSwid2lubmluZ1JldmVudWUiOjAuMDAwMDk1MDY1MzEwNTk3NDE5NzQsIndpbm5lckFkVW5pdElkIjoiOTk3ZDMzYWVmNDI0ODRmIiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOls1LDNdLCJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiI5NzB4OTAiLCJwcmViaWRBdWN0aW9uSWQiOiJmYWQ4Mjc1ZS01MWU2LTRiNTMtYTIxZi1mNzk3NjdlMzVjNDYiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=6418.700000762939
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:09 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 tpd
cat.nl3.eu.criteo.com/ Frame B094 43 B
462 B 509ms
219ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/tpd?dd=FVieMV81aEElMkI5Y3dKNEMwS05rWUpIbmFYUldUakNUUGFkNSUyQk9lZGRBc1EwclNqRmo2bExWcjRCMnV6bFJ2QjNoNGJuUCUyRjBLZ1Y4dmkwckxkSXNrOWlzalJkS0dsanh6SUxOaTlIdUhQTE9wMU9FOThITDdFWFlIVXR1QkIyVXVmaFklMkJEV29QRDYxWUZIRUJndHFLcG5Od2lMSktmYjJqMWNUOFF2UmRpMGtDM0JOJTJGVVFuUnJhNDUweUppNWlUQ2dHQ1VjNEVSUjRCUzNIelNVVWI0ZlhIZ0VpaWV5b09KRHlyNzdLN2pFUDhaWHVvRldEMkJSMTZYOXNTc2JQOUtwVXhEcTZ6ejc5dGFlJTJGcXhDOGp4QndkSlM3czZzTThDUjFzVzk5TnQ0Z3Fjc0RsanBtUHQ1WlBzWEcxZTRjUVh5WjdiazA2WWt4ekxPOFpSY3RsJTJCTG0ydnVKQU04azBSczY5dG94MjcyMXZ5TWYlMkJaOG9QZTUxZ1hEYTBoQ2JGb3M5ZEtIU1ZpZnlQTW1sN3hFZ2N6S3FmUUJZZW9tc2plNlMlMkJVV0k5SHhaeVclMkZiN2I0Z0M2bzk4V2hRRXQ5ViUyRmpxUVF5QzkwZnpMT0h4N3d2Vnd2T2YzQk1xbDZSMkNuTHJlUllacUh1V09QZXVTZElUYk9SM1haV2RmbGNYTXlPZnA3WjY

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 187242
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1

200
OK

idsync
sync.aralego.com/ Frame 09E2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LMB92ATB-1H-86Y1
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMB92ATB-1H-86Y1

35 B
155 B

1015ms
456ms

Image
image/gif

192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMB92ATB-1H-86Y1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 23:50:10 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMB92ATB-1H-86Y1
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 6BAA
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

82ms
82ms

Image
image/gif

67.220.228.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

HTTP/1.1

Server

67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Sep 2023 23:50:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: W16JTTFF9RGM5RFZKH4M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Sep 2023 23:50:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GZ1S8YVCVAGMY8EB6QQM
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 6BAA
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

312ms
311ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Sep 2023 23:50:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: G4VMZQDT3VA3CJ8X5GVW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Sep 2023 23:50:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AKNHS665E3QBZ92VCQ8F
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 6BAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEPV4hunh2j3uFx_dszpl-Ds&google_cver=1

0
239 B

207ms
207ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEPV4hunh2j3uFx_dszpl-Ds&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEPV4hunh2j3uFx_dszpl-Ds&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6BAA
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWUwMDk2ZTc3YTgwMGFmOWU5ZmQzYjRkZTU2MTY5NTc1OWI1YzQwMQ&gdpr=1&us_privacy=1---

170 B
188 B

138ms
138ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWUwMDk2ZTc3YTgwMGFmOWU5ZmQzYjRkZTU2MTY5NTc1OWI1YzQwMQ&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWUwMDk2ZTc3YTgwMGFmOWU5ZmQzYjRkZTU2MTY5NTc1OWI1YzQwMQ&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 6BAA
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMB92ATB-1H-86Y1&gdpr=1&us_privacy=1---

0
646 B

930ms
354ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMB92ATB-1H-86Y1&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B0A9760220D74BAE9CB14188C60C8534 Ref B: ZRHEDGE1021 Ref C: 2023-09-08T23:50:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYE4aMh0WCuvwRHOMQ8LQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMB92ATB-1H-86Y1&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 6BAA 70 B
264 B 145ms
144ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 6BAA
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/-Xlm4_wnR-UweJ1Le_zII8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Dk8o_2NE2oLwNOiObXNgxKzsLAU_2RO.o1CfFQ--~A

42 B
773 B

149ms
149ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Dk8o_2NE2oLwNOiObXNgxKzsLAU_2RO.o1CfFQ--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 08 Sep 2023 23:50:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Dk8o_2NE2oLwNOiObXNgxKzsLAU_2RO.o1CfFQ--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6BAA
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1COTJBVEItMUgtODZZMQ==&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEIYDubWHPmHYdSJUgBkveuo&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1COTJBVEItMUgtODZZMQ==&google_push=&gdpr=1

170 B
188 B

147ms
146ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1COTJBVEItMUgtODZZMQ==&google_push=&gdpr=1

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1COTJBVEItMUgtODZZMQ==&google_push=&gdpr=1
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4315156301580302757/ Frame A198 9 KB
9 KB 884ms
355ms Image
image/jpeg 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4315156301580302757/14763004658117789537?w=400&h=209

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc09a47e0b4195682062f7714924e2a5a915f25a8f1e9f73783b8df804850bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:10 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8863
x-xss-protection: 0
last-modified: Sun, 14 May 2023 08:22:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Sep 2024 23:50:10 GMT

GET
DATA 200
OK truncated
/ Frame A198 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A198 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A198 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce2b5c18b792de36f4afa111614b85a8a991a85427cba5ea7bb1dfa472ebd06

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ Frame 7F25 379 KB
129 KB 173ms
173ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6898b73e35303ac04453d0ae268e68e9e1a0b836d176f8826ec2d425dc6876b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131765
x-xss-protection: 0
server: cafe
etag: 3478455577564628852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 23:50:10 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 18 KB
18 KB 887ms
274ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:29:48 GMT
x-content-type-options: nosniff
age: 1222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18684
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:24:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 23:29:48 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 19 KB
19 KB 870ms
258ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 04:05:52 GMT
x-content-type-options: nosniff
age: 589458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18956
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 04:05:52 GMT

GET
H2 200 logo.svg
ad.vidverto.io/vidverto/player/ 414 B
551 B 150ms
150ms Image
image/svg+xml 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/player/logo.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:10 GMT
last-modified: Wed, 04 May 2022 14:39:21 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "62729019-19e"
content-length: 414
content-type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A198 33 KB
34 KB 771ms
215ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 585969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 05:04:01 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B094 0
0 219ms
219ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuY30wJMwTCrqhMMOvGv6ZZoaXzHBPLIRsBKgBwz_ZfgoZ_71FyDjtSzDZaAn8cX8uHSDzOFqvaG4cZvoI1MtDaSgxXKXYeJiXxWAz2ohgOQq3UtUFuO9UgwXQwk63TfvolZyt1PdW4HDP7YhR2MCdg6CPVggGQSUNNMJSByfhyesvANfmP9ktkjwSKWT2ygQQF_C1LF2QUUUTuW16GSQx5Qew1f4GTU2euhEWfwdyP71fpiRzxEBsqZGQxQyMrStWDkxcVGiSjiaYbUnB1Ul2Zf3kXQ4WtPnXEARDpV4CwE66Mu0I2gPT-FwLTPM1RdcV0og&sai=AMfl-YRKhEHGHMrJKWXVTnm9Yx5QnPBeaARrvFyFvGiLSj4zPprLRiVb8JNXapGaI6X7DnMwV04oKsBQaGscprwR_Z5hYYljseDR5-fhGOht4ijhxOxxl7iGaaA92IFF8n8&sig=Cg0ArKJSzKiFdkDOaIN8EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Sep 2023 23:50:10 GMT

GET
DATA 200
OK truncated
/ Frame B094 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1098b42094ea84847fec26e3b6a77614eeac4fd768d4b61bf9fb841be93114f3

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/sBTWk3MHLZKcJ8xJ2G2hww:1694220607/1327/video/1813/ 12 KB
0 492ms
102ms Media
video/mp4 212.8.250.43
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/sBTWk3MHLZKcJ8xJ2G2hww:1694220607/1327/video/1813/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.43 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 08 Sep 2023 23:50:10 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd37-1069ee0"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-17211103/17211104
Connection: keep-alive
Content-Length: 17211104

GET
H2 200 bridge3.588.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9EAD 721 KB
231 KB 189ms
188ms Document
text/html 216.58.206.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 360875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236614
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 19:35:35 GMT
expires: Tue, 03 Sep 2024 19:35:35 GMT
last-modified: Mon, 04 Sep 2023 19:31:10 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 41A0 40 KB
14 KB 186ms
186ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 09 Sep 2023 00:26:08 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 221ms
220ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3960&_p=1583246668&cid=643526638.1694217007&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694217010&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&dt=%E8%97%8D%E7%89%A1%E4%B8%B9%E3%80%8C%E9%8D%B5%E7%9B%A4%E6%8A%93%E7%99%A2%E3%80%8D%E5%A5%BD%E8%88%92%E6%9C%8D%EF%BC%81%E3%80%80%E5%BF%98%E6%83%85%E5%BC%B5%E5%98%B4%E3%80%8C%E5%93%A6%EF%BD%9E%E3%80%8D%E5%AE%9A%E6%A0%BC%E5%9A%87%E5%A3%9E%E5%AA%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1335864191;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc...
pixel.quantserve.com/ 35 B
371 B 249ms
217ms Image
image/gif 91.228.74.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1335864191;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1722202272-1694217009135;pbc=0aac6c66-effa-4851-afb9-1f4cc8ebb66e;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1694217010244;tzo=-120;ogl=;ses=fc1eeac9-6543-40d0-835f-6e2a41e3509f;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 Fz1NWWjZvo8iIc2I9C7czRQpgoIkXSLAN44uInfQcih7tkskabNOeYDlFBNf4bu1tF7WrUynJR3hMAnitj7sie8VTo%2FDTbJnvBHWJto2gPyGV%2F%2BtNv3UbE5XFFW1RJIXwJjIY1EtWMN3yIBQ6FyRzreV1EPeXSK75uQSbLe7sQwcyuv7YEVTyGNlApS8tF%... Show response
ad.vidverto.io/delivery/video/pod/ Frame 231B 46 KB
19 KB 216ms
216ms XHR
text/xml 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/video/pod/Fz1NWWjZvo8iIc2I9C7czRQpgoIkXSLAN44uInfQcih7tkskabNOeYDlFBNf4bu1tF7WrUynJR3hMAnitj7sie8VTo%2FDTbJnvBHWJto2gPyGV%2F%2BtNv3UbE5XFFW1RJIXwJjIY1EtWMN3yIBQ6FyRzreV1EPeXSK75uQSbLe7sQwcyuv7YEVTyGNlApS8tF%2BY2YlSgrRGOXfvaJiv5FTIm8Frye%2FOp5MfS3hnXAEy6%2FoDdpAQSXY7p7R0gAUjGl5sskFc%2FqQNTTvPLhvnWh02Os9kBL8fPW%2B2MK15gLGkkLQD5n%2BuLyEqDxzEj5feSBEFf%2Fvld5m9%2FrXyW10iTrJPltWLlC%2FPUFeunLFNa8ycMaiiJYMRyqkK76W67Quv%2FwkuyEihzgxFMpYIk84MBTsf3ept%2FinCrQFFpo7JBSt8LrJhf4ffOAq1NHW5f0E37njIDG4uUm%2FGM08ka0lRchtAlrjtqkot49Owfk0e95emiyY8YtuY5yWAm%2FiPBTZS1O3601qUHSkCFl5Xk4R57x%2FyteDn5Ip7aq8F0Dd6YkqQyxdrVWqVrenfvJvb6mQMXx2Ql8C%2FuceEgNSTKEnEIyKvV2m6FpdpkpKTO127QO6MaymMufTMtwgHbSMinuu2b2EJhM41BVBUezMdxZ5u7lYV1GnRtUjVqARtlcm%2FpXIl2T0oYCqoxrCdSGV5uIAAz08hCnHH7hfgqiwGQYN2SVLA%2FDW9Fm3iNr7lzHacI0P8ohL4IdfWhRWd8re%2BV4pizYNh?bids=%7B%7D
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 90863e00222ac3e39587b199dbdb37aa359a266d655f18bea079dfce7fd67e84

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Fri, 08 Sep 2023 23:50:10 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame BE23 210 B
548 B 783ms
124ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3De5af56f3d36c29fc%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MbwquCYDRtz2511MTj_fk3zBUSYkQ&gpic=UID%3D00000c705b3057a1%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MYiYbbwIghzVdHHrK3Z-MEzJO6RAA

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

098ee2cc0fa2568d5c979f9c431f0389bfffd94e10e1a3fccd0b34b855f44c7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 196
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame 8904
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301105&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=16942...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
870 B

927ms
168ms

Document
text/html

18.66.192.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-16.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 661
content-length: 459
content-type: text/html
date: Fri, 08 Sep 2023 23:50:11 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 033e374ece012797cbee0d505e2e61b4.cloudfront.net (CloudFront)
x-amz-cf-id: f8o5Ov6feZ_yp6DZn3OwCR6wbZoUHS0xB018A7ByYgwxNKeYK31zuw==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 23:50:10 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/sBTWk3MHLZKcJ8xJ2G2hww:1694220607/1327/video/1813/ 232 KB
232 KB 497ms
207ms Media
video/mp4 212.8.250.43
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/sBTWk3MHLZKcJ8xJ2G2hww:1694220607/1327/video/1813/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.43 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=16973824-

Response headers

Date: Fri, 08 Sep 2023 23:50:10 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd37-1069ee0"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 16973824-17211103/17211104
Connection: keep-alive
Content-Length: 237280

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 7F25 210 B
267 B 686ms
145ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

c270961c15778f7f594fc76363dc422d0cf8895dce2e6af1239c6574c08cb489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 69EE 26 KB
12 KB 440ms
439ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694209810&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694217009406&bpp=575&bdt=1986&idt=1033&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3De5af56f3d36c29fc%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MbwquCYDRtz2511MTj_fk3zBUSYkQ&gpic=UID%3D00000c705b3057a1%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MYiYbbwIghzVdHHrK3Z-MEzJO6RAA&correlator=3540625913131&frm=23&ife=1&pv=1&ga_vid=643526638.1694217007&ga_sid=1694217010&ga_hid=166511746&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=907453377&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077329&oid=2&pvsid=1313713844715516&tmod=263685221&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q76n48u7ax8f&fsb=1&dtd=1045

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3d3aca359b95e5474c42798abe50fe00b8976252cf77ad7e72ea24b4d0dcccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12310
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 23:50:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 231B 0
234 B 1979ms
813ms Ping
image/gif 142.251.175.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmb92bcr&c=3540625913131&slotId=1770312956565.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame F9E0 86 KB
28 KB 962ms
266ms Script
application/javascript 13.107.246.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1370185463893459587&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3104&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=5823&ga_hid=1583246668&dt=1694217008743&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&bdt=3215&dtd=2&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.246.60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 90eec26631750771c30336de6715aad19b3adc4d4f271686a477c0edc9042a01

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 08 Sep 2023 23:50:10 GMT
content-encoding: br
last-modified: Fri, 08 Sep 2023 16:51:39 GMT
x-azure-ref-originshield: 0xK/7ZAAAAABAZ5QQLE50RqRsZCqYllkzRlJBMjMxMDUwNDE3MDM3ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5: wSRY0GX/Tl8mHNGm//AbUA==
etag: 0x8DBB08BDF109C73
x-azure-ref: 0M7P7ZAAAAABV7EWQodQJT5z91NfGaWnGWlJIRURHRTEzMTIAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b3a4046d-401e-00f7-80a3-e21ee5000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame F9E0 80 KB
27 KB 525ms
156ms Script
application/x-javascript 23.32.184.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1370185463893459587&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3104&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=5823&ga_hid=1583246668&dt=1694217008743&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&bdt=3215&dtd=2&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-180.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 23:50:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sat, 07 Sep 2024 23:50:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame F9E0 3 KB
1 KB 242ms
241ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1370185463893459587&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3104&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=5823&ga_hid=1583246668&dt=1694217008743&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&bdt=3215&dtd=2&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 16:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Sep 2023 16:09:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame F9E0 20 KB
8 KB 241ms
240ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 06:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Sep 2023 06:26:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9E0 181 KB
57 KB 171ms
170ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 23:50:10 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame F9E0
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=a0faaa1a-92e5-4ffb-bdaa-1a5fa2ba3449&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=88f67165-68c8-4086...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=b16828c06fe847d5b7c599ebbe5da7cc&SNR=1&GV=2&med=10

0
546 B

165ms
163ms

Image
text/plain

2.23.209.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=b16828c06fe847d5b7c599ebbe5da7cc&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1370185463893459587&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3104&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=5823&ga_hid=1583246668&dt=1694217008743&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&bdt=3215&dtd=2&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol: H2
Server: 2.23.209.133 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-133.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3EF97E309F6E4C1E806CABF0ADF4B359 Ref B: FRAEDGE1805 Ref C: 2023-09-08T23:50:11Z
x-cdn-traceid: 0.05d01702.1694217011.23ae2f78
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 08 Sep 2023 23:50:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FDF4FFDD9DB147EAB1FBF48652062006 Ref B: MIL30EDGE1517 Ref C: 2023-09-08T23:50:11Z
x-cdn-traceid: 0.05d01702.1694217011.23ae2ee2
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=b16828c06fe847d5b7c599ebbe5da7cc&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 231B 156 B
186 B 1080ms
445ms XHR
text/xml 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3038398719960621&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FsBTWk3MHLZKcJ8xJ2G2hww%3A1694220607%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=6ACD5108-A63E-4F8A-8424-F8AFA98E5F38&a3p=EhkKCnB1YmNpZC5vcmcYh-rPuacxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGITdz7mnMUgAUgIIZBIZCgp1aWRhcGkuY29tGITdz7mnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZVVZSVm5NeGFTdFNNbTExU205V01UbEZaMjFCZHowOUluMD0Ywu3PuacxSAASGwoMaWQ1LXN5bmMuY29tGPDuz7mnMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&dt=1694217010603&cookie=ID%3De5af56f3d36c29fc%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MbwquCYDRtz2511MTj_fk3zBUSYkQ&gpic=UID%3D00000c705b3057a1%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MYiYbbwIghzVdHHrK3Z-MEzJO6RAA&scor=1361739992532776&ged=ve4_td5_tt0_pd5_la5000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adx3.adform.net/adx/ Frame 231B 65 B
748 B 1260ms
490ms XHR
text/xml 185.84.60.21
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx3.adform.net/adx/?mid=1743473&t=2

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.21 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 231B 156 B
676 B 980ms
348ms XHR
text/xml 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3038398719960621&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FsBTWk3MHLZKcJ8xJ2G2hww%3A1694220607%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=6ACD5108-A63E-4F8A-8424-F8AFA98E5F38&a3p=EhkKCnB1YmNpZC5vcmcYh-rPuacxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGITdz7mnMUgAUgIIZBIZCgp1aWRhcGkuY29tGITdz7mnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZVVZSVm5NeGFTdFNNbTExU205V01UbEZaMjFCZHowOUluMD0Ywu3PuacxSAASGwoMaWQ1LXN5bmMuY29tGPDuz7mnMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&dt=1694217010606&cookie=ID%3De5af56f3d36c29fc%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MbwquCYDRtz2511MTj_fk3zBUSYkQ&gpic=UID%3D00000c705b3057a1%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MYiYbbwIghzVdHHrK3Z-MEzJO6RAA&scor=1361739992532776&ged=ve4_td5_tt0_pd5_la5000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 231B 156 B
260 B 1080ms
449ms XHR
text/xml 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3038398719960621&cust_params=mt_fln%3D1.8&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FsBTWk3MHLZKcJ8xJ2G2hww%3A1694220607%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=6ACD5108-A63E-4F8A-8424-F8AFA98E5F38&a3p=EhkKCnB1YmNpZC5vcmcYh-rPuacxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGITdz7mnMUgAUgIIZBIZCgp1aWRhcGkuY29tGITdz7mnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZVVZSVm5NeGFTdFNNbTExU205V01UbEZaMjFCZHowOUluMD0Ywu3PuacxSAASGwoMaWQ1LXN5bmMuY29tGPDuz7mnMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&dt=1694217010608&cookie=ID%3De5af56f3d36c29fc%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MbwquCYDRtz2511MTj_fk3zBUSYkQ&gpic=UID%3D00000c705b3057a1%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MYiYbbwIghzVdHHrK3Z-MEzJO6RAA&scor=1361739992532776&ged=ve4_td5_tt0_pd5_la5000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 231B 156 B
186 B 1343ms
714ms XHR
text/xml 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3038398719960621&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FsBTWk3MHLZKcJ8xJ2G2hww%3A1694220607%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=6ACD5108-A63E-4F8A-8424-F8AFA98E5F38&a3p=EhkKCnB1YmNpZC5vcmcYh-rPuacxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGITdz7mnMUgAUgIIZBIZCgp1aWRhcGkuY29tGITdz7mnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZVVZSVm5NeGFTdFNNbTExU205V01UbEZaMjFCZHowOUluMD0Ywu3PuacxSAASGwoMaWQ1LXN5bmMuY29tGPDuz7mnMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&dt=1694217010609&cookie=ID%3De5af56f3d36c29fc%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MbwquCYDRtz2511MTj_fk3zBUSYkQ&gpic=UID%3D00000c705b3057a1%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MYiYbbwIghzVdHHrK3Z-MEzJO6RAA&scor=1361739992532776&ged=ve4_td5_tt0_pd5_la5000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 231B 156 B
227 B 1172ms
544ms XHR
text/xml 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3038398719960621&cust_params=mt_fln%3D1.3&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FsBTWk3MHLZKcJ8xJ2G2hww%3A1694220607%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=6ACD5108-A63E-4F8A-8424-F8AFA98E5F38&a3p=EhkKCnB1YmNpZC5vcmcYh-rPuacxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGITdz7mnMUgAUgIIZBIZCgp1aWRhcGkuY29tGITdz7mnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZVVZSVm5NeGFTdFNNbTExU205V01UbEZaMjFCZHowOUluMD0Ywu3PuacxSAASGwoMaWQ1LXN5bmMuY29tGPDuz7mnMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&dt=1694217010611&cookie=ID%3De5af56f3d36c29fc%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MbwquCYDRtz2511MTj_fk3zBUSYkQ&gpic=UID%3D00000c705b3057a1%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MYiYbbwIghzVdHHrK3Z-MEzJO6RAA&scor=1361739992532776&ged=ve4_td5_tt0_pd5_la5000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 231B 156 B
186 B 976ms
349ms XHR
text/xml 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3038398719960621&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FsBTWk3MHLZKcJ8xJ2G2hww%3A1694220607%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=6ACD5108-A63E-4F8A-8424-F8AFA98E5F38&a3p=EhkKCnB1YmNpZC5vcmcYh-rPuacxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGITdz7mnMUgAUgIIZBIZCgp1aWRhcGkuY29tGITdz7mnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZVVZSVm5NeGFTdFNNbTExU205V01UbEZaMjFCZHowOUluMD0Ywu3PuacxSAASGwoMaWQ1LXN5bmMuY29tGPDuz7mnMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&dt=1694217010612&cookie=ID%3De5af56f3d36c29fc%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MbwquCYDRtz2511MTj_fk3zBUSYkQ&gpic=UID%3D00000c705b3057a1%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MYiYbbwIghzVdHHrK3Z-MEzJO6RAA&scor=1361739992532776&ged=ve4_td5_tt0_pd5_la5000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A198 0
0 209ms
209ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4gz9MbP7ZO2PFemHx_APi4G-EK7oxIFywIiZndYRZBABILqEwDNg9YWAgPwDoAGNoLG4KcgBCakCc799Vr70sT7gAgCoAwHIAwqqBPACT9D1_4ho7amAypd8_iQ_zukUEzUuBL8HT3P9rCiVNkBhK3m1U1EdUwWrOSTjAmpGZJqDMd6VGj1u1qOOYOgQcHHxwSoyf7pTdoehkaoCw6W7VZ8cUCu0oVZDfejYJHnxWGsV7BHM9z7i9OWpIjiT2eb94PiVavRIKup5OwAjxktkoRvHecIlZo4g0wwYEjg6lKjfonSZib0oII0n6ViaYQ2Ef0cFQ7GxrOLF8G96wMsga8RmBce8lFL0Z3OANsJBln3ExuQH__Qzu1VCvUcb5UnbPMnTqCIAYZwg9lVEeYuErNte9BS9VC2I3XX7eSLeTKzqaO5WonaXixSp6vmSnIMpvJeNh2XUXm59UadWk0JUAHLycQYE5c5nQA3MGYi4COb5w7ue2OMIyAbT3KZw1l4ufnX3iTlYVOKcndg9q9-G0UbxSzTO-tOmN36osGuMcwH3MZyi6Tf1AisP9jqq-WxFwPU3BaZs9G23YlKZEfjABP2e7uifBOAEAYgFkq2hgEuSBQQIBBgBkgUECAUYBKAGLoAHjdiBmASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD-iAvSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MJoJRGh0dHBzOi8vd3d3LmVwcGVuZG9yZi5jb20vY2gtZGUvY29tcGFueS1jYXJlZXJzL2J1c2luZXNzLWZpZWxkcy9vZW0vgAoDyAsB2gwQCgoQoIX0yP7jpPUrEgIBA9gTDdAVAYAXAbIXHgocCAASFHB1Yi0xMzI1MzQwNDI5ODIzNTAyGMqrHg&sigh=K-3muauGqSk&uach_m=[]&ase=2&cid=CAQSPABpAlJWXeD1UyrOaeKkRfzQ7r-CGVQg66ffkCfkSN-GTBcCGtLUALGWWnWDpQaW2jTVQzeaopf-ZgsGixgB&template_id=5000&cbvp=2
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f194.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C8E5 13 KB
5 KB 195ms
193ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 19727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 18:21:23 GMT
expires: Sat, 07 Sep 2024 18:21:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1C93 829 B
1 KB 176ms
175ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f38181857f30c8f3e84c75c90998b0f9ecc81fc811b5df357f47ffc3d8f206f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rIwaLvkQRNitmVEQRzyg-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-rIwaLvkQRNitmVEQRzyg-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 23:50:10 GMT
expires: Fri, 08 Sep 2023 23:50:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3CB6 13 KB
5 KB 142ms
140ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 19727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 18:21:23 GMT
expires: Sat, 07 Sep 2024 18:21:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4B44 829 B
767 B 168ms
168ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce07e01b7a07122798e5396570837d31f530deffc8190637c919fc5026ae0697

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1Yh6f22q_8f6u9jZjRVO6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-1Yh6f22q_8f6u9jZjRVO6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 23:50:10 GMT
expires: Fri, 08 Sep 2023 23:50:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
797 B 211ms
210ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694217010833&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1548&pt=-1831690918&tz=120&viewable=true&ddast=V8Y2cCLAaYrDvL3zW62BEwWXeWv2t0sSsAAABgYID-AAm5hqPVyDJZiywui1s08ZjcEo9v4dbYHIvlbLBxbDYWIyAh13C0Glkma5HFZXGLJh6TW-LxLdwam2OxnA02js3GYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZqaDodPte9Xvf73SU-z1zj9yv8YofdrXa9RQ67W-p02N2Ch90tPboebuXD7nMLHX635uh6y1xv3cPucyuedp9benTYfW7p6-lWuUVOu8-tc7mFT4db8HSrHXah6W22AwAAAIAH_____xAAAAAAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAz_____GgCeOTC402VyWX5-z89l9wcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hkyPEfi3X67JECl4LcIIAAAAgM9paNqRSTpBxaLK__9_vxWAKwAAAYp3M-zBWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9SjF54G6N-VQs0vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAamZbbFczRwbj2VkGk48DsfCs7BNPA7bZjPyrBbbo7Wg6hyZTe7WZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCCYWi5Vtt9y4ZQ7ncC1aLDdrhW22WAsWm9FyZpo4FivbWvT6mC4212a4cHmRYADcXiRPi3QimRhnG9vM5HINF6ONbzAyzCy74cQ0shgGI4_JNBFLNCeLdCK77Fsz22K5mjk2HsvINJx4HI6FZ2GbeBy2zWbkWS32jcViZdstN26ZwzlcixbLzVphmy3WgsVmtJyZJo7FyrYWvT6mi821GS5c_sZsOZosdoPBbN-YLUeTxW4wmO07dIbv6nM2KssqycclNqu_td3NaVC4DBbvS306DwvGgvnkOTpVQuW0szP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9hhd6tdb5HD7pY6HXa34GF3S4-uh1v5sPvcQoffrTm63jLXW_ew-9yKp93nlh4ddp9b-nq6VW6R0-5z61xu4dPhFjzdaoddaHqbLWKJ4HSRTkQv4-mi_iMHm8wVs91cMVvMFYPVKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_DwAAAAAAAACAX0EMNrPd_gGoEGu1Wt1urNVqBTSQ0XAxXE3g____Pw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vG!nonrv_vA!ufm_vG!ufrlt_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c569065c32a76fdabd354e28723483ab221a9db68fc807aa2970249b9920e8a

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 08 Sep 2023 23:50:10 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1447
x-cache: MISS
x-served-by: cache-fra-eddf8230029-FRA
pragma: no-cache
server: nginx
x-timer: S1694217011.892029,VS0,VE29
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4AEC 2 KB
1 KB 142ms
142ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CmT7RzXv%2FAut9avXymY%2FmZ8qgBGVzwG1MHO6l0Wm5xGQ%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsNk0cMylxNjnhqF-vATb6wTU7cTB0_CareeZRGlUz4POYD4ixdgW2Uw2QMjXSP4Pl8toMTZthOQ4gzN5dQHeoagZIaKl1gFP7r5iFnD7s3NUWi_K-7L4mTrI-9ISEThx36guRsZ-vA6q_6WMaTjHiFDy485bDSJ4h2jdKhktraVIcUSLuO9CDLIBCuaY8KMNZphBr9hbhl8ZodaU0GhxgUWxG2DZTP66fT35Sti9wTJKq_6qlqR8149q1rdPTfDYNXnsX6vR7m5lq5QkwmUrg7rrq-_Wh43Xy4YqPw-Hb7trNDDRAR8gpnXg1YzUeezNuflmG2SnlFrV6HL48ReqojGkG64m5CNp7JpZIKmwkurJ5yZwR981v93PZo4EcVaxi_iNRX06tkZYJwX_RkPDfDuWb5SkAF-rL78Z33xQy0wN3WTBlcnD0u-tDrM_8FKKZ3Ph3sDfu5AHFS6JhnH4sV5jTXfic4xOYaPt8wfcXC4_CD4ndmdgOM-JE9KOug2qYaQItZSXHn6ta6Vd3h72aHKm6p4qnJovEP4o1W2gIwWn4vpYZWL4WBtvR8RIizJXYqH7oBEj3LGO3SBaABpAxHgSH7Bpsfi7lxdQq7cpn8FEFCNjaHwwVBa4XlKGGkN5Es5aGZIYwj7mnvVY5joAfLhu99MXq4jO2LDg8eUqXhpnGFKM7e11-ev83xh2UdloMW1QGFu4JJ8Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Sep 2024 23:50:10 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4AEC 2 KB
1 KB 179ms
179ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Sep 2024 23:50:10 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4AEC 308 B
636 B 177ms
177ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 02 Sep 2024 23:50:10 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4AEC 293 B
621 B 178ms
177ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 02 Sep 2024 23:50:10 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4AEC 43 B
347 B 175ms
174ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=piHAGF68Y8ROU4eA4dlK6OEkseeu_-B4zxOUDMd_5WGrkk1Gj3Sx6RL6pB2zCQxcL4u_gWvaxmKszjrY_agwskvqReEcJUqraIh3c2zoUlkk8uE-zlW8IgsLKhEzcTxXwFx_oyZTxDeceqVRW9OrE7vyF9aSHuFlA676czu3yK80uFPfNBykAf4NSppVK2CMhDf4boAEYsoCsDZgHZD14gDkSWX6B7HV5jzl4IbwUrU66pA1zpL5jYyu1KVp5bNGoiDjtE3YsSuZp838I8Y0_dsU-4WLAU4e3p4CjUvagjeQkzcHZIg5V2IdC2Fs4U3Usqg0uuUUiVtg2wmXsgdGRsrRhhwNr_hUBLKl4MSKLr7YnU2OmfznqcfhP-yy0MVvrtpmf5eKynj3MaqxUhfy2zJbrmHIdFUaKAHBsLUpZS-88BTOIuYWlgCfboVeAouycLPgun_1YndSW-saitGFluQJi2S1gup7zH9qcNRRJxsgUEbmC6l7dNIANeuPHWDiSQZ0cU6wRcjdmjdlWaK7Pq0GUZXtWrSv11WRuFbAuYxPWHYCWpiITZ6wKNY7kFU87fqks6P609LMCe73pPAhGUXVwxI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1900119
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dis.aspx Show response
widget.nl3.eu.criteo.com/dis/ Frame AB3A 6 KB
3 KB 515ms
192ms Document
text/html 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fbb332e53d716a250ab72e3636f3aa&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

26293f6761dbd10acba8df7142441ac490dc0809e908901ea71e6c51bebe705b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 08 Sep 2023 23:50:11 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1897186
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4AEC 12 KB
5 KB 805ms
148ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 328033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uefT4ByUidaXS90318uFAXJ2Ro8%2FQB5UKzVewWn01ylfjjRrHIZ%2BfTKjG%2BhSF336MZUl5huAC9pHxY97%2ByyTWAc0QRqdL7liyY916ZU4nlQzky4f4k7zDnhY3M6N6sILoTM93CL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 803b17a2995c24be-ZRH
expires: Wed, 28 Aug 2024 23:50:11 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 69EE 42 B
110 B 206ms
202ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Czkq3eKTGplEvt8jeE6fgJqj2Sb3V7jxByKWpG0vefgbYB-hVZtEsqVkz_me_NKdA0mVpakBLiX4jq-wcpCVYgAdV91t6hxpd-e_WKTn_IK6AiXXY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694209810&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694217009406&bpp=575&bdt=1986&idt=1033&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3De5af56f3d36c29fc%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MbwquCYDRtz2511MTj_fk3zBUSYkQ&gpic=UID%3D00000c705b3057a1%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MYiYbbwIghzVdHHrK3Z-MEzJO6RAA&correlator=3540625913131&frm=23&ife=1&pv=1&ga_vid=643526638.1694217007&ga_sid=1694217010&ga_hid=166511746&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=907453377&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077329&oid=2&pvsid=1313713844715516&tmod=263685221&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q76n48u7ax8f&fsb=1&dtd=1045

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 69EE 0
121 B 205ms
202ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6425010146606766915&x=1&ct=77

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 69EE 86 KB
30 KB 370ms
369ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 23:50:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 69EE 3 KB
1 KB 141ms
141ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 16:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Sep 2023 16:09:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 69EE 20 KB
8 KB 141ms
140ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 06:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Sep 2023 06:26:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69EE 181 KB
57 KB 144ms
143ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 23:50:10 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BC5B 478 B
242 B 200ms
199ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNUnnSrqZJYrFhT3vJDYDjeciEHQ9Sgy_N-aOvGYtpt9r6pyGOmuYeUSqa4QBOkxnXB0ko79j9RobwedNF7fT3wrvpdwkg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694209810&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694217009406&bpp=575&bdt=1986&idt=1033&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3De5af56f3d36c29fc%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MbwquCYDRtz2511MTj_fk3zBUSYkQ&gpic=UID%3D00000c705b3057a1%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MYiYbbwIghzVdHHrK3Z-MEzJO6RAA&correlator=3540625913131&frm=23&ife=1&pv=1&ga_vid=643526638.1694217007&ga_sid=1694217010&ga_hid=166511746&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=907453377&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077329&oid=2&pvsid=1313713844715516&tmod=263685221&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q76n48u7ax8f&fsb=1&dtd=1045
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 23:50:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1C93 0
0 233ms
233ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309050101&jk=2020108888822938&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 225ms
224ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Sep 2023 23:50:11 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4AEC 12 KB
6 KB 186ms
186ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Sep 2024 23:50:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4AEC 15 KB
15 KB 904ms
211ms Image
image/png 178.250.1.15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F27e396689d854f96bffb4f1c353d44d6_digicomp_logo_white_criteobanner_cta_square.png&v=3&w=256&s=mLFT_ZJxWVAvg7oKoC-HfG0U

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9cdc95a5a7530f63cb0596d39d3d085c03bbba9e887dece7aead9d82d96855f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 15110
expires: Sun, 04 Aug 2024 04:07:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4AEC 16 KB
17 KB 1009ms
316ms Image
image/webp 178.250.1.15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FDAC.jpg&v=3&w=800&s=cup2dQiTluKsP7gSMZxtKGdY&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

01b00a6ea2f6d0c4bd8a51833577f80d1f4f9e74966c6bc7a429b67986566609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 16724
expires: Sun, 10 Sep 2023 11:22:42 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4AEC 14 KB
14 KB 1004ms
311ms Image
image/webp 178.250.1.15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3a3b6228c8b0ca57f754c5044f9ac8a6dbb8ae04dbcd96f0daad569bcccbaabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 14514
expires: Tue, 03 Oct 2023 06:25:43 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4AEC 16 KB
16 KB 1005ms
313ms Image
image/webp 178.250.1.15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c2e108b13f9db2acc5baf4873111d47587fcfc08fac49592a736d7846993ff25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 16322
expires: Sun, 10 Sep 2023 09:08:20 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4AEC 0
128 B 868ms
180ms Ping
text/plain 178.250.7.17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=0c9E1HYVxp-7XfPrUUidLlW-lQIIZ8-az8Acs38E7dY2l4fCBXSKogd-1ULzgRie7mXB4Qa5eBAVBumR7ecp_M0X9YgtOdO6-1Fj1lRKGtUh4tVrXICtkkwq0pMsynXvUHbunj9oiw4bLD7lBL1lsZT1Xq2pTM3LD1ePWUWbVFzRigrl7FpvoES06iWn4ETx-CaQ3A5vXsZpUFyJXRuqBE7a4N_78uR3zLIGN7pM9jiJyodkROOSmDXsG1m3BgkwcznZIQ&sds=2&rev=88100.4&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 08 Sep 2023 23:50:11 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4AEC 2 KB
1 KB 161ms
160ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Sep 2024 23:50:11 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4AEC 2 KB
1 KB 161ms
161ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Sep 2024 23:50:11 GMT

GET
H2 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame C8E5 37 KB
15 KB 143ms
143ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 06:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Sep 2024 06:41:27 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4B44 0
0 182ms
181ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309050101&jk=3699389707604895&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3CB6 37 KB
14 KB 148ms
147ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 06:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Sep 2024 06:41:27 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/sBTWk3MHLZKcJ8xJ2G2hww:1694220607/1327/video/1813/ 200 KB
0 144ms
143ms Media
video/mp4 212.8.250.43
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/sBTWk3MHLZKcJ8xJ2G2hww:1694220607/1327/video/1813/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.43 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=65536-

Response headers

Date: Fri, 08 Sep 2023 23:50:11 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd37-1069ee0"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 65536-17211103/17211104
Connection: keep-alive
Content-Length: 17145568

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame BC5B 170 B
188 B 190ms
190ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNUnnSrqZJYrFhT3vJDYDjeciEHQ9Sgy_N-aOvGYtpt9r6pyGOmuYeUSqa4QBOkxnXB0ko79j9RobwedNF7fT3wrvpdwkg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BC5B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIC0qNUzJwUbJpiXGmfYWSs&google_cver=1

43 B
732 B

243ms
243ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIC0qNUzJwUbJpiXGmfYWSs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNUnnSrqZJYrFhT3vJDYDjeciEHQ9Sgy_N-aOvGYtpt9r6pyGOmuYeUSqa4QBOkxnXB0ko79j9RobwedNF7fT3wrvpdwkg
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ga5LHY7Z7H6rClwHK7B0zc%2BVswQLZJbDxXO0vuvguiAc26uimR3mAvdSxlaF67j3SJyrArzm5nI0p08jBswx98VdhZWoiVStbz1wlKYzYUm%2F5krd1Qy9GyKkJwRgWbE80%2FvqdRCyTU6z6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 803b17a16eb324c6-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIC0qNUzJwUbJpiXGmfYWSs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BC5B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPuzM9sKmtBP3-I44bwq0QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIC0qNUzJwUbJpiXGmfYWSs&google_cver=1

43 B
739 B

246ms
245ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIC0qNUzJwUbJpiXGmfYWSs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNUnnSrqZJYrFhT3vJDYDjeciEHQ9Sgy_N-aOvGYtpt9r6pyGOmuYeUSqa4QBOkxnXB0ko79j9RobwedNF7fT3wrvpdwkg
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIiLJo%2F7aMj0Wblw6qL6f1%2F9xcV0fvXYFMmeXdOAtOE%2B9uKNtA%2FsqgWp4BS%2F3W%2FMu%2BPDSeOsDFtEYru6IfMMh6Ege1avOysa%2FjHpXKK78fyRJtPzc4YmEaJeYyJzkRafHaG1s9k10%2BMJow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 803b17a3aa2324c6-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIC0qNUzJwUbJpiXGmfYWSs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 231B 0
54 B 1390ms
814ms Ping
image/gif 142.251.175.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmb92buh&c=3540625913131&slotId=1770312956565.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET publishertag.prebid.js
static.criteo.net/js/ld/ 0
0

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame C8E5 0
40 B 233ms
233ms Image
text/plain 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Gm6-8g
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B094 42 B
174 B 251ms
250ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7GxUnLWbfYrr5ALUuJ7fJOjwsbdHUnKhc5RMH3xBlcCSiiZTFAHX9VVr-MQCvd4u3LAS3Kkgle0jELs-GvIWAOlrPQgGeIn7c9DTmfZEE5P8Tbgr01F2WmACYDcXw&sig=Cg0ArKJSzPTEwvufQz3dEAE&id=lidar2&mcvt=1012&p=1110,315,1200,1285&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20230906&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694217009856&rpt=318&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 3CB6 0
38 B 232ms
232ms Image
text/plain 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XiOn4w
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 69EE 0
56 B 232ms
232ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7241418993091&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 69EE 0
56 B 228ms
228ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7241418993091&version=m202307240101&ct=77&x=1&cor=6425010146606767000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
ad.doubleclick.net/dbm/ Frame 69EE 15 KB
12 KB 535ms
203ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3NTrnijnO5MTLYRjdG9w7H1nZ_E5U-wAruSqdkYfEjpFmQGmjGImBV6pyV7hgjUXCTj2UMLNcMdbG1MeF9Z18D1ErNB-tZd5VuhNexckjfjeV5tpzHn25FxgY1Q9LB0f2dS0PaJKmyttOby_QxqSoYCObEl_1jkVhTmP5M9JlNiei4NM&cry=1&dbm_d=AKAmf-C5hsjIIOjqVAR1U-48CYe-Ebr3QPsY_pklCcvTtL9lsbkSOxOjm7m29cqhl7yqvDQJauE6wpOqSUYEUhjYPasCkrSba7h1P-MWxG3jhvPhnVqSHfovs5f3B8sS6MMJSxkbM3PE8xjPCifyZLclGke52W00EYfMvUJmXS-7rgZkFSkCLjyZIZOJMh1Oz0NMwHh8ZH_O6d73jUgcTWuSFis-OAUztNMisw3jfaylFH1uixbpUtW8snx-ydZfb1d6hqY98j-5VX5JjU76eV9JAOxVyc08GcUHVCMAGyWbF2gHnMSsHQvupwpxy6_i72YOjaBJ7PvqZDZD-0y5n5IOsJUvEaYwvKuPZqPM7gn26R8ZM6xFNf18ZWFTCwx625zSSPiD0a86UPgqk7xZPdzmRArH2zJOp-68VvBRJBEdszZdft8rZ3WDY08eK9AYiC-kJrckmH7Nv2e5JQrIsMBGEQet7QIURPeCj1cq7hB4l7ZC7QQbZujD71p_bKFYU1MK7p-j65Uv0FCZxD0nuet30xQH_RPY9ROrEg1rlNZb8gHRdiXD4-gFwkzUxivdfBmSAE9DJdXKdynUtiu9ln09WfyrkFUwUZ4MaHMEgUqIjY82Mx8kJR0s8RGfYZHmJGDJvoKTw3VAgPSiTK-hQ5m89PULHA_OWLa57STNW525sWChjIQTc9jvbEMp5T6Cl6FLPrxN4Whke34ki13DYQWvAF56UG4bzEHtTPzgRCR4JVcAccS14z2M1EtpGA1hihBU5hHnlWKWODcGy2M39vaFJArcnyDGa7KMcQ1oyc0OawmEnaQU3e9c3oNYKyqtFMhpXy-IayWE-wBNg-NqqN-x2pVvyZ48-3OEFbJPgxPebcRoZTyc-FtUilJzOmMg2TJg3fJ5S0c-Ao9Mcc9U4SEqfGN4oDsHA0mB_RI4Y0_inzV23oTvJqw8MmFalDZ5xWyeNA1eCQ6pYF-YzFc0rzqWH-FrPaiWpXXxdQiTj_Fs2Jw-DNnttGV2QYqjH9V4FW8qeTh8Jdp5sEj66NruPn7JEMXFs8mxAXtGIl6LK7f_LfLgnzCVy0lF5BDiSIT0DxhnVRaJajqvbxi8xwJro6RxpmhWeFWIx2tKIGx88LdrwYSq1HVhN4cZwAflC20S5QogDEszjuL0Pb15bCjrXdaMg9gg_dJmW1ml8vCDK6SBnAbXJ0g8o0OjPBT_iGdDNL8Q_mFjf-YMh6m0QlsG2WTyocoXraFNG2wGAg7tWHkzom1SMtJsHV5vLRsRiUgjxO43TZrZt0i5y3YGlIGFuDabKsKApwlTGTvWKCGwe2dm4JKeY_txhFkAgi0pu1EVCtDSyupSXTXglw1M4hSxC5SKkv8RH-UaaGbTXRZxKeG5u98WIqJz_PrOa-UaJT3Hif2TLQccN5LmIjhrTiQgts-H7Hlu0unf4WDW_FfCpARaLValFvkjGU7n0_8avK_iSGxB8JmjVRkoJ5LFNT-oFcDCEB9vlk2889dVv17Tdl5YXN98lBT0gmBpcUyartICin5H2h8zN4SGp6jH8fS5_XkP0KPnr3srAey-PRVoZQOjYYp_CsA01Q_kivwXjWb0E7rkQElgomxGkSeK-0KShx6pVUEVTgoz0zij56iYov1PSIez-IIZnbiRdChXAqMiSdlv-e8zlsauG9GBnMOEgOLbbrwHLczrWcshjTaA2N3tmz-lp65sBl3eV6YJORa8_UvUTK9AkOh0AbI1NRTofFA4Ec8Ke_EPI8WAkndL7_WserTDCQT05--prbRy8DnpccyS5aGJy5Elh_XSASdT-Yauyf28PZuw28ZfypOlgovmDk9PzPGrfJWSxB583YaYddA_1cOmYiDqc4WrdV_JrSZ6nBh0DCGlR8B1RJxFid2sDMvDabkzTPF2PmenVW2HXh5XQGbjip0fpY_a6YZw4CNeRUuQ8Cee0U6VhQv8PrTlZocu6VnYl_N9IBasiH9zpfh4XLuqncDI8b4zqWzFlzQojQWp_rtsKWsgH6J6Gb4dT8E5khf0LOvBagKgmgRL7Or4es5lK2w_AsH7Gzs1Pg3NrtpQS0qKJ4WM3cRt2LzehZXZ8DxtlbwM77EUxCg7Age2rZqpZKcIeVneppv52Fe4j_FfYiM75OrBiAKtmiBTX2dt4IKOU2kFQQoch535bz51m0a6-elGgdbq7qbXrDS5P91r8VUQsIOcs5YTiSZ1_Zrz2t0SZVun88nxcBUeHitAB_5HRmFzGyaoZwn5enuSKg85Ls3vq-JvSeVN1V_tykfTave0Vh-CkUOzAB0ggDrfd1oOd15uWmlrcii4scVxsn0PDybuSRB_Ydb7XULeGsg9PPRv-AbgDwEP9g-4MD5BCr1h-3sOkCtQkPXYdVSbGw49NapF4MJcVPRJjiCVjwIcYEw1hHnbBTC-cXiM4n7vPGySma9-hRiTNKB2-pobzuBDQ2uvuNyaInkRC1IWik-oYf-jYQ1mihI5bkZweqLe2IJOGqiyeNRj4MqTukAuQguAdfaHVZAzxBeUmrzxZzWHlyoyuQeK6zsGdViCSkOHWVgzFqbOeMpLGlms6dRzPJL8QnEsFkli-DwqrXLvJXbAit2-XH0JNYk7F5Lk_o99MdFmZAi-Iwe3rNlYAnRn_wY2qgT9P9n8dKYEyn_5oH6YFvqZUokd75lc6SdtVdJbYpV1ZPGVporWoRYaDlynEvKhv0OttiLtvaFUIj07b1rjwY6Twf0jOmvGtHJIkSrc2Ap6ZYZPJ8LqgF8z-w85jvVu-Yn1QtYBMYcha2dCcKqz94RNrlBP1tpxtIRkjLPZpklGz78fz30JUAObLrm85OKTEmcypz5Qr7Sq0woc1TcEOlmOPsQjVrqAW1f1a_Hhp9kXQAPuQsuApQ6ig6gCEAKdeTuMsp7olBUkQku18Ac09kfDe0dD_j6WLiypRAe6Piz6pp2U-EhFIgsiHHhhg1H2irsEUB5T84M_2T2yT2jdUi3YOgaPt-TefQK5e_7YkiSjUFdIQjHpKeqJxg4UvlcGmtWOrW15_4MN9ztjA2WrMEydTp2wq_AKWS2M4oxaWdRR14DRxqGtk68QkLOa-7HZ4yBAkDuGgnVpLEajsnkYM6O9SEwbqFPsBE1Ux0iTU_DrD9IySWXXNIkHs90x8traGkqhvnfdlxmi_EAbq28p_ug3VLxOm38YlmrR0hxSdaLe2arJ3Gax9Xcaa4Lnc7mqp760A_853S4_cAehu3rXrZwugYkEyfzYOIEojd2X9uvu3PhmX9vIaqI5D5viitj4AtMNQdVWNjtfHmyz23LV6qKV0fWUduPEH3oeMxy7MX7aVLxiUyYpDcz2f1BPvEUWGWAAqLnaQ2Qf2C6ShG51xiFwMk69NE4ypbM9JrqayrMLM9KxYzHMFzBqaMqqyV-dtWcNAwbFmwupII-Is3UP2I8KIABG84N0eetPtDXcDFSlKt1tr0wf_9d8kKWYrwee2Xeh5D1HCAk8_fQ7Vvx3Cu67fqnDxDa-tOvVudOFpm581mMUPeloBOtl87VSgxcbszzHTo7TiCyY6yqGT4ocDrtknhGUHITMErCahqLcptUgULniwkuPGcE-g0MyKv1nTdK_DMRejpBA5_8dX-Z8yx8zYfvbK_mEn3lWBgf8IYDNRqNFjyEbB8HotSpBhBOhyDAiFe11iIkgWJkkrMEl5Ej0RxjnK-wRvO6H6PTSUyL9sEMaCUqhFd9jdtQt52YvGBFZAnKzenZfTHnvVYlSh36xviTfFbdzD6mwmrHyjOWIHxBkkqR6xhP1Ej-mEgaHY0d5h3cFnF9MBQdORzkoQ9Ri527DfAALBjkmP_DZc2934CE4kxF0OUYQJhH2qwiMCfJlbjAyJ092pchtDHpOxX0RnqCKRORwR7sCqwsWMpbVBCT4t_4vWdBP_FPEXiARG6uusQ&cid=CAQSPABpAlJWRy2TLSChRQ8xC6fTAdkHzIbnMWch0QlZmojP1C5GAkJgBwQh9X-G4w7KV-caQimjmbJ1oTAn2xgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=6425010146606767000&adk=1761367587&idt=381&cac=0&dtd=35

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

31a79e504921db2fe6759fb11a3923a353b78ac1a6a7af6d5faf208ecd727583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11864
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 87F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Cifv24IG-5Jl2K2uqyhjJ88fpE9GnRfi5LenIQ&google_cm&google_hm=ay1DaWZ2MjRJRy01SmwySzJ1cXloako4OGZwRTlHblJma...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Cifv24IG-5Jl2K2uqyhjJ88fpE9GnRfi5LenIQ&google_gid=CAESECEkzl41foEanwMbNQfrkbQ&google_cver=1&google_ula=913071,0

0
0

GET
H2 200 sync
x.bidswitch.net/ Frame 87F8 43 B
145 B 168ms
162ms Image
image/gif 18.193.190.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-RbJgFoIG-5Jl2K2uqyhjJ88fpE-9pLHwist1NA&expires=30
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CmT7RzXv%2FAut9avXymY%2FmZ8qgBGVzwG1MHO6l0Wm5xGQ%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsNk0cMylxNjnhqF-vATb6wTU7cTB0_CareeZRGlUz4POYD4ixdgW2Uw2QMjXSP4Pl8toMTZthOQ4gzN5dQHeoagZIaKl1gFP7r5iFnD7s3NUWi_K-7L4mTrI-9ISEThx36guRsZ-vA6q_6WMaTjHiFDy485bDSJ4h2jdKhktraVIcUSLuO9CDLIBCuaY8KMNZphBr9hbhl8ZodaU0GhxgUWxG2DZTP66fT35Sti9wTJKq_6qlqR8149q1rdPTfDYNXnsX6vR7m5lq5QkwmUrg7rrq-_Wh43Xy4YqPw-Hb7trNDDRAR8gpnXg1YzUeezNuflmG2SnlFrV6HL48ReqojGkG64m5CNp7JpZIKmwkurJ5yZwR981v93PZo4EcVaxi_iNRX06tkZYJwX_RkPDfDuWb5SkAF-rL78Z33xQy0wN3WTBlcnD0u-tDrM_8FKKZ3Ph3sDfu5AHFS6JhnH4sV5jTXfic4xOYaPt8wfcXC4_CD4ndmdgOM-JE9KOug2qYaQItZSXHn6ta6Vd3h72aHKm6p4qnJovEP4o1W2gIwWn4vpYZWL4WBtvR8RIizJXYqH7oBEj3LGO3SBaABpAxHgSH7Bpsfi7lxdQq7cpn8FEFCNjaHwwVBa4XlKGGkN5Es5aGZIYwj7mnvVY5joAfLhu99MXq4jO2LDg8eUqXhpnGFKM7e11-ev83xh2UdloMW1QGFu4JJ8Y
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.190.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-190-7.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 87F8
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5041285962934866388

0
0

GET
H2 200 setuid
secure.adnxs.com/ Frame 87F8 43 B
854 B 179ms
174ms Image
image/gif 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-F7dmw4IG-5Jl2K2uqyhjJ88fpE-JrU0UCt9qAg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
an-x-request-uuid: 91e7e5da-5e4a-4564-ac41-eb6d070f8262
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 62.167.161.105; 62.167.161.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET cksync.php
contextual.media.net/ Frame 87F8 0
0

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 87F8 42 B
773 B 171ms
166ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-CYXdbYIG-5Jl2K2uqyhjJ88fpE_PuwJ42DW29Q&expires=30
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CmT7RzXv%2FAut9avXymY%2FmZ8qgBGVzwG1MHO6l0Wm5xGQ%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsNk0cMylxNjnhqF-vATb6wTU7cTB0_CareeZRGlUz4POYD4ixdgW2Uw2QMjXSP4Pl8toMTZthOQ4gzN5dQHeoagZIaKl1gFP7r5iFnD7s3NUWi_K-7L4mTrI-9ISEThx36guRsZ-vA6q_6WMaTjHiFDy485bDSJ4h2jdKhktraVIcUSLuO9CDLIBCuaY8KMNZphBr9hbhl8ZodaU0GhxgUWxG2DZTP66fT35Sti9wTJKq_6qlqR8149q1rdPTfDYNXnsX6vR7m5lq5QkwmUrg7rrq-_Wh43Xy4YqPw-Hb7trNDDRAR8gpnXg1YzUeezNuflmG2SnlFrV6HL48ReqojGkG64m5CNp7JpZIKmwkurJ5yZwR981v93PZo4EcVaxi_iNRX06tkZYJwX_RkPDfDuWb5SkAF-rL78Z33xQy0wN3WTBlcnD0u-tDrM_8FKKZ3Ph3sDfu5AHFS6JhnH4sV5jTXfic4xOYaPt8wfcXC4_CD4ndmdgOM-JE9KOug2qYaQItZSXHn6ta6Vd3h72aHKm6p4qnJovEP4o1W2gIwWn4vpYZWL4WBtvR8RIizJXYqH7oBEj3LGO3SBaABpAxHgSH7Bpsfi7lxdQq7cpn8FEFCNjaHwwVBa4XlKGGkN5Es5aGZIYwj7mnvVY5joAfLhu99MXq4jO2LDg8eUqXhpnGFKM7e11-ev83xh2UdloMW1QGFu4JJ8Y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET v1
match.sharethrough.com/sync/ Frame 87F8 0
0

GET /
rtb-csync.smartadserver.com/redir/ Frame 87F8 0
0

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 87F8 0
98 B 180ms
142ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-ZlaTN4IG-5Jl2K2uqyhjJ88fpE-MJWZpvk839Q
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CmT7RzXv%2FAut9avXymY%2FmZ8qgBGVzwG1MHO6l0Wm5xGQ%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsNk0cMylxNjnhqF-vATb6wTU7cTB0_CareeZRGlUz4POYD4ixdgW2Uw2QMjXSP4Pl8toMTZthOQ4gzN5dQHeoagZIaKl1gFP7r5iFnD7s3NUWi_K-7L4mTrI-9ISEThx36guRsZ-vA6q_6WMaTjHiFDy485bDSJ4h2jdKhktraVIcUSLuO9CDLIBCuaY8KMNZphBr9hbhl8ZodaU0GhxgUWxG2DZTP66fT35Sti9wTJKq_6qlqR8149q1rdPTfDYNXnsX6vR7m5lq5QkwmUrg7rrq-_Wh43Xy4YqPw-Hb7trNDDRAR8gpnXg1YzUeezNuflmG2SnlFrV6HL48ReqojGkG64m5CNp7JpZIKmwkurJ5yZwR981v93PZo4EcVaxi_iNRX06tkZYJwX_RkPDfDuWb5SkAF-rL78Z33xQy0wN3WTBlcnD0u-tDrM_8FKKZ3Ph3sDfu5AHFS6JhnH4sV5jTXfic4xOYaPt8wfcXC4_CD4ndmdgOM-JE9KOug2qYaQItZSXHn6ta6Vd3h72aHKm6p4qnJovEP4o1W2gIwWn4vpYZWL4WBtvR8RIizJXYqH7oBEj3LGO3SBaABpAxHgSH7Bpsfi7lxdQq7cpn8FEFCNjaHwwVBa4XlKGGkN5Es5aGZIYwj7mnvVY5joAfLhu99MXq4jO2LDg8eUqXhpnGFKM7e11-ev83xh2UdloMW1QGFu4JJ8Y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 52959

GET um
criteo-sync.teads.tv/ Frame 87F8 0
0

GET
H2 200 xuid
eb2.3lift.com/ Frame 87F8 37 B
140 B 545ms
273ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-TV91sYIG-5Jl2K2uqyhjJ88fpE_uTbBuQVS0hA&dongle=013b
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CmT7RzXv%2FAut9avXymY%2FmZ8qgBGVzwG1MHO6l0Wm5xGQ%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsNk0cMylxNjnhqF-vATb6wTU7cTB0_CareeZRGlUz4POYD4ixdgW2Uw2QMjXSP4Pl8toMTZthOQ4gzN5dQHeoagZIaKl1gFP7r5iFnD7s3NUWi_K-7L4mTrI-9ISEThx36guRsZ-vA6q_6WMaTjHiFDy485bDSJ4h2jdKhktraVIcUSLuO9CDLIBCuaY8KMNZphBr9hbhl8ZodaU0GhxgUWxG2DZTP66fT35Sti9wTJKq_6qlqR8149q1rdPTfDYNXnsX6vR7m5lq5QkwmUrg7rrq-_Wh43Xy4YqPw-Hb7trNDDRAR8gpnXg1YzUeezNuflmG2SnlFrV6HL48ReqojGkG64m5CNp7JpZIKmwkurJ5yZwR981v93PZo4EcVaxi_iNRX06tkZYJwX_RkPDfDuWb5SkAF-rL78Z33xQy0wN3WTBlcnD0u-tDrM_8FKKZ3Ph3sDfu5AHFS6JhnH4sV5jTXfic4xOYaPt8wfcXC4_CD4ndmdgOM-JE9KOug2qYaQItZSXHn6ta6Vd3h72aHKm6p4qnJovEP4o1W2gIwWn4vpYZWL4WBtvR8RIizJXYqH7oBEj3LGO3SBaABpAxHgSH7Bpsfi7lxdQq7cpn8FEFCNjaHwwVBa4XlKGGkN5Es5aGZIYwj7mnvVY5joAfLhu99MXq4jO2LDg8eUqXhpnGFKM7e11-ev83xh2UdloMW1QGFu4JJ8Y
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 87F8 0
321 B 169ms
165ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-yE6BGoIG-5Jl2K2uqyhjJ88fpE9BbmQMbiJRxw

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET pixel
cm.adform.net/ Frame 87F8 0
0

GET sync
visitor.omnitagjs.com/visitor/ Frame 87F8 0
0

GET
H2 200 rum
r.casalemedia.com/ Frame 87F8 43 B
327 B 144ms
135ms Image
image/gif 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-jlhlboIG-5Jl2K2uqyhjJ88fpE8FhnqOqqQqpg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CmT7RzXv%2FAut9avXymY%2FmZ8qgBGVzwG1MHO6l0Wm5xGQ%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsNk0cMylxNjnhqF-vATb6wTU7cTB0_CareeZRGlUz4POYD4ixdgW2Uw2QMjXSP4Pl8toMTZthOQ4gzN5dQHeoagZIaKl1gFP7r5iFnD7s3NUWi_K-7L4mTrI-9ISEThx36guRsZ-vA6q_6WMaTjHiFDy485bDSJ4h2jdKhktraVIcUSLuO9CDLIBCuaY8KMNZphBr9hbhl8ZodaU0GhxgUWxG2DZTP66fT35Sti9wTJKq_6qlqR8149q1rdPTfDYNXnsX6vR7m5lq5QkwmUrg7rrq-_Wh43Xy4YqPw-Hb7trNDDRAR8gpnXg1YzUeezNuflmG2SnlFrV6HL48ReqojGkG64m5CNp7JpZIKmwkurJ5yZwR981v93PZo4EcVaxi_iNRX06tkZYJwX_RkPDfDuWb5SkAF-rL78Z33xQy0wN3WTBlcnD0u-tDrM_8FKKZ3Ph3sDfu5AHFS6JhnH4sV5jTXfic4xOYaPt8wfcXC4_CD4ndmdgOM-JE9KOug2qYaQItZSXHn6ta6Vd3h72aHKm6p4qnJovEP4o1W2gIwWn4vpYZWL4WBtvR8RIizJXYqH7oBEj3LGO3SBaABpAxHgSH7Bpsfi7lxdQq7cpn8FEFCNjaHwwVBa4XlKGGkN5Es5aGZIYwj7mnvVY5joAfLhu99MXq4jO2LDg8eUqXhpnGFKM7e11-ev83xh2UdloMW1QGFu4JJ8Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ukqp0E4ld%2FUm3WwubiEO3IohFU2yuBza9oK31w8mzhM9NQrsHi2hcDE1uzELZX6QXzsaMTPq%2BNh2pG%2FAvlIW%2FGj5jYFlfT%2B4mSCMNzyvzssRa1lvAvjcJrIrLTHXfDIssLp"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 803b17a1cfc001f0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

GET

ibs:dpid=28645&dpuuid=CFYD5JYZK74ZaCN7jv9nCzpQpNZ2sat7
dpm.demdex.net/ Frame 87F8
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=CFYD5JYZK74ZaCN7jv9nCzpQpNZ2sat7

0
0

GET match
ad.360yield.com/ Frame 87F8 0
0

GET sync
matching.ivitrack.com/ Frame 87F8 0
0

GET push
exchange.mediavine.com/usersync/ Frame 87F8 0
0

GET cookie-sync
sync.outbrain.com/ Frame 87F8 0
0

GET Pug
simage2.pubmatic.com/AdServer/ Frame 87F8 0
0

GET sync
criteo-partners.tremorhub.com/ Frame 87F8 0
0

GET getusermatch.php
a.twiago.com/rtb/ Frame 87F8 0
0

GET m
ad.yieldlab.net/ Frame 87F8 0
0

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 87F8 43 B
620 B 657ms
216ms Image
image/gif 54.246.192.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-zQUT04IG-5Jl2K2uqyhjJ88fpE9ZgMWoYg6zOw&pn_id=criteo&ext=1
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CmT7RzXv%2FAut9avXymY%2FmZ8qgBGVzwG1MHO6l0Wm5xGQ%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsNk0cMylxNjnhqF-vATb6wTU7cTB0_CareeZRGlUz4POYD4ixdgW2Uw2QMjXSP4Pl8toMTZthOQ4gzN5dQHeoagZIaKl1gFP7r5iFnD7s3NUWi_K-7L4mTrI-9ISEThx36guRsZ-vA6q_6WMaTjHiFDy485bDSJ4h2jdKhktraVIcUSLuO9CDLIBCuaY8KMNZphBr9hbhl8ZodaU0GhxgUWxG2DZTP66fT35Sti9wTJKq_6qlqR8149q1rdPTfDYNXnsX6vR7m5lq5QkwmUrg7rrq-_Wh43Xy4YqPw-Hb7trNDDRAR8gpnXg1YzUeezNuflmG2SnlFrV6HL48ReqojGkG64m5CNp7JpZIKmwkurJ5yZwR981v93PZo4EcVaxi_iNRX06tkZYJwX_RkPDfDuWb5SkAF-rL78Z33xQy0wN3WTBlcnD0u-tDrM_8FKKZ3Ph3sDfu5AHFS6JhnH4sV5jTXfic4xOYaPt8wfcXC4_CD4ndmdgOM-JE9KOug2qYaQItZSXHn6ta6Vd3h72aHKm6p4qnJovEP4o1W2gIwWn4vpYZWL4WBtvR8RIizJXYqH7oBEj3LGO3SBaABpAxHgSH7Bpsfi7lxdQq7cpn8FEFCNjaHwwVBa4XlKGGkN5Es5aGZIYwj7mnvVY5joAfLhu99MXq4jO2LDg8eUqXhpnGFKM7e11-ev83xh2UdloMW1QGFu4JJ8Y
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.192.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-192-162.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET put
e1.emxdgt.com/ Frame 87F8 0
0

GET
H2 200 th
www.bing.com/ Frame F9E0 13 KB
14 KB 107ms
106ms Image
image/jpeg 2.23.209.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7971475537105_1VMY3BL4CDG7LRK5VG&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1370185463893459587&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3104&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=5823&ga_hid=1583246668&dt=1694217008743&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&bdt=3215&dtd=2&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.133 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-133.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c5adc8c2eee20d8e427d591425c3c6c41c6bca9724ade347f20f95088873c023

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.05d01702.1694217011.23ae2f9d
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 13475
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame F9E0 0
646 B 118ms
98ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&e=wqT_3QLBBOhBAgAAAwDWAAUBCLLm7qcGEJGS_rqxsK2hKBgAKjYJf4JtHoYZuD8RBfzfLHBgtz8ZAAAAIFyP8j8hBQ0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHiY8wWAAQGKAQNVU0SSAQEG9D4BmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAmpodHRwczovL3d3dy5iZzMuY28vYS9sYW4tbXUtZGFuLWppYW4tcGFuLXpodWEteWFuZy1oYW8tc2h1LWZ1LXdhbmctcWluZy16aGFuZy16dWktZS1kaW5nLWdlLXhpYS1waS1tYS5odG1sgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgD9MDEAeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYOYmszo-ZGgNMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBb7kMfoFBAgAEACQBgCYBgC4BgDBBgUwMADwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHmPMF0gcNCREoASYM2gcGCAUJnOAHAOoHAggA8AfMhg2KCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=b741838157d711f9cecc5d9f6a9010de4c8f1df6&bdref=https%3A%2F%2Fwww.bg3.co%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.bg3.co%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3216231935713038%26format%3D400x250%26w%3D400%26h%3D250%26ptt%3D12%26adk%3D90073500%26output%3Dhtml%26bc%3D7%26to%3Dampa%26pv%3D1%26wgl%3D1%26asnt%3D0-1370185463893459587%26dff%3Dsans-serif%26prev_fmts%3D1600x96%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26ifi%3D2%26pfx%3D0%26pwprc%3D1037897477%26adf%3D16789255%26nhd%3D0%26adx%3D1000%26ady%3D3104%26oid%3D2%26is_amp%3D5%26amp_v%3D2308242321000%26d_imp%3D1%26c%3D5823%26ga_hid%3D1583246668%26dt%3D1694217008743%26biw%3D1600%26bih%3D1200%26u_aw%3D1600%26u_ah%3D1200%26u_cd%3D24%26u_w%3D1600%26u_h%3D1200%26u_tz%3D120%26u_his%3D3%26vis%3D1%26scr_x%3D0%26scr_y%3D0%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html%26bdt%3D3215%26dtd%3D2%26__amp_source_origin%3Dhttps%253A%252F%252Fwww.bg3.co,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3216231935713038%26format%3D400x250%26w%3D400%26h%3D250%26ptt%3D12%26adk%3D90073500%26output%3Dhtml%26bc%3D7%26to%3Dampa%26pv%3D1%26wgl%3D1%26asnt%3D0-1370185463893459587%26dff%3Dsans-serif%26prev_fmts%3D1600x96%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26ifi%3D2%26pfx%3D0%26pwprc%3D1037897477%26adf%3D16789255%26nhd%3D0%26adx%3D1000%26ady%3D3104%26oid%3D2%26is_amp%3D5%26amp_v%3D2308242321000%26d_imp%3D1%26c%3D5823%26ga_hid%3D1583246668%26dt%3D1694217008743%26biw%3D1600%26bih%3D1200%26u_aw%3D1600%26u_ah%3D1200%26u_cd%3D24%26u_w%3D1600%26u_h%3D1200%26u_tz%3D120%26u_his%3D3%26vis%3D1%26scr_x%3D0%26scr_y%3D0%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html%26bdt%3D3215%26dtd%3D2%26__amp_source_origin%3Dhttps%253A%252F%252Fwww.bg3.co&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
an-x-request-uuid: 0e89f7ce-5c21-40a9-9df0-bcac694e80c0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 62.167.161.105; 62.167.161.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 231B 0
45 B 914ms
815ms Ping
image/gif 142.251.175.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lmb92cav&c=3540625913131&slotId=1770312956565.5&vast_v=4.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET pixel.gif
ad.vidverto.io/vidverto/test/ Frame 231B 0
0

POST
H2 204 csi
csi.gstatic.com/ Frame 231B 0
45 B 911ms
815ms Ping
image/gif 142.251.175.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lmb92co4&c=3540625913131&slotId=1770312956565.5&faa=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET pixel.gif
ad.vidverto.io/vidverto/test/ Frame 231B 0
0

GET
H2 200 pixel.gif
ad.vidverto.io/vidverto/test/ Frame 231B 42 B
174 B 83ms
82ms Image
image/gif 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET

usermatch.gif
beacon.krxd.net/ Frame 87F8
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=zf4cPY6NhEmyJDd9WFU05WMlwy_UqPpu

0
0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A198 42 B
108 B 181ms
181ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCDn3k7-7uycFkKr_H6fz3tN_uMxeHB9FHdiT3i60I97CJb3ODKyLuGgWrra-uB3wfEAjcDuGamBoImiNgdKf6wNeHSwZJTvaS8V3r1kynn9bsCSPLZHRynEr3VIRQVpksSSq0uje5obdMOFnMQCngtwcVwokD1P2O3yzU&sai=AMfl-YR7j6Mw76ZMJkCopOf6o9croKVHMDaR39zkawfnIoQgR8Ql_-FhjYxgF7wkKsC2i1frw6nHnhjDrQNmfYX-DGDbMRfkduJkrR-SbW19G9leMS7uzRw20MIwDmfv&sig=Cg0ArKJSzDJ5mpT2TLQnEAE&cid=CAQSPABpAlJWXeD1UyrOaeKkRfzQ7r-CGVQg66ffkCfkSN-GTBcCGtLUALGWWnWDpQaW2jTVQzeaopf-ZgsGixgB&id=ampim&o=236,60&d=728,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=841&tls=1842&g=100&h=100&tt=1842&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 231B 0
45 B 846ms
814ms Ping
image/gif 142.251.175.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lmb92co7&c=3540625913131&slotId=1770312956565.5&faf=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ysm_bg3.js
ad.sitemaji.com/ Frame 8904 0
0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BE23 15 KB
12 KB 221ms
219ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4be607089ab187aab4d044b33b75455e2ba97d7f850e07ddfbd178f575cec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11740
x-xss-protection: 0

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A506 1 KB
739 B 215ms
214ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 45372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 11:13:59 GMT
etag: 48472445140208031
expires: Sat, 09 Sep 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F9E0 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605114fbb1125958edf24565fb7391f51884593d3118b81d870ddad4288a4b10

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame F9E0 0
671 B 185ms
185ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&e=wqT_3QLZB-jZAwAAAwDWAAUBCLLm7qcGEJGS_rqxsK2hKBgAKjYJf4JtHoYZuD8RBfzfLHBgtz8ZAAAAIFyP8j8hBQ0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHiY8wWAAQGKAQNVU0SSAQEG8LCYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCamh0dHBzOi8vd3d3LmJnMy5jby9hL2xhbi1tdS1kYW4tamlhbi1wYW4temh1YS15YW5nLWhhby1zaHUtZnUtd2FuZy1xaW5nLXpoYW5nLXp1aS1lLWRpbmctZ2UteGlhLXBpLW1hLmh0bWyAAwCIAwGQAwCYAwmgAwGqA5cDCq0CaHQdgPBpaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD04OGY2NzE2NS02OGM4LTQwODYtOTViOC01ZGMxY2ZhYzExZWQmY21FeHBJZD1MVjMmb0FkVR1FVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDpJaALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_Q0AV9ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyOTAxMDgwNjg0NjE3NTAwOTQ1IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56Y3hOekl4TkRneE5ERXdOak1qTWpNeU9EazNNVGM0TmpJM05UQTJOUT09wAPYBMgDANgD9MDEAeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYOYmszo-ZGgNMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBb7kMfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAA0_AYtk4AYB8gYCCACABwGIBwCgBwHIB5jzBdIHDQkNJQUmDNoHBggFCZzgBwDqBwIIAPAHzIYNiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=1e83e722d06c894537e52b6033dfa32ce19aca1e&type=nv&nvt=5&jm=1003&px=50&py=0&bw=300&bh=157&sid=3818076241824398092&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=400&ph=250&ww=400&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
an-x-request-uuid: 3f8a1471-030d-4060-80df-923ea892e773
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 62.167.161.105; 62.167.161.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame F9E0 0
133 B 172ms
171ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzcM4MrP7ZLymB76D-cAP36aTuA_S4Nfgbo-ktpOTCsCNtwEQASAAYPWFgID8A4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqAMByAMCqgS5Ak_QPkmQX5ThCta5uz4uQmk-pf0jpIgrOPLH-JnlLt112dMMqFnwPZey9npcJCecMeSRFt9LDXu1msNcqqqmyUbGk3eLqetyAknlKVQKEsOG5VQiCQhcx9aoRLAX7PD-YuAaRqE0dQHe_gLjrjiaggJm2gmB1YpWLl-R8aGtWjXgXSH0qWYjPcx92DJkCwuM1zvmup5n4wjXQzmHr_xkwqyHb8uZ_RpeAHQjz9eSAOce7d2WWGNaEiI4muevB0uKoaA1RBP-EjOcko6Aq8F59ebeW2L_RkCoHGYbY4bsBU-Z92G_V11qFzbag1ilxx3S2stgFU4Ljf0dOlsc0h0ZgH3d9gKdlbO_pjF7YtVWBmkJIlVeqwz3xdPzUnnpRn1QZpxdbPVi8d0Vtr8tX5N50e90lIHu7qfhQEGABr-Q-8Cx4MqI4wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTMyMTYyMzE5MzU3MTMwMzgYAA&sigh=CFhT2vlj_Lo&uach_m=[UACH]&cid=CAQSKQBpAlJWLumaxiNPENjuCDr2EuNS8hqAyKlvu_gKar3lEG8MNg-mDY-GGAE&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1370185463893459587&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3104&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=5823&ga_hid=1583246668&dt=1694217008743&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&bdt=3215&dtd=2&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 08 Sep 2023 23:50:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame F9E0 0
647 B 171ms
170ms Image
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&e=wqT_3QLZB-jZAwAAAwDWAAUBCLLm7qcGEJGS_rqxsK2hKBgAKjYJf4JtHoYZuD8RBfzfLHBgtz8ZAAAAIFyP8j8hBQ0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHiY8wWAAQGKAQNVU0SSAQEG8LCYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCamh0dHBzOi8vd3d3LmJnMy5jby9hL2xhbi1tdS1kYW4tamlhbi1wYW4temh1YS15YW5nLWhhby1zaHUtZnUtd2FuZy1xaW5nLXpoYW5nLXp1aS1lLWRpbmctZ2UteGlhLXBpLW1hLmh0bWyAAwCIAwGQAwCYAwmgAwGqA5cDCq0CaHQdgPBpaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD04OGY2NzE2NS02OGM4LTQwODYtOTViOC01ZGMxY2ZhYzExZWQmY21FeHBJZD1MVjMmb0FkVR1FVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDpJaALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_Q0AV9ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyOTAxMDgwNjg0NjE3NTAwOTQ1IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56Y3hOekl4TkRneE5ERXdOak1qTWpNeU9EazNNVGM0TmpJM05UQTJOUT09wAPYBMgDANgD9MDEAeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYOYmszo-ZGgNMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBb7kMfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAA0_AYtk4AYB8gYCCACABwGIBwCgBwHIB5jzBdIHDQkNJQUmDNoHBggFCZzgBwDqBwIIAPAHzIYNiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=1e83e722d06c894537e52b6033dfa32ce19aca1e&pp=ZPuzMgAB0zwCHkG-AATTX9zJOllRkZ8yzd1tJA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7BEwMrP7ZLymB76D-cAP36aTuA_S4Nfgbo-ktpOTCsCNtwEQASAAYPWFgID8A4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqAMByAMCqgS8Ak_QPkmQX5ThCta5uz4uQmk-pf0jpIgrOPLH-JnlLt112dMMqFnwPZey9npcJCecMeSRFt9LDXu1msNcqqqmyUbGk3eLqetyAknlKVQKEsOG5VQiCQhcx9aoRLAX7PD-YuAaRqE0dQHe_gLjrjiaggJm2gmB1YpWLl-R8aGtWjXgXSH0qWYjPcx92DJkCwuM1zvmup5n4wjXQzmHr_xkwqyHb8uZ_RpeAHQjz9eSAOce7d2WWGNaEiI4muevB0uKoaA1RBP-EjOcko6Aq8F59ebeW2L_RkCoHGYbY4bsBU-Z92G_V11qFzbag1ilxx3S2stgFU4Ljf0dOlsc0h0ZgH3d9gKdlbO_pjF7YtVWBmkJIlVe6Q7WVxFXqBR9vAnl-MXZ2vFB-1kcmKf0_RUgVVP0vq32LiYDLdUevwaABr-Q-8Cx4MqI4wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0YFlPv3DHyJRV_63etpfVo2_r6gQ%26client%3Dca-pub-3216231935713038%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:11 GMT
an-x-request-uuid: 5ede8b67-7406-45cf-81cf-f0b51d7ce2d3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 62.167.161.105; 62.167.161.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel.gif
ad.vidverto.io/vidverto/test/ Frame 231B 42 B
174 B 168ms
167ms Image
image/gif 175.110.113.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-208.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:11 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E5C2 0
0 246ms
246ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309050101&jk=2020108888822938&bg=!eXqlejXNAAa6D61Rmg87ADQBe5WfOKMbd5PbEnj2dDhXXCLSe-OFxg5lvWutaHnq_pl0LES2qOkOpnBIVXqxnzbYr67fAgAAAH5SAAAABGgBBwoAsj4nhViKyzU-twmPeFF4h0tWOBKnoD9vg92m9sGAI2yXeKa1sexKtSvQRuKH7XBLJAO4cuOhmDtR-xyLWZIBCz9T9553YUaw5YXmc9FtBeeymJnwjubjaoftqID414kXmse89dOym8pyCgD3oaUssq0U2d7ocfSd0oQgzu1oontT33s8r7GWtrMFspkMN5kfb6QJzDp2H93Tf17bbjIoLFbxFjTNm9SxPo0EvwUMFjI4L5-ZAsg-xE2TP48J2Vx4VUJ_voM5lx6uRzl2RD8uMzCiWebmX2MpvSGHZb6nF11IzcA8x8vZir7qh8LbVhXtBeVfsQpEI-iJ6CX9Pr99gkulH76ixwd_OYJT39qmDsKhQ6cVuJyUcmR4fDbhoKq_4lZgA3p7cV3XtxLLOp8AsTly2quQN5A9bubLPGWvdI4dw8KFeJ0Xfvt48eMyYU8yMoBuPXm-vF9hYjQZ22gi6Z-bPtWE8zS1F-15030sGcvYXN_jZb9f_rmftiP0Obbsc1gWop1CJU6O88p3fXM-4UpbKRL_7bMydhHPT4TJDJOzPHZ-bypkWEBHFeVYkYwYUM4vcRdIrfX30r3emVLUApIaUlOCIngsO3Fs2Lw6Voa6SLPZP0ApeHErSSr_BAru5H-QGVDUY8k7B-SmTx7Vc_XoXcjnqe_CgpPUJdDySvIn0MTXCyTkeheiJivqx87y2zRdYEBB63OlzQZC96nW393sNQNt4jRiJh89h8GRNeH_Nhe0V1tZoyScHvWZ3RP_vkeMAwQrdw4rUeANqmGlSgZr14AJUP0uaiwGwj6FpPn9ay0-HCAt_kvUs2I4872C6EW-1EwgWizGlrgwA7x3qVhIlX524GSX-iLmwRjcXPpSEGU54FQrbHh5vXpRn7WeR6w1Z3e9K6CbQsoVDrhDwP3CEleEUWgwyjuBIRlzh3vV4Po10MCNESOFILfCCXuRrrtqiuKf4BA3OP9pqBitOecxSiWXGrTClXgmArtnTnl62X0SQbM4Sh4_V2kXIogm5SH5TpAxNLExz9ua5-gewXRkVo0YEbzvVEmZ_nAPV7PvAtNnCzxspLJ6Akpdl8Zz80wGlOLcuwfI6gdRCU2yun18YCfndhhP1IotbERTgvGEcQEx5Qc5PzrmkQ_SYdEK8SNPfn1TAbMVrSxJwkB0f2cwx3xm_XgUwJ8wYnOX
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET

cs
s.thebrighttag.com/ Frame 87F8
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=wxJN18piYpGHXC2Oyg8G-h3yyn6kcDj1

0
0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 69EE 41 KB
13 KB 160ms
159ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3NTrnijnO5MTLYRjdG9w7H1nZ_E5U-wAruSqdkYfEjpFmQGmjGImBV6pyV7hgjUXCTj2UMLNcMdbG1MeF9Z18D1ErNB-tZd5VuhNexckjfjeV5tpzHn25FxgY1Q9LB0f2dS0PaJKmyttOby_QxqSoYCObEl_1jkVhTmP5M9JlNiei4NM&cry=1&dbm_d=AKAmf-C5hsjIIOjqVAR1U-48CYe-Ebr3QPsY_pklCcvTtL9lsbkSOxOjm7m29cqhl7yqvDQJauE6wpOqSUYEUhjYPasCkrSba7h1P-MWxG3jhvPhnVqSHfovs5f3B8sS6MMJSxkbM3PE8xjPCifyZLclGke52W00EYfMvUJmXS-7rgZkFSkCLjyZIZOJMh1Oz0NMwHh8ZH_O6d73jUgcTWuSFis-OAUztNMisw3jfaylFH1uixbpUtW8snx-ydZfb1d6hqY98j-5VX5JjU76eV9JAOxVyc08GcUHVCMAGyWbF2gHnMSsHQvupwpxy6_i72YOjaBJ7PvqZDZD-0y5n5IOsJUvEaYwvKuPZqPM7gn26R8ZM6xFNf18ZWFTCwx625zSSPiD0a86UPgqk7xZPdzmRArH2zJOp-68VvBRJBEdszZdft8rZ3WDY08eK9AYiC-kJrckmH7Nv2e5JQrIsMBGEQet7QIURPeCj1cq7hB4l7ZC7QQbZujD71p_bKFYU1MK7p-j65Uv0FCZxD0nuet30xQH_RPY9ROrEg1rlNZb8gHRdiXD4-gFwkzUxivdfBmSAE9DJdXKdynUtiu9ln09WfyrkFUwUZ4MaHMEgUqIjY82Mx8kJR0s8RGfYZHmJGDJvoKTw3VAgPSiTK-hQ5m89PULHA_OWLa57STNW525sWChjIQTc9jvbEMp5T6Cl6FLPrxN4Whke34ki13DYQWvAF56UG4bzEHtTPzgRCR4JVcAccS14z2M1EtpGA1hihBU5hHnlWKWODcGy2M39vaFJArcnyDGa7KMcQ1oyc0OawmEnaQU3e9c3oNYKyqtFMhpXy-IayWE-wBNg-NqqN-x2pVvyZ48-3OEFbJPgxPebcRoZTyc-FtUilJzOmMg2TJg3fJ5S0c-Ao9Mcc9U4SEqfGN4oDsHA0mB_RI4Y0_inzV23oTvJqw8MmFalDZ5xWyeNA1eCQ6pYF-YzFc0rzqWH-FrPaiWpXXxdQiTj_Fs2Jw-DNnttGV2QYqjH9V4FW8qeTh8Jdp5sEj66NruPn7JEMXFs8mxAXtGIl6LK7f_LfLgnzCVy0lF5BDiSIT0DxhnVRaJajqvbxi8xwJro6RxpmhWeFWIx2tKIGx88LdrwYSq1HVhN4cZwAflC20S5QogDEszjuL0Pb15bCjrXdaMg9gg_dJmW1ml8vCDK6SBnAbXJ0g8o0OjPBT_iGdDNL8Q_mFjf-YMh6m0QlsG2WTyocoXraFNG2wGAg7tWHkzom1SMtJsHV5vLRsRiUgjxO43TZrZt0i5y3YGlIGFuDabKsKApwlTGTvWKCGwe2dm4JKeY_txhFkAgi0pu1EVCtDSyupSXTXglw1M4hSxC5SKkv8RH-UaaGbTXRZxKeG5u98WIqJz_PrOa-UaJT3Hif2TLQccN5LmIjhrTiQgts-H7Hlu0unf4WDW_FfCpARaLValFvkjGU7n0_8avK_iSGxB8JmjVRkoJ5LFNT-oFcDCEB9vlk2889dVv17Tdl5YXN98lBT0gmBpcUyartICin5H2h8zN4SGp6jH8fS5_XkP0KPnr3srAey-PRVoZQOjYYp_CsA01Q_kivwXjWb0E7rkQElgomxGkSeK-0KShx6pVUEVTgoz0zij56iYov1PSIez-IIZnbiRdChXAqMiSdlv-e8zlsauG9GBnMOEgOLbbrwHLczrWcshjTaA2N3tmz-lp65sBl3eV6YJORa8_UvUTK9AkOh0AbI1NRTofFA4Ec8Ke_EPI8WAkndL7_WserTDCQT05--prbRy8DnpccyS5aGJy5Elh_XSASdT-Yauyf28PZuw28ZfypOlgovmDk9PzPGrfJWSxB583YaYddA_1cOmYiDqc4WrdV_JrSZ6nBh0DCGlR8B1RJxFid2sDMvDabkzTPF2PmenVW2HXh5XQGbjip0fpY_a6YZw4CNeRUuQ8Cee0U6VhQv8PrTlZocu6VnYl_N9IBasiH9zpfh4XLuqncDI8b4zqWzFlzQojQWp_rtsKWsgH6J6Gb4dT8E5khf0LOvBagKgmgRL7Or4es5lK2w_AsH7Gzs1Pg3NrtpQS0qKJ4WM3cRt2LzehZXZ8DxtlbwM77EUxCg7Age2rZqpZKcIeVneppv52Fe4j_FfYiM75OrBiAKtmiBTX2dt4IKOU2kFQQoch535bz51m0a6-elGgdbq7qbXrDS5P91r8VUQsIOcs5YTiSZ1_Zrz2t0SZVun88nxcBUeHitAB_5HRmFzGyaoZwn5enuSKg85Ls3vq-JvSeVN1V_tykfTave0Vh-CkUOzAB0ggDrfd1oOd15uWmlrcii4scVxsn0PDybuSRB_Ydb7XULeGsg9PPRv-AbgDwEP9g-4MD5BCr1h-3sOkCtQkPXYdVSbGw49NapF4MJcVPRJjiCVjwIcYEw1hHnbBTC-cXiM4n7vPGySma9-hRiTNKB2-pobzuBDQ2uvuNyaInkRC1IWik-oYf-jYQ1mihI5bkZweqLe2IJOGqiyeNRj4MqTukAuQguAdfaHVZAzxBeUmrzxZzWHlyoyuQeK6zsGdViCSkOHWVgzFqbOeMpLGlms6dRzPJL8QnEsFkli-DwqrXLvJXbAit2-XH0JNYk7F5Lk_o99MdFmZAi-Iwe3rNlYAnRn_wY2qgT9P9n8dKYEyn_5oH6YFvqZUokd75lc6SdtVdJbYpV1ZPGVporWoRYaDlynEvKhv0OttiLtvaFUIj07b1rjwY6Twf0jOmvGtHJIkSrc2Ap6ZYZPJ8LqgF8z-w85jvVu-Yn1QtYBMYcha2dCcKqz94RNrlBP1tpxtIRkjLPZpklGz78fz30JUAObLrm85OKTEmcypz5Qr7Sq0woc1TcEOlmOPsQjVrqAW1f1a_Hhp9kXQAPuQsuApQ6ig6gCEAKdeTuMsp7olBUkQku18Ac09kfDe0dD_j6WLiypRAe6Piz6pp2U-EhFIgsiHHhhg1H2irsEUB5T84M_2T2yT2jdUi3YOgaPt-TefQK5e_7YkiSjUFdIQjHpKeqJxg4UvlcGmtWOrW15_4MN9ztjA2WrMEydTp2wq_AKWS2M4oxaWdRR14DRxqGtk68QkLOa-7HZ4yBAkDuGgnVpLEajsnkYM6O9SEwbqFPsBE1Ux0iTU_DrD9IySWXXNIkHs90x8traGkqhvnfdlxmi_EAbq28p_ug3VLxOm38YlmrR0hxSdaLe2arJ3Gax9Xcaa4Lnc7mqp760A_853S4_cAehu3rXrZwugYkEyfzYOIEojd2X9uvu3PhmX9vIaqI5D5viitj4AtMNQdVWNjtfHmyz23LV6qKV0fWUduPEH3oeMxy7MX7aVLxiUyYpDcz2f1BPvEUWGWAAqLnaQ2Qf2C6ShG51xiFwMk69NE4ypbM9JrqayrMLM9KxYzHMFzBqaMqqyV-dtWcNAwbFmwupII-Is3UP2I8KIABG84N0eetPtDXcDFSlKt1tr0wf_9d8kKWYrwee2Xeh5D1HCAk8_fQ7Vvx3Cu67fqnDxDa-tOvVudOFpm581mMUPeloBOtl87VSgxcbszzHTo7TiCyY6yqGT4ocDrtknhGUHITMErCahqLcptUgULniwkuPGcE-g0MyKv1nTdK_DMRejpBA5_8dX-Z8yx8zYfvbK_mEn3lWBgf8IYDNRqNFjyEbB8HotSpBhBOhyDAiFe11iIkgWJkkrMEl5Ej0RxjnK-wRvO6H6PTSUyL9sEMaCUqhFd9jdtQt52YvGBFZAnKzenZfTHnvVYlSh36xviTfFbdzD6mwmrHyjOWIHxBkkqR6xhP1Ej-mEgaHY0d5h3cFnF9MBQdORzkoQ9Ri527DfAALBjkmP_DZc2934CE4kxF0OUYQJhH2qwiMCfJlbjAyJ092pchtDHpOxX0RnqCKRORwR7sCqwsWMpbVBCT4t_4vWdBP_FPEXiARG6uusQ&cid=CAQSPABpAlJWRy2TLSChRQ8xC6fTAdkHzIbnMWch0QlZmojP1C5GAkJgBwQh9X-G4w7KV-caQimjmbJ1oTAn2xgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=6425010146606767000&adk=1761367587&idt=381&cac=0&dtd=35

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 07:28:06 GMT

GET
H/1.1 200
OK 8w7qrx09r0fs Show response
hal9000.redintelligence.net/zone/ Frame 69EE 12 KB
4 KB 424ms
115ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBTnNMrP7ZO_QJMuoiQbx-4zIBJHB0Jtp-_CDktwP8C4QASDSzIEaYPWFgID8A8gBCakCc799Vr70sT6oAwHIA5sEqgSGAk_QTRzyNZVKDxrYNfZX_csgtwJk0haJYAFGOTrNAO_OOLaz-iEuhIwdh-AwdFs1xvwN2U1TAeNe3cCbRMInRlsTAIzlMyK6HeRBu0FBI44suBbkSic2uBi1OCeJ5RjNdLdYxyDRWlFxddH8AjdjR3rgbBm49Y_rfISKL3yIlOwtX_HeCB053vcq5kDnnX7EpblSxJbfERaypJB1DbJmsVSW5m16Mkvqbi4U2_Su4-ii2N2Px8tyODj6fD8ZK9nxDpa4Hy77Lm28-ndWjkESIdWHNduQQ4TmXFpxeSpP7bCRjpMnsqwUH1WIQ3AucjY9yDFsBTqDGW8KDUWtb15DBMs3ecA9oozABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI77HbmJqcgQMVS1TCCh3xPQNJEAEYASAAEgJdE_D_BwE%26num%3D1%26cid%3DCAQSPABpAlJWRy2TLSChRQ8xC6fTAdkHzIbnMWch0QlZmojP1C5GAkJgBwQh9X-G4w7KV-caQimjmbJ1oTAn2xgB%26sig%3DAOD64_2m_JldNdG2NvnyAhmlSnobC24ZZQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-CZ9WmNw84CJ5iH6yOEyzqLIeujBkgKrIUrBDWd6CzxIVdpY7cIhUKT8ErGR9fZ9xgSjCA4CeM8UnzOzJacICbYMTq381jb1wmuFoLC-6AI1yugG_2pbfwDNWwsF1N_F4wMUVRi_gvhUkAHJzaxxL8pIYVW_tZ1hzRgENpTp-k1Wa6wgYk%26cry%3D1%26dbm_d%3DAKAmf-AWaX9HwDFzdGy5NM12B2rCMUnyrWJFWeLorMZqWUMtL-vms-g0OnvLYKqSpcRvtAn9uQ7INwQVGEjGzNIVrwgyp8cf3PCR4-WM4ydVdbjLUrP5Nc7IbvcFKabdux9eVPvxFTSY8sgocE6-3sf5eeGPIlgH2bBOYDsISKPPY7P9dw9hZ8hqRjy3t1hqUVA8258c7LOPehsWkcvShdlyR3Fv-pM74emthSxs_ClrotMmGldDUyRd-5z875BFl_eJWLwrFGsunvM73QJdweFRQewNkg-FpCMcAdy8e9NHrP-F0wM_zjeHKgxTsATHe75ydIw0guGxAw1H5zqBWrxb8vPObei-DSa4p9gzv14Bp_zKgH3akDa4-wy_bOsNGgzYetmJARcz4tY8agQE9SL0uaM5J9mHD9_9NbLkpnmwZAnrih-zgzawUBLkbLUbo3VMvGXMEBCOSi8lq7KJeBP6u-tO1hdiMA15OzlvEfY10uP-7mypuRBHWuyLqNt48T0vqazJKhYwr7ptPEoj1LnPnneqvdKUoJI4zRZhP1rAi-mO2Kk2hGo-6uxl5jZ29XPTT43BrBTX0Z5WWyeoKjlzz01023d-fBuiBqSpLtFvjcmNEF9XvJcUYlRfj-y12drmzNqNl2WFWV0WfDKDFzuBvidc4W4o0w%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694209810&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694217009406&bpp=575&bdt=1986&idt=1033&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3De5af56f3d36c29fc%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MbwquCYDRtz2511MTj_fk3zBUSYkQ&gpic=UID%3D00000c705b3057a1%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MYiYbbwIghzVdHHrK3Z-MEzJO6RAA&correlator=3540625913131&frm=23&ife=1&pv=1&ga_vid=643526638.1694217007&ga_sid=1694217010&ga_hid=166511746&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=907453377&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077329&oid=2&pvsid=1313713844715516&tmod=263685221&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q76n48u7ax8f&fsb=1&dtd=1045
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 251557e228cf1d1f88d57ea048954160e8d63effead6a54f40ecf2fc48793295

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 23:50:12 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4264
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 448D 0
0 291ms
290ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309050101&jk=3699389707604895&bg=!9fal9rnNAAa6D61Rmg87ADQBe5WfOLwpn6jkjHv625-ZLdPZfNgGi2WijwWliQKGx-YJlXz5koLdlhQG6nxdbnoZBwcSAgAAAJxSAAAACGgBB5kCxghRe4zqAUKq-8cYhq1pjmibmvi2rVGptA0_oTIW9bm_zo9ri3osMdzLcDJ1BxeNpqdvtn4bxjYaJOiYJzb-7uHLU3AJ3d41UqJe15tQv1E27GsEDzfgwAqG8JtuvfJMt2D3QWL1Uz76rvpWhXTSdTuSevMdjaoaLojW5kXjyIeJ9Bko3_SLri6UYdSynkiccaqXdAoVCjGaOiLliL4CTJ7ZHxwM-6o8uJUtRnGf4FoGcsLdJPrvqF9gNjWqGcnh6MwyzNTQkpZ-fCRv9C3uoRXYeW-FAZetw3M2dvns7sIGrxwVUG2noCp7DyZr2bHXRWq-UO-am-jMA9M7HnP3yWbRIpaEdbGMxvxffo4cRKT2wgXIfgTsKQiRYZelV6icSxvC3PkiUT8lNGmkjdjrl4CZ8F2s9zJTXsYlxQQlrNP9b2EiPsPafy29x8zo86LIaPIqpMxEbIXEYfMlLB5Zay4hWVvKK82L4fy60L1u6ukWPOTm1UkmEiarPJ0eWGIYtD8NHaCoFeon2yikXCy9Niimd_xX2--E1NorkGzmzoCeP5U9ZeBk63oozKomcU_CnXu2tZjwL6NZYSGY_rny8morjw6x63AoYNj3elBHlW5bLlbfpxPk5dilXxZmjghl6EGJy4flB5oVt_CoiqXNeqrsmjkXmQAenjOgnw--AjgsNftD6prDQpGgPa7901BBiZHRHIS8mC3q0Zq5_plg57iWb2tsRO63rxS3MmM_JHFTF_4_0YEAnFIHrxf06E-P23_LSgxah9hB5uCr2faL1Eqmqug8_UpT61DnuBCFYjDBUNHRpfIqEmU_NyuVoD4RLfd34n7sPbCIBl3lMHtfj190AMD1hudSPSnQE7Gmdi5Ngbc87JiUEhKgJZQ5kD7vyuhm2qMHiwLYG-umFbTNUmDi6AajVp8uNAqmKMTuo71BMdCSXS61
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BE23 17 KB
6 KB 154ms
153ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 23:50:12 GMT

GET
H2 200 bridge3.588.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D6ED 721 KB
231 KB 123ms
123ms Document
text/html 216.58.206.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 360877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236614
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 19:35:35 GMT
expires: Tue, 03 Sep 2024 19:35:35 GMT
last-modified: Mon, 04 Sep 2023 19:31:10 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 70AE 40 KB
14 KB 123ms
123ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 09 Sep 2023 00:26:08 GMT

GET 480_650.mp4
cdn.vidverto.io/secured2/sBTWk3MHLZKcJ8xJ2G2hww:1694220607/1327/video/1813/ 0
0

POST
H2 200 all
csm.eu.criteo.net/ Frame 4AEC 0
127 B 133ms
133ms Ping
text/plain 178.250.7.17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 08 Sep 2023 23:50:11 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET ping_match.gif
pm.w55c.net/ Frame A506 0
0

GET i.match
a.tribalfusion.com/ Frame A506 0
0

GET cm
gcm.ctnsnet.com/int/ Frame A506 0
0

GET tum
ums.acuityplatform.com/ Frame A506 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A506
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKo0gUng-cKyPDi1btBQF7o&google_cver=1&google_push=AXcoOmQyvILMbcJrFnMuOLlcJruCooODXPfO6OCV-tppB70xitm3pBD98fvavnpPqYqS0jfKnRvUnkWnEMIbBnDzGSl_Eju...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQyvILMbcJrFnMuOLlcJruCooODXPfO6OCV-tppB70xitm3pBD98fvavnpPqYqS0jfKnRvUnkWnEMIbBnDzGSl_EjuDbWKg6Cu4&google_hm=eS1leHNOdW5GRTJwRW...

170 B
188 B

117ms
116ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQyvILMbcJrFnMuOLlcJruCooODXPfO6OCV-tppB70xitm3pBD98fvavnpPqYqS0jfKnRvUnkWnEMIbBnDzGSl_EjuDbWKg6Cu4&google_hm=eS1leHNOdW5GRTJwRWZ4cElZMFdlZzZzWkFfQkJZWXFTUX5B

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Sep 2023 23:50:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQyvILMbcJrFnMuOLlcJruCooODXPfO6OCV-tppB70xitm3pBD98fvavnpPqYqS0jfKnRvUnkWnEMIbBnDzGSl_EjuDbWKg6Cu4&google_hm=eS1leHNOdW5GRTJwRWZ4cElZMFdlZzZzWkFfQkJZWXFTUX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A506
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA2clrENrz6T6-6wZ4CASis&google_cver=1&google_push=AXcoOmTNMQIv2U6u6TBC497hCCDs6UHhygF7V9ogijHyEGDeHIhwlMsWjljgYD7GgY2ZurTqfVx8c-S-...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODgyNTM0NzE0NzI2NzAwMzYzNw&google_push=AXcoOmTNMQIv2U6u6TBC497hCCDs6UHhygF7V9ogijHyEGDeHIhwlMsWjljgYD7GgY2ZurTqfVx8c-...

170 B
188 B

117ms
116ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODgyNTM0NzE0NzI2NzAwMzYzNw&google_push=AXcoOmTNMQIv2U6u6TBC497hCCDs6UHhygF7V9ogijHyEGDeHIhwlMsWjljgYD7GgY2ZurTqfVx8c-S-mv6uDr4yy2s2gGFL4VEo7ts

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODgyNTM0NzE0NzI2NzAwMzYzNw&google_push=AXcoOmTNMQIv2U6u6TBC497hCCDs6UHhygF7V9ogijHyEGDeHIhwlMsWjljgYD7GgY2ZurTqfVx8c-S-mv6uDr4yy2s2gGFL4VEo7ts
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET sync
sync.srv.stackadapt.com/ Frame A506 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A506 0
12 B 126ms
124ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-p0KqDuI93qGi9ZUMYY7HHy9geywgXK1IH6PFEmC3iD_TBU7bK0pIMhP8dttDuF61fTNx

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D24E 22 KB
8 KB 211ms
211ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 62625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 06:26:27 GMT
expires: Sat, 07 Sep 2024 06:26:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 38A5 13 KB
5 KB 128ms
127ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 19729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 18:21:23 GMT
expires: Sat, 07 Sep 2024 18:21:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 554F 829 B
789 B 125ms
125ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7362e3cf47887dfe43f11608baac548521fc75e93d42a756e3b32e64cb6d158f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PMGCWvGvQucMvzoKsReUVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-PMGCWvGvQucMvzoKsReUVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 23:50:12 GMT
expires: Fri, 08 Sep 2023 23:50:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS json
gum.criteo.com/sid/ Frame 0
0

GET json
gum.criteo.com/sid/ 0
0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
386 B 88ms
88ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 96dbefd4f3b751607b38ff9d0d035fc859ec83b5d21e6ac8bb721498b146ecf0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Sep 2023 23:50:12 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 08 Oct 2023 23:50:12 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 1287 3 KB
1 KB 73ms
72ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1694217008471

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

e5a987dfc5e205b2efc03a92886b6075f03248c263a036cdd56d34ccc0272bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1207
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 5BB6 24 KB
8 KB 398ms
235ms Document
text/html 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

1d7082e9253fc7753f8e457947872bbbae81919127a54d020a1427fd20cf5127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8472
content-type: text/html; charset=UTF-8
date: Fri, 08 Sep 2023 23:50:12 GMT
expires: Sun, 10 Sep 2023 23:50:12 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 04E4 6 KB
2 KB 112ms
101ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 803b17a6d8323745-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Sep 2023 23:50:12 GMT
server: cloudflare
vary: Accept-Encoding

GET sync.html
public.servenobid.com/ Frame FEDF 0
0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7433 281 B
554 B 77ms
76ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Sep 2023 23:50:12 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 204 isyn
prebid.a-mo.net/ Frame 27C6 0
0 75ms
75ms Document
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Fri, 08 Sep 2023 23:50:11 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 pd Show response
adpushup-d.openx.net/w/1.0/ Frame 9A02 504 B
639 B 103ms
85ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpushup-d.openx.net/w/1.0/pd
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: c706a327fe9022a99ed986f80194fd96545811db6d6d79f3ba35b9311f46c1c8

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 324
content-type: text/html
date: Fri, 08 Sep 2023 23:50:12 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 2313 37 B
139 B 71ms
71ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 08 Sep 2023 23:50:12 GMT

GET ixmatch.html
js-sec.indexww.com/um/ Frame 7373 0
0

GET async_usersync.html
acdn.adnxs.com/dmp/ Frame 7BC0 0
0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D6ED 156 B
186 B 340ms
340ms XHR
text/xml 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1679378967260518&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3976201203&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FsBTWk3MHLZKcJ8xJ2G2hww%3A1694220607%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=62ED4751-6EFF-4F79-9C6E-21838700FE27&a3p=EhkKCnB1YmNpZC5vcmcYh-rPuacxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGITdz7mnMUgAUgIIZBIZCgp1aWRhcGkuY29tGITdz7mnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZVVZSVm5NeGFTdFNNbTExU205V01UbEZaMjFCZHowOUluMD0Ywu3PuacxSAASGwoMaWQ1LXN5bmMuY29tGPDuz7mnMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781752%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735%2C44797965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&dt=1694217012310&cookie=ID%3De5af56f3d36c29fc-22317c486bde0077%3AT%3D1694217006%3ART%3D1694217011%3AS%3DALNI_MbIZuqUCANB03WA8uXodwokjtrpxA&gpic=UID%3D00000c705b3057a1%3AT%3D1694217006%3ART%3D1694217006%3AS%3DALNI_MYiYbbwIghzVdHHrK3Z-MEzJO6RAA&scor=2262674399682897&ged=ve4_td6_tt1_pd6_la6000_er1216.240.1217.960_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:12 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET request.php
hal900029.redintelligence.net/ Frame 69EE 0
0

GET
H2 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame D24E 37 KB
14 KB 75ms
74ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 06:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Sep 2024 06:41:27 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 554F 0
0 177ms
177ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=3074765075984818&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame 38A5 37 KB
14 KB 143ms
142ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 06:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Sep 2024 06:41:27 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1287
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABinc0BJP46Kx25LxPgmR14N5_lZ_whsPMKw

170 B
188 B

241ms
241ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABinc0BJP46Kx25LxPgmR14N5_lZ_whsPMKw

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694217008471

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABinc0BJP46Kx25LxPgmR14N5_lZ_whsPMKw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 1287 43 B
443 B 163ms
161ms Image
image/gif 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694217008471
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master cdg cdg-pixel-x15 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 23:50:12 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x15 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Fri, 08 Sep 2023 23:50:11 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 1287
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=9072932ffdbdc751a6aca8aee44e426a&gdpr_consent=&gdpr=1

0
291 B

180ms
180ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=9072932ffdbdc751a6aca8aee44e426a&gdpr_consent=&gdpr=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694217008471

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Fri, 08 Sep 2023 23:50:12 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=9072932ffdbdc751a6aca8aee44e426a&gdpr_consent=&gdpr=1
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1694217012298046-526
Expires: Fri, 08 Sep 2023 23:50:12 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 1287 42 B
773 B 166ms
165ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=L4eG8jA3o53rlOlQ6FoltV0JD8sZlNQ2nLX5t8KiuGA
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694217008471
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame 1287 0
75 B 166ms
165ms Image
text/plain 185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694217008471
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:12 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 1287 0
0 163ms
161ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694217008471
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

/
onetag-sys.com/match/ Frame 1287
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIQfSgf94dhyLdfM4Csgeiw&google_cver=1

0
291 B

181ms
181ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIQfSgf94dhyLdfM4Csgeiw&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694217008471

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIQfSgf94dhyLdfM4Csgeiw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame 1287 0
38 B 140ms
138ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694217008471

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:12 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1287 70 B
264 B 165ms
163ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694217008471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7433 35 KB
10 KB 152ms
151ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5808454badb7af9321ed7e4c1ff21edbdd449266c49c8c003f7bc06106fbc404

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 23:50:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Sep 2023 13:30:29 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=49170
Connection: keep-alive
Content-Length: 10211
Expires: Sat, 09 Sep 2023 13:29:42 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4C98 1 KB
684 B 143ms
142ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 45373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 11:13:59 GMT
etag: 48472445140208031
expires: Sat, 09 Sep 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 69EE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a38983cf3ac287e2944eaa014fa797ebbeb661cdb549498ab21de030a4b597e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET current
openx2-match.dotomi.com/match/bounce/ Frame 9A02 0
0

GET
H3

200

dds
rtb.openx.net/sync/ Frame 9A02
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ZL6g1li_wbAShAEqQ3YvRA==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
58 B

195ms
195ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2f2f4cae-6195-ead7-c527-5b686f38d8b7
pr-bh.ybp.yahoo.com/sync/openx/ Frame 9A02 43 B
601 B 255ms
253ms Image
image/gif 52.208.254.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/2f2f4cae-6195-ead7-c527-5b686f38d8b7?gdpr=0

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.254.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET

sync
pool.admedo.com/ Frame 9A02
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=dfcec428-e02e-4a58-b9ad-93530969c20a

0
0

GET cm-notify
creativecdn.com/ Frame 9A02 0
0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 9A02
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=pTQR5fEzRLW-NRKzpmRasKJiErC-ZRXh92Ok2m1U

43 B
106 B

137ms
136ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=pTQR5fEzRLW-NRKzpmRasKJiErC-ZRXh92Ok2m1U
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=pTQR5fEzRLW-NRKzpmRasKJiErC-ZRXh92Ok2m1U
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 04E4 48 KB
12 KB 133ms
118ms Script
application/javascript 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 644199
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 803b17a818c63745-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET gp_match
um.simpli.fi/ Frame 4C98 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4C98
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQVP_...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Cifv24IG-5Jl2K2uqyhjJ88fpE9GnRfi5LenIQ&google_push=AXcoOmQVP_7UYK31vtRAX6R9MtEs3bm7dOQLbvlDdbTZiYQd_zvmYMgfhgnoHeP6nfpmRX-n6Ga7iahRRSAh...

170 B
188 B

87ms
86ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Cifv24IG-5Jl2K2uqyhjJ88fpE9GnRfi5LenIQ&google_push=AXcoOmQVP_7UYK31vtRAX6R9MtEs3bm7dOQLbvlDdbTZiYQd_zvmYMgfhgnoHeP6nfpmRX-n6Ga7iahRRSAhn50MvbUiAAUsHIk

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Cifv24IG-5Jl2K2uqyhjJ88fpE9GnRfi5LenIQ&google_push=AXcoOmQVP_7UYK31vtRAX6R9MtEs3bm7dOQLbvlDdbTZiYQd_zvmYMgfhgnoHeP6nfpmRX-n6Ga7iahRRSAhn50MvbUiAAUsHIk
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 731610
content-length: 0
expires: Fri, 08 Sep 2023 00:00:00 GMT

GET sync
sync.srv.stackadapt.com/ Frame 4C98 0
0

GET exptsync
ads.yieldmo.com/ Frame 4C98 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4C98
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELFUMscddaCv-gmAnJtGQVk&google_cver=1&google_push=AXcoOmTSHj4xVG-G-TF9YOfxXfJuyd_7nHr_bfYcf7nRFYyf2G43AzErgnSyR7lR0XHLyNfmmJ8AO4zuDFW6ZdVBItxa8CrFdgc
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTSHj4xVG-G-TF9YOfxXfJuyd_7nHr_bfYcf7nRFYyf2G43AzErgnSyR7lR0XHLyNfmmJ8AO4zuDFW6ZdVBItxa8CrFdgc...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDYzNjE3ODMzNDAyNTMxNzI2MDgzMA%3D%3D&google_push=AXcoOmTSHj4xVG-G-TF9YOfxXfJuyd_7nHr_bfYcf7nRFYyf2G43AzEr...

170 B
188 B

114ms
114ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDYzNjE3ODMzNDAyNTMxNzI2MDgzMA%3D%3D&google_push=AXcoOmTSHj4xVG-G-TF9YOfxXfJuyd_7nHr_bfYcf7nRFYyf2G43AzErgnSyR7lR0XHLyNfmmJ8AO4zuDFW6ZdVBItxa8CrFdgc

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDYzNjE3ODMzNDAyNTMxNzI2MDgzMA%3D%3D&google_push=AXcoOmTSHj4xVG-G-TF9YOfxXfJuyd_7nHr_bfYcf7nRFYyf2G43AzErgnSyR7lR0XHLyNfmmJ8AO4zuDFW6ZdVBItxa8CrFdgc
date: Fri, 08 Sep 2023 23:50:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET pub
cs.chocolateplatform.com/ Frame 4C98 0
0

GET google
sync-dmp.aura-dsp.com/match/ Frame 4C98 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4C98 0
12 B 141ms
140ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JniXtkRmKiX5m5v2_8jGdquHWQnq9cj_klRyst68o6HvXVpKe6pQ3J558GFGLHrNQMOUQBLA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7F25 15 KB
11 KB 175ms
174ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d691b517be9ca4967bd056cac4bbf1c454a28d0fab7129ca571bba2f34c6f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11595
x-xss-protection: 0

GET
H2 204 /
onetag-sys.com/usync/ 0
287 B 133ms
132ms Image
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 38A5 0
38 B 92ms
92ms Image
text/plain 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GMorgg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D24E 0
59 B 163ms
162ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAGV_M7P7ZKXdK96u3gPUqaiICAAAAAA4AeAEAg&bg=!YmGlYS7NAAa6D61Rmg87ADQBe5WfOKB_gzIzB3giBwcNoUWRVb8eaMZM6q55GzZcLRItnW_x9aOjMs5QHh4B8EquVoXqAgAAAKRSAAAABWgBB5kC7CNj88-Cmxt2obznpwrCgx9o53zaYXWwv0RLqZioRb0J8l6kOKZoGc_tR_i76iLk03vr0mnNhRbJ76YnnmPYIgWwv7dTfKNwsDzQEtAX6utD89gJz4Z3eMl36B9ykehfn-GPfAysZaSF7dYerRnMKO7wObrkMxIQlmgi9Q90HOWJo2ZwgP6wS0rOohBi7zOj3yrtDHW5tqWxtv5swXnCYlExCd8ymm5lTEbsb_utmBhMmZByP0ftTchkjW-VxvVmxR-AVA-_MrQMRfM5TYrrrIMkh3rxp0EsQ0mYVEuGDuS9b4OTVjc2ijBca4yrmjFru1ehz17EfFQoKjCr9h6vnLmmi8lDU43hD9z1SXIAhPfr2aPdVoGUuD50vY-_V8X0AZG3P4U8KSNCY96cuhjjfEv1-Sne-OJ9yRZcA3JUrSFa49jpxZnHgr-Ub0ITByt5oPTb8_c_NEusz0mhbiy5qoHZoCacQgx4KzUtIWBoyhIBNvUouSwCog20zTDdC39G3_SQrtR_43FnETSeCiOdE4WprHObMMlllgWfh18Jy_5jg4TUh7ZSuUHxqZE5adiOL8EV9dFNA9K_-IeasiE_fdVOd4ZXQ_-O5RAiV_DYwp9ocT6uKeBSOzcyyGVSkfkoC7ApN_s4mdKPLhE_X0SaezrIYmvG9uHbuYYQks9FjeREjecQnd8NBRUccAD9TZ0udSnh3RJrojRCBb-GWovgPuxC4WTIR2EzYIT3pcuiXJflkv1Nza5hBRYBmLqOByqIfUS0t1X-wJSaCHyO32vWtJlvM3O5i4SVjMp_bfzJ3b22NiKpDElSTi98JoFLJnhx6KjFObDCiRQvp_CQIu1GLd8PLoXYiIn_CcPAjA0L5bgmvrfsrUSEJjC4Q_MXuHfSMUIHGvq2jNwMOCAJi5oO6o1ZVIOZ4YybuQ82Afmldul1L6YLFRoJhIRixdLgkjIFMKmNONYDH3S63olT4fmF15XgbNBcT2FzGn7VlqE

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 9530 0
322 B 131ms
131ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 803b17a9394d3745-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Sep 2023 23:50:12 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame F53C 3 KB
1 KB 128ms
126ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

17e1fd1bb4694adb28cd533c9373acac0dfd4c1c338cb2eb174d47cc50a09848

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1062
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

POST
H2 204 csi
csi.gstatic.com/ Frame D6ED 0
54 B 609ms
608ms Ping
image/gif 142.251.175.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmb92d50&c=3540625913131&slotId=1770312956565.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 415 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 414 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET pixel
ap.lijit.com/ Frame E003 0
0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7F25 17 KB
6 KB 207ms
206ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 23:50:12 GMT

GET /
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame DC60 0
0

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/sBTWk3MHLZKcJ8xJ2G2hww:1694220607/1327/video/1813/ 3 MB
0 349ms
106ms Media
video/mp4 212.8.250.43
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/sBTWk3MHLZKcJ8xJ2G2hww:1694220607/1327/video/1813/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.43 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=262144-

Response headers

Date: Fri, 08 Sep 2023 23:50:13 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd37-1069ee0"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 262144-17211103/17211104
Connection: keep-alive
Content-Length: 16948960

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame F53C 43 B
443 B 165ms
163ms Image
image/gif 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master cdg cdg-pixel-x25 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 23:50:12 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x25 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Fri, 08 Sep 2023 23:50:11 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F53C 70 B
264 B 165ms
164ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 08 Sep 2023 23:50:12 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame F53C 42 B
773 B 149ms
148ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=c2MX1V_9yILYIrWQQpnBUyeZ6HyIqdo9uOUWRzqVGXw
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 400 711916.gif
id.rlcdn.com/ Frame F53C 0
0 155ms
154ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 c2MX1V_9yILYIrWQQpnBUyeZ6HyIqdo9uOUWRzqVGXw&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame F53C 0
414 B 166ms
165ms Image
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.smilewanted.com/set_partner_userid_get/onetag/c2MX1V_9yILYIrWQQpnBUyeZ6HyIqdo9uOUWRzqVGXw&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 803b17aa9a4e3745-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET rmpssp
sync.1rx.io/usersync2/ Frame 41CD 0
0

GET match
ads.betweendigital.com/ Frame 1485 0
0

GET smwt256.gif
us.ck-ie.com/ Frame 0AE7 0
0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3D56 13 KB
5 KB 109ms
108ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 19730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 18:21:23 GMT
expires: Sat, 07 Sep 2024 18:21:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B43F 829 B
786 B 93ms
92ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3b6f3383cd24ccb819be3ae86f6737c1b56f8c8182096d475bd60b5aabf8e8d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--eDF2Yo6ldar6kHlTUFpEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 535
content-security-policy: script-src 'report-sample' 'nonce--eDF2Yo6ldar6kHlTUFpEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 23:50:13 GMT
expires: Fri, 08 Sep 2023 23:50:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET cookie
cm.adform.net/ Frame E6BE 0
0

GET
H2

200

eaa7714cd18539877e165c45dc9fee Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 60CA
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/eaa7714cd18539877e165c45dc9fee?gdpr_consent=&gdpr=0

0
478 B

153ms
153ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/eaa7714cd18539877e165c45dc9fee?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 803b17ac5b4e3745-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Sep 2023 23:50:13 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Fri, 08 Sep 2023 23:50:13 GMT
Expires: Fri, 08 Sep 2023 23:50:13 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/eaa7714cd18539877e165c45dc9fee?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1694217012866073-532

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 9C0F 0
0 558ms
281ms Document
text/plain 3.71.140.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.71.140.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-140-162.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

date: Fri, 08 Sep 2023 23:50:13 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B43F 0
0 168ms
167ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=1313713844715516&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D56 37 KB
14 KB 155ms
155ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 06:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Sep 2024 06:41:27 GMT

GET smw888.gif
us.ck-ie.com/ Frame FD69 0
0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BE23 0
0 171ms
170ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=3074765075984818&bg=!hIelh8jNAAa6D61Rmg87ADQBe5WfOG3-sC1NCoru9yl8YsCxt8HRFx8dw0fLvmy8aPl1jwfY-UefTqyHQZViHjRVifceAgAAAI5SAAAACGgBB5kCyK5cLrRC4L3OLOHwhOxeAQNof705Mz2HwAYj8DTSVi5D6dNyT12shVNY5qjirCxu6SQfiUtWLiuCk4v0n_9XG5P4fTqqw1EoNL8lv4Avr4NTtWmDaLZtQH-ukkM2MVQHOZ4FW3Ipy74kM72FcfwAalRsRSsgqsqfq2dy7ATeCtmXSWr0ldBgwDUAqrlk_bEGwFOYpOSUWmeHejmYT3DDV8ppSlpgxavcOoEs9nmDg2xl2dltFRS1YePnpkds0egSAy69fBr-_a__0xTTNNuDNnHvyKvHPu_CJjk3Rbb64TuDHu-qwEH5KhORUCwdvB47iuPomFOGA--NN_ZPffl_kiWiczjycmWaMU74ElBEfMOysyAQ7QqSEhOZevN7Idzgf5dt_--LpmpRXoa7oQZHMZZUYPDgr9Grj_i8TqQ02OnOxApWGxOuDW--MNAZZwKP-Hcg0Ddxq02oSwHpQm6BJ7Wy4f7DKEZKjrVMYtK-7Rn7KuukqacF7fM5pAS1tDIIcShgjLhAMVBazztmKTwhKGpa0tVGLBThD8KNxrZKNdDu0zSZJMluqwgMQM9upmIAXREnxaHuRWZA84Ki57KfuUfFwcbOznPIOSrDIAX8p4lMqAiGFVnelBPTeoxMBMRiNszT4bnvml_cDoeMAGgqWS6aJuR0-X-DBqLKo69y9JWkjPq5AlUk9qo2SN4ZFd-OqeTzN5LlV1RWLNHELjXv999wjz29lVENbivc-qDxIZJg6qiKdQeiefW6xlIu_-BaQn2rGri1-IMDHWFyci6AMivwn2DXv-ZBQIDxaQHdKf2TjSoDD5b3IqeXi-vtH-ZmV4v79HM7zh7FnSP3vT2b3dr1xKV1Tl3brNWPKj78tc5coVEsdt1OUfOCmDEXHpH7YVdwt-HwxcUInpL22lpei6X4FADJCU8DPHBZkVFBTbuUfjWORb_q94Q
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame D6ED 0
54 B 829ms
828ms Ping
image/gif 142.251.175.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmb92dgw&c=3540625913131&slotId=1770312956565.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781752%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735%2C44797965
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 69EE 42 B
108 B 470ms
470ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxxICqI4PYx0snce9BVFUDrsY9n2qWxOxZuruNlE5xk7_t9ARalU5qLO3IgbJABTXaw5LLqoJDLc3KEaZISbZIC6mlOjZtNaqW8OD3XaM2KNHIY3qxm8d0vDH4gKSN&sai=AMfl-YQx2StYGJ2Nxg_q9ie69KT6PO_N8tGVTH8W3fnhSLDy-PvYhOAypl1J_f63GdDvn9ztLTdykTj_4k6ZTlBaB98fKeeYSdqbBJeqga04XpQWJtLZLo_Oy1e1H5VO&sig=Cg0ArKJSzNC-ZPB5enJnEAE&cid=CAQSPABpAlJWRy2TLSChRQ8xC6fTAdkHzIbnMWch0QlZmojP1C5GAkJgBwQh9X-G4w7KV-caQimjmbJ1oTAn2xgB&id=lidar2&mcvt=1012&p=0,0,280,336&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1587687671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694217010454&rpt=1925&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 3D56 0
38 B 309ms
309ms Image
text/plain 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-Cm6eQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/lan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 69EE 0
59 B 443ms
442ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7241418993091&version=m202307240101&ct=77&x=1&cor=6425010146606767000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 375ms
375ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

cafe /

Resource Hash

fe36bda8919b760a4e27fcbfc36227db371f4892e1ef6f81e7ac1e619b7403e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11758
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 375ms
374ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5823&cid=amp-m-dZYfwRDp0kRAEJCjofpQ&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&dr=&dt=%E8%97%8D%E7%89%A1%E4%B8%B9%E3%80%8C%E9%8D%B5%E7%9B%A4%E6%8A%93%E7%99%A2%E3%80%8D%E5%A5%BD%E8%88%92%E6%9C%8D%EF%BC%81%E3%80%80%E5%BF%98%E6%83%85%E5%BC%B5%E5%98%B4%E3%80%8C%E5%93%A6%EF%BD%9E%E3%80%8D%E5%AE%9A%E6%A0%BC%E5%9A%87%E5%A3%9E%E5%AA%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1694217009&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=10166&epn.domain_lookup_time=12&epn.tcp_connect_time=1001&epn.redirect_time=0&epn.server_response_time=1063&epn.page_download_time=1&epn.content_download_time=2105&epn.dom_interactive_time=2105
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
119 B 305ms
305ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E8%97%8D%E7%89%A1%E4%B8%B9%E3%80%8C%E9%8D%B5%E7%9B%A4%E6%8A%93%E7%99%A2%E3%80%8D%E5%A5%BD%E8%88%92%E6%9C%8D%EF%BC%81%E3%80%80%E5%BF%98%E6%83%85%E5%BC%B5%E5%98%B4%E3%80%8C%E5%93%A6%EF%BD%9E%E3%80%8D%E5%AE%9A%E6%A0%BC%E5%9A%87%E5%A3%9E%E5%AA%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-m-dZYfwRDp0kRAEJCjofpQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-mu-dan-jian-pan-zhua-yang-hao-shu-fu-wang-qing-zhang-zui-e-ding-ge-xia-pi-ma.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=10166&dns=12&tcp=1001&rrt=0&srt=1063&pdt=1&clt=2105&dit=2105&a=5823&z=0.977757688198873&gtm=45De1110&t=timing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 17:13:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23783
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame ED6E 15 KB
6 KB 355ms
355ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 23:50:13 GMT
server: Kestrel
server-processing-duration-in-ticks: 719583
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
794 B 415ms
374ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694217013784&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1548&pt=-1831690918&tz=120&viewable=true&ddast=V8Y2cCLAaYrDvL3zW62BEwWXeWv2t0sSsAAABgYID-AAm5hqPVyDJZiywui1s08ZjcEo9v4dbYHIvlbLBxbDYWIyAh13C0Glkma5HFZXGLJh6TW-LxLdwam2OxnA02js3GYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZqaDodPte9Xvf73SU-z1zj9yv8YofdrXa9RQ67W-p02N2Ch90tPboebuXD7nMLHX635uh6y1xv3cPucyuedp9benTYfW7p6-lWuUVOu8-tc7mFT4db8HSrHXah6W22AwAAAIAH_____xAAAAAAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAz_____GgCeOTC402VyWX5-z89l9wcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hkyPEfi3X67JECl4LcIIAAAAgM9paNqRSTpBxaLK__9_vxWAKwAAAYp3M-zBWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9SjF54G6N-VQs0vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAamZbbFczRwbj2VkGk48DsfCs7BNPA7bZjPyrBbbo7Wg6hyZTe7WZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCCYWi5Vtt9y4ZQ7ncC1aLDdrhW22WAsWm9FyZpo4FivbWvT6mC4212a4cHmRYADcXiRPi3QimRhnG9vM5HINF6ONbzAyzCy74cQ0shgGI4_JNBFLNCeLdCK77Fsz22K5mjk2HsvINJx4HI6FZ2GbeBy2zWbkWS32jcViZdstN26ZwzlcixbLzVphmy3WgsVmtJyZJo7FyrYWvT6mi821GS5c_sZsOZosdoPBbN-YLUeTxW4wmO07dIbv6nM2KssqycclNqu_td3NaVC4DBbvS306DwvGgvnkOTpVQuW0szP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9hhd6tdb5HD7pY6HXa34GF3S4-uh1v5sPvcQoffrTm63jLXW_ew-9yKp93nlh4ddp9b-nq6VW6R0-5z61xu4dPhFjzdaoddaHqbLWKJ4HSRTkQv4-mi_iMHm8wVs91cMVvMFYPVKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_DwAAAAAAAACAX0EMNrPd_gGoEGu1Wt1urNVqBTSQ0XAxXE3g____Pw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vG!nonrv_vA!ufm_vG!ufrlt_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 3c569065c32a76fdabd354e28723483ab221a9db68fc807aa2970249b9920e8a

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:13 GMT
content-encoding: gzip
server: nginx
machineid: 1467
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 visible Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
253 B 391ms
390ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=12004&tvi50=10367&route=IL%3AIL%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 61
date: Fri, 08 Sep 2023 23:50:14 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 59050
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230029-FRA
pragma: no-cache
server: nginx
x-timer: S1694217014.091623,VS0,VE61
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7F25 0
0 351ms
350ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=1313713844715516&bg=!ubqluvXNAAa6D61Rmg87ADQBe5WfOO_nQhwwNNWGsmhLrTJ6bUhJV9CcrZE_9EHUyet6WXJcieAbppnGDDisLq4JkGoaAgAAALZSAAAABWgBB5kCwwr6pcPq0-SL-zHmBBzVEdpn1vDeGWF3scZcsLMJ3kcAA8L6S1nZI_EbNK3esQDznaC8foTul9p9-2CROwuFeWXPvahYzjPIhqsJvupYtrdbDNpgXQM-kHNUkmQjcCLX29_sFOLm90C8Ov7WGqhpUYwQUQixAElQ774TtqonG2T2GLALp2WU3QGJ1PQenqkfXAobfwrKsziEYpOOsCOYVeUto24Vf-Nv5UeQuWRwDRAHYTRbuGGKSIBXux9qtcCoyFMnGdzDhmlezseNDTg-Si96BLHnGHGnbykO_BrkFkjhHFVcAHW8qXGhi93l3HujnVkoDawuhIqAuTP0DjRf6R_fojJOVbY3KCMwbfXbLGwkqyIJLlv-UOzy6d7Dr1tvYEfUgmymNW82vMffQN_fFAdhlMJSBcAj1CVtKpIQ8XtNxXLVVLcL77spIFd5043L-b1GQZj_ovVxOZWnX2Xz0pZbLvWvDm18709B8qV6ZJ5Yqd1N6bwHamHNrdSPPeBUCzbKpAVyQ4PidmI4pKQWs0MoNC7HNyjySng0_b-qB3jZBAl4U9xEHxcfhmdnDl7oE4SwTxOapTLvroFbfW3TrybU2mD4zkqystXyT3UE5cTQohaifxKNB1krwvPdBGxd-tlfA7eXubs_ZnSt88sxxjmmoL3OuKFXNzLcq_SQ82iDL6EAGlXGuXS09Xyu1yp-HBooyjj54nkBIS2MILUGXr4-KgAsjPv1FvMBbY5-IBJwsuWeJe7IUPI2tua-IyG_0BZ0GbWF9tiTm-TjZ24jTsXg06GvkYCl7rmUndoraK6DfGvdDgfvPIKn17a-ngVcbalfF0fA9p2CmTaBfXZIdpywRAdBo2QT9tk-Iw247WtN8VHPef8eEghfgl9aKhAmCV7QOcBqaubB-OQ21nr6xik7QtFBRTA1953-MQ15HgkxoXUf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame ED6E 431 B
570 B 630ms
629ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=3&topUrl=www.bg3.co&bundle=04mstl9aYTBBTjRrNnlLOU1YU3dPZTZXWFJ0eGNYdUxhJTJGV0pRbHE5akVHUVY0dDFIRTg3OXlYaFNxMVlEdEVqOWlGVXVBcXNrSnZnckZYdmNmZ0swZ0xkT3RwY0p1YzZlbEJzZE12emNWV0NrbThYdWFBakpDWmxmMlBaMmZoQmc5MDhldnVadzhsUXRWNzhIS081YmUlMkZDJTJCWHclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4a528aa7d43aa82e25a6e6cff80da49e5123595d255137de688e92de97f9c4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 23:50:13 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 801051
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 361ms
361ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 23:50:14 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8C58 13 KB
5 KB 416ms
414ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 19731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 18:21:23 GMT
expires: Sat, 07 Sep 2024 18:21:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E875 829 B
785 B 309ms
308ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d9bbc60e109763d614e8cdbd98fba8a62419f0154cd6fc1915d97cf6e86ec3be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d9YE54bdbaWGn9qHkKrqUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-d9YE54bdbaWGn9qHkKrqUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 23:50:14 GMT
expires: Fri, 08 Sep 2023 23:50:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E875 0
0 252ms
252ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309050101&jk=2988591314597230&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C58 37 KB
14 KB 202ms
202ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS