www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-gu...
Submission: On August 15 via manual (August 15th 2023, 12:31:36 am UTC) from US — Scanned from AT

Summary HTTP 286 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 63 IPs in 10 countries across 43 domains to perform 286 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 982406.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.231.174.251 103.231.174.251	9744 (XLC-AS-AP...) (XLC-AS-AP XLC GLOBAL)
11	142.250.185.161 142.250.185.161	15169 (GOOGLE) (GOOGLE)
1 5	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
8	104.26.4.103 104.26.4.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.19.198.155 2.19.198.155	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2.19.198.153 2.19.198.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
37	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	52.68.201.121 52.68.201.121	16509 (AMAZON-02) (AMAZON-02)
1	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
40	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
5	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
2	91.228.74.168 91.228.74.168	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
1	18.66.97.31 18.66.97.31	16509 (AMAZON-02) (AMAZON-02)
16	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	172.64.203.13 172.64.203.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	216.58.212.170 216.58.212.170	15169 (GOOGLE) (GOOGLE)
2	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
2	23.36.163.114 23.36.163.114	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.7.20 108.138.7.20	16509 (AMAZON-02) (AMAZON-02)
4	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	173.194.76.155 173.194.76.155	15169 (GOOGLE) (GOOGLE)
2	216.239.36.178 216.239.36.178	15169 (GOOGLE) (GOOGLE)
5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	34.120.96.193 34.120.96.193	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 6	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 3	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
8	23.35.229.251 23.35.229.251	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	54.73.141.177 54.73.141.177	16509 (AMAZON-02) (AMAZON-02)
2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	3.233.156.145 3.233.156.145	14618 (AMAZON-AES) (AMAZON-AES)
2	52.199.26.11 52.199.26.11	16509 (AMAZON-02) (AMAZON-02)
5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3	142.250.185.193 142.250.185.193	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	18.66.122.20 18.66.122.20	16509 (AMAZON-02) (AMAZON-02)
19	142.250.186.65 142.250.186.65	15169 (GOOGLE) (GOOGLE)
6	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 7	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
4	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1	89.207.16.201 89.207.16.201	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	3.122.199.127 3.122.199.127	16509 (AMAZON-02) (AMAZON-02)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	13.32.27.67 13.32.27.67	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	23.48.23.26 23.48.23.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
6	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	87.248.119.251 87.248.119.251	34010 (YAHOO-IRD) (YAHOO-IRD)
1	87.248.100.137 87.248.100.137	34010 (YAHOO-IRD) (YAHOO-IRD)
1	188.125.72.139 188.125.72.139	34010 (YAHOO-IRD) (YAHOO-IRD)
286	63

1 103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.161 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.210.196.208 (Ashburn, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.26.4.103 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.198.155 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-198-155.deploy.static.akamaitechnologies.com

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.19.198.153 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-198-153.deploy.static.akamaitechnologies.com

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.68.201.121 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-201-121.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.174 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.168 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

d-42705650723265878878.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-31.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.203.13 (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.96.203.13 (Manassas, United States) 2 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.168 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.163.114 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-114.deploy.static.akamaitechnologies.com

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-20.fra56.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.194 (Grosse Pointe, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.56.202.187 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.73.141.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-141-177.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.233.156.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-156-145.compute-1.amazonaws.com

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.199.26.11 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-26-11.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.193 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net

1d2a6d111db70ad87e64951e08d603e1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2f8bbd530520db17a8e6f48de5337783.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6ace8bddb280d43c21b861d74a4f308.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-20.fra60.r.cloudfront.net

adx.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.65 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f196.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.66 (Grosse Pointe, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.21 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.207.16.201 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-nessy-float1.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.199.127 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-199-127.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-67.fra56.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-26.deploy.static.akamaitechnologies.com

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.119.251 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: e1-bmr.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.125.72.139 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-brb71.prod.media.vip.ir2.yahoo.com

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 1d2a6d111db70ad87e64951e08d603e1.safeframe.googlesyndication.com 2f8bbd530520db17a8e6f48de5337783.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 151 c6ace8bddb280d43c21b861d74a4f308.safeframe.googlesyndication.com	653 KB
61	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 930 trc.taboola.com — Cisco Umbrella Rank: 622 vidstat.taboola.com — Cisco Umbrella Rank: 2679 il-trc-events.taboola.com — Cisco Umbrella Rank: 19397 images.taboola.com — Cisco Umbrella Rank: 1763 imprammp.taboola.com — Cisco Umbrella Rank: 13773 am-match.taboola.com — Cisco Umbrella Rank: 13812 wf.taboola.com — Cisco Umbrella Rank: 2751 am-vid-events.taboola.com — Cisco Umbrella Rank: 12979 vidstatb.taboola.com — Cisco Umbrella Rank: 4843 pips.taboola.com — Cisco Umbrella Rank: 1603 cds.taboola.com — Cisco Umbrella Rank: 1824 am-wf.taboola.com	1 MB
29	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 366	683 KB
16	rubiconproject.com 3 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1187 eus.rubiconproject.com — Cisco Umbrella Rank: 636 token.rubiconproject.com — Cisco Umbrella Rank: 632 pixel.rubiconproject.com — Cisco Umbrella Rank: 361	46 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 396	219 KB
10	criteo.com gum.criteo.com — Cisco Umbrella Rank: 425 dis.criteo.com — Cisco Umbrella Rank: 608 bidder.criteo.com — Cisco Umbrella Rank: 772	14 KB
10	aralego.com 3 redirects ads.aralego.com — Cisco Umbrella Rank: 39398 sync.aralego.com — Cisco Umbrella Rank: 3266 agent.aralego.com — Cisco Umbrella Rank: 266036	8 KB
8	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 14288	123 KB
7	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 465 ups.analytics.yahoo.com — Cisco Umbrella Rank: 320 ads.yap.yahoo.com — Cisco Umbrella Rank: 13588 geo.yahoo.com — Cisco Umbrella Rank: 1379	2 KB
7	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1649 www.google.com — Cisco Umbrella Rank: 3	12 KB
7	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 17438 e3.adpushup.com — Cisco Umbrella Rank: 18267	278 KB
6	criteo.net static.criteo.net — Cisco Umbrella Rank: 617	84 KB
6	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2069 www.google-analytics.com — Cisco Umbrella Rank: 54	761 B
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 623	4 KB
4	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 318	129 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 221	3 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 363	793 B
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 64857 sync.logly.co.jp — Cisco Umbrella Rank: 69957	1 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 27309 audiencedata.im-apps.net — Cisco Umbrella Rank: 29725	3 KB
2	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 98755	20 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 977	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	113 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1216	915 B
2	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 6112	505 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	84 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1285 pixel.quantserve.com — Cisco Umbrella Rank: 1026	10 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 550	30 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1423	63 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 861	45 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 760	237 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 833	245 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 818	717 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3044	104 B
1	holmesmind.com adx.holmesmind.com — Cisco Umbrella Rank: 886881	870 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 20184	3 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1242	636 B
1	ampproject.net d-42705650723265878878.ampproject.net
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 752	30 KB
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 99235	17 KB
1	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 32260	10 KB
1	bg3.co www.bg3.co — Cisco Umbrella Rank: 982406 static.bg3.co Failed	18 KB
0	bfmio.com Failed ioms.bfmio.com Failed
286	43

	Domain	Requested by
40	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co googleads.g.doubleclick.net www.googletagservices.com
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.bg3.co googleads.g.doubleclick.net
16	il-trc-events.taboola.com	www.bg3.co
14	images.taboola.com	www.bg3.co
14	cdn.taboola.com	www.bg3.co cdn.taboola.com
13	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net cdn.aralego.net www.bg3.co www.googletagservices.com
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
8	eus.rubiconproject.com	ads.aralego.com eus.rubiconproject.com nt.compass-fit.jp am-match.taboola.com
8	cdn.aralego.net	www.bg3.co ads.aralego.com adx.holmesmind.com agent.aralego.com
7	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
6	static.criteo.net	agent.aralego.com
6	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	1 redirects cdn.ampproject.org pagead2.googlesyndication.com googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	gum.criteo.com	cdn.taboola.com static.criteo.net gum.criteo.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
5	ads.aralego.com	1 redirects ads.aralego.com agent.aralego.com
4	bidder.criteo.com	static.criteo.net
4	s0.2mdn.net	www.bg3.co s0.2mdn.net googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	token.rubiconproject.com	eus.rubiconproject.com
4	region1.google-analytics.com	cdn.ampproject.org www.googletagmanager.com
3	pr-bh.ybp.yahoo.com	imprammp.taboola.com am-match.taboola.com
3	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
3	secure-assets.rubiconproject.com	3 redirects
3	sync.aralego.com	ads.aralego.com www.bg3.co
2	agent.aralego.com	2 redirects
2	ad.sitemaji.com	adx.holmesmind.com securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	www.bg3.co
2	pm.w55c.net	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	http-intake.logs.datadoghq.com	cdn.adpushup.com
2	ups.analytics.yahoo.com	imprammp.taboola.com am-match.taboola.com
2	am-vid-events.taboola.com	www.bg3.co
2	am-match.taboola.com	vidstat.taboola.com
2	www.google-analytics.com	www.bg3.co
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com
2	e3.adpushup.com	www.bg3.co
2	trc.taboola.com	cdn.taboola.com
1	am-wf.taboola.com	vidstat.taboola.com
1	geo.yahoo.com	adx.holmesmind.com
1	ads.yap.yahoo.com	s.yimg.com
1	s.yimg.com	ad.sitemaji.com
1	c6ace8bddb280d43c21b861d74a4f308.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	code.createjs.com	s0.2mdn.net
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	s.ad.smaato.net	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	pixel.rubiconproject.com	eus.rubiconproject.com
1	adx.holmesmind.com	pagead2.googlesyndication.com
1	2f8bbd530520db17a8e6f48de5337783.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	1d2a6d111db70ad87e64951e08d603e1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	vidstatb.taboola.com	www.bg3.co
1	audiencedata.im-apps.net	dmp.im-apps.net
1	wf.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	stats.g.doubleclick.net	cdn.ampproject.org
1	l.logly.co.jp	nt.compass-fit.jp
1	fonts.googleapis.com	cdn.taboola.com
1	pixel.quantserve.com	www.bg3.co
1	amp.analytics-debugger.com	cdn.ampproject.org
1	rules.quantcount.com	secure.quantserve.com
1	d-42705650723265878878.ampproject.net	cdn.ampproject.org
1	secure.quantserve.com	cdn.adpushup.com
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	code.jquery.com	cdn.adpushup.com
1	nt.compass-fit.jp	www.bg3.co
1	delivery.adrecover.com	www.bg3.co
1	www.bg3.co
0	ioms.bfmio.com Failed	vidstat.taboola.com
0	static.bg3.co Failed	www.bg3.co
286	80

This site contains links to these domains. Also see Links.

Domain
fit-und-mental.de
popup.taboola.com
trck.tracking505.com
wp6nqs.zbrjtstrclnm.com
trc.taboola.com
wzqv6c.zbrjtstrclnm.com
www.lecker.de
happy-woman.com

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G4	`2023-05-22` - `2024-06-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
cdn.adpushup.com R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
quantserve.com R3	`2023-08-12` - `2023-11-10`	3 months	crt.sh
analytics-debugger.com GTS CA 1P5	`2023-07-18` - `2023-10-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M01	`2023-07-23` - `2024-08-20`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-14` - `2023-10-04`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-14` - `2023-10-04`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh

This page contains 40 frames:

Primary Page: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Frame ID: 6C17491BC5C96B172FBC038C1B7D6C31
Requests: 127 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&cmcv=&pix=undefined&cb=1692059489610&uv=3318&tms=1692059489610&abt=id5mc_vB!mxrdvp_vB!mxrdvp_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=afa7cb08-943a-4e3b-ad9a-d04e92a20d0d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 971FFC074EDF960BECBD9F8898CCBCA4
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 6F890FD79DAE7B287DEA6EE205CD97FF
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-37741209071012232579&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2705&oid=2&is_amp=5&amp_v=2307272333000&d_imp=1&c=70007401&ga_cid=amp-iZkS7Kvz-SXeNsy0JtShLw&ga_hid=7401&dt=1692059489469&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&bdt=1202&dtd=7&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: BE08228E24EEEC3735C6609494F450BE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 55F08CA5A47F60D7299C2666F36CD05B
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 295F9E00ADC63085C611C7184F51AD75
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: FD9748B336EBF675F5D8BA8F45F20A63
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 74586DFCD345160CD6DC461C25F18055
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: A7993B497C27CE4A757E71228329D3B2
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 062035775EF355FCB6F93A0F70054192
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: E1739965C7EE3447B2750A6E9748370D
Requests: 3 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 296247CDDDF81DD559350DD79F8E4E68
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: 56EBC5BB06D6B11F16B6B5AF583E3E99
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 0D51BD3A9FBBF3F8D48C6AD547F3EA73
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/zrt_lookup.html
Frame ID: 364666B066961A9F22343D71B5184574
Requests: 1 HTTP requests in this frame

Frame: https://1d2a6d111db70ad87e64951e08d603e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B694916EA54CDB4D7D5DA73892F8B698
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692052290&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692059489858&bpp=306&bdt=615&idt=555&shv=r20230810&mjsv=m202308090102&ptt=5&saldr=sd&correlator=6140857882584&frm=23&ife=1&pv=2&ga_vid=1300152995.1692059491&ga_sid=1692059491&ga_hid=935093570&ga_fc=0&ga_cid=amp-iZkS7Kvz-SXeNsy0JtShLw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1866121332&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076836%2C44795922%2C44799579%2C31076287%2C44796313&oid=2&pvsid=4431497539221961&tmod=2117179710&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l5l2phsan6na&fsb=1&dtd=663
Frame ID: 7B710BCF48A1A01042B54F61E191E02F
Requests: 1 HTTP requests in this frame

Frame: https://2f8bbd530520db17a8e6f48de5337783.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 764262350923269556B99CCC063067A9
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 191F8886BB686A24DA4AF54EE44E82A8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B3BB16E1602FA5EAB907787886CA83C5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A7E4B1507D8C655C997DB4E39CD5E7C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D5F45A9F83F099F5F8EE881EC800E430
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 84F3FF31D91C2C942F89C3E2602E570D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0CD1D7F1F2FD64683ED12274210B177D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5808EA81E12F88E100988561BDE67BB9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 55A9F434D0992857EFCB7EEEFDCC332F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B338F044159770E8A3D3CE689E2E4A58
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGLTJ8eUBMAE&v=APEucNVdnDHkIs5VB2I6oD1UYso9b9FTmtXYMEriB_SpSOjdFu84lpecUDKYdLloIvJ3dEgTO2oO_c_S1L-TZu9KyW7m2cx3FebihvxUEyd71fXEORuXQ7hR-bBJwvYJZGAfc77YyE6MQjOWdNKK8ZMQZS26Zbl6u859pnjnpxIiFcBR2Cl61GM
Frame ID: 323B5D986F93399CB1A72703BEFDC0D4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: C579110875BCFD4ABB2C623BFBAD97D0
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2C4C6205C8DC4FB054293B4CD77FE660
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C9D401D7C9C566E0FCD113361674DFE8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7685724329878749184/23_01425_OWE_2304_OP_BSP_MM_704_230405_Display_PA_Saeule_OP_300x250.html?ev=01_250
Frame ID: B39B201932B5A43830D4CDFDA7DCDFA3
Requests: 4 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 5D2D1780220A16AC567F33D42AC311E3
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: B556B569CACBF3C2DEE92E829ACB694D
Requests: 2 HTTP requests in this frame

Frame: https://c6ace8bddb280d43c21b861d74a4f308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: E4EA6FEC9DA6485B5B79DDFA709A1CF7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuoKvHUi5GVXL0wjIxLJ4XPjtbCEV4I0AZenHg1LCAGxeV3vDXO4YxGrXFHn1KNSCTCFOvtuvA3Vup7AOzBULQ7OdmuEEIV7oZ4AzIT6eC65w1CIC5NShLTLUyQ18M1OTJgk4sur9V3A9n9OVi31m5wxLh1ouI8f5JqVUi8wLIslkrqxg0GGEtyrcUrRaCJj_ZaWpW6VT-yCNRZlAfNT1TmpZNsHyrlC7O76iRfecFylWT537Lg8pUMJtllFDRTudHN7s4haXvALZNYZ9QWK55WdP4-9Gl_mQirM1KL16sfMkJPNFfmJt5zV8ftf34iZ5Fp6jKJK0W580aViQ&sai=AMfl-YRlI6LAQQEhNylpjtzjH4hg0OJ7My2DGirqPqh7To13LC5WThaK1ybQ6x0Zjx-e5YNxE9hOVE0vaKTCvhfpX88aMzwOceeUruOruw&sig=Cg0ArKJSzOx8vGuQqAL1EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CE2C7EA474B716ED3D1B827A7F8639AD
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E4341178F75D8BBA103CB187B7DD1039
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 21E72D386459F2D5AEB94AA6D0B5E969
Requests: 2 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: A2AA58FC231FFC04FFF2FEE6349F9F63
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 4B7ACF7A7268E4EDCB5011A1DCF423EB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

中科院「極音速飛彈」震懾全球　神秘「護國神山」團隊首曝光 - 天天要聞

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

286
Requests

92 %
HTTPS

0 %
IPv6

43
Domains

80
Subdomains

63
IPs

10
Countries

4054 kB
Transfer

11897 kB
Size

21
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://fit-und-mental.de/25-geniale-life-hacks-fuer-ihren-alltag/2/
Title: Fit & Mental

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trck.tracking505.com/0f324695-965c-4358-8a02-cb6dfa6c2ac5
Title: LifestyleTrendsHQ | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://wp6nqs.zbrjtstrclnm.com/
Title: Abandoned Houses | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&ri=ff8845cb6d0a6d4fd1bca87afa1a0d02&sd=v2_854e36da0a7271afd16d64c2b41bee84_f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0_1692059488_1692059488_CNawjgYQ2YJdGOKi67SfMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0&it=text&ii=~~V1~~-5434966953556871588~~yCo61aDlZGYEAs9DoNI9noUEE-jFPEeL8nKJvv9B7MR9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kD7VbyU9qGbFCk3G1JTsLXxEXbuS8jkQX0nUuhwc1s0N64flFMo2kP6rZ8aEXPh_-I1MIa1FHFuUj5i-cwQe5zgaE3iK7ebMf8nQ4vZ9kk8x4nihmyDN13ihF0TfT4aHNg&pt=text&li=rbox-t2v&sig=53f1bd37b5784543267dd47778ccad0de2c29b2974fe&redir=https%3A%2F%2Fwp6nqs.zbrjtstrclnm.com%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26subid1%3D25057207%7Cpalmate-bg3co%7C3691232205%26subid2%3D1524057%26subid3%3DWien%253A%2BVerlassene%2BH%25C3%25A4user%2Bzum%2BVerkauf%2Bin%2BIhrer%2BN%25C3%25A4he%2Bzu%2Bg%25C3%25BCnstigen%2BPreisen%26subid4%3Dat-de-tb-pavel-abandonedhousespr-100523-all-v1%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DWien%253A%2BVerlassene%2BH%25C3%25A4user%2Bzum%2BVerkauf%2Bin%2BIhrer%2BN%25C3%25A4he%2Bzu%2Bg%25C3%25BCnstigen%2BPreisen%26click_id%3DGiAo2OoKQJCnX4c-nsJXfT7_eD3TTFWfISlrh_s8_RrGyyD89Fwo7cX34IW6m908%26dpco%3D1%26tblci%3DGiAo2OoKQJCnX4c-nsJXfT7_eD3TTFWfISlrh_s8_RrGyyD89Fwo7cX34IW6m908%23tblciGiAo2OoKQJCnX4c-nsJXfT7_eD3TTFWfISlrh_s8_RrGyyD89Fwo7cX34IW6m908&vi=1692059488610&p=tarzomedia-abandonedhouses-sc&r=3&lti=deflated&ppb=CN4C&cpb=EhIyMDIzMDgxMi0xLVJFTEVBU0UYASAAKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE4NziA8o2RDEDpmQdI_4UQUOWG2ANY____________AWMI0DcQjVMYMGRjCP5IELZgGAFkYwiqPRCRURgyZGMI1xYQ1R8YI2RjCNIDEOAGGAhkYwiWFBCgHBgYZGMI7wMQpQkYCWRjCK9HEKReGAtkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgBmqPrtJ8x&cta=true
Title: Hier klicken

Search URL Search Domain Scan URL

URL: https://wzqv6c.zbrjtstrclnm.com/
Title: Containerhäuser | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&ri=244da78875cd58576db9c652eeb8489a&sd=v2_854e36da0a7271afd16d64c2b41bee84_f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0_1692059488_1692059488_CNawjgYQ2YJdGOKi67SfMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0&it=text&ii=~~V1~~5402010990329125525~~TlBmxB5zG237ssEBQbsKb-rNb45PwFeMNWfm3bzTAtMe79Ni-eBnd8iQ4KmvvX-QCoTT_IvWFG7RTbSa_z-XXnMfYswGd-ksPnaRNZN-tYziRvWpFbmdEPWF0ftLCnP9obLMpHiOEIpsASiSCRXYIBoTeIrt5sx_ydDi9n2STzHieKGbIM3XeKEXRN9Phoc2&pt=text&li=rbox-t2v&sig=84caf723ed3635cb19e88dc7e1cfdc066bb816e316ec&redir=https%3A%2F%2Fwzqv6c.zbrjtstrclnm.com%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26subid1%3D25221585%7Cpalmate-bg3co%7C3694294158%26subid2%3D1524057%26subid3%3DWien%253A%2BUnverkaufte%2BContainerh%25C3%25A4user%2Bzum%2BVerkauf%2Bf%25C3%25BCr%2Bfast%2Bnichts%26subid4%3Dat-de-tb-pavel-shippingcontainerhomespr-210523-all-v1%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DWien%253A%2BUnverkaufte%2BContainerh%25C3%25A4user%2Bzum%2BVerkauf%2Bf%25C3%25BCr%2Bfast%2Bnichts%26click_id%3DGiAo2OoKQJCnX4c-nsJXfT7_eD3TTFWfISlrh_s8_RrGyyDRjV8o3LqKtIqBxKqOAQ%26dpco%3D1%26tblci%3DGiAo2OoKQJCnX4c-nsJXfT7_eD3TTFWfISlrh_s8_RrGyyDRjV8o3LqKtIqBxKqOAQ%23tblciGiAo2OoKQJCnX4c-nsJXfT7_eD3TTFWfISlrh_s8_RrGyyDRjV8o3LqKtIqBxKqOAQ&vi=1692059488610&p=tarzomedia-shippingcontainerhomes-sc&r=30&lti=deflated&ppb=CGA&cpb=EhIyMDIzMDgxMi0xLVJFTEVBU0UYASAAKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE4NziA8o2RDEDpmQdI_4UQUOWG2ANY____________AWMI0DcQjVMYMGRjCP5IELZgGAFkYwiqPRCRURgyZGMI1xYQ1R8YI2RjCNIDEOAGGAhkYwiWFBCgHBgYZGMI7wMQpQkYCWRjCK9HEKReGAtkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgBmqPrtJ8x&cta=true
Title: Hier klicken

Search URL Search Domain Scan URL

URL: https://www.lecker.de/schnelles-abendessen-blitz-rezepte-zum-feierabend-59380.html
Title: Lecker.de

Search URL Search Domain Scan URL

URL: https://happy-woman.com/11-sinnvolle-tipps-fuer-den-garten-massnahmen-die-wirklich-helfen/2/
Title: Happy Woman

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&ri=f0d9f904d94b8653b787327064d0b14d&sd=v2_854e36da0a7271afd16d64c2b41bee84_f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0_1692059488_1692059488_CNawjgYQ2YJdGOKi67SfMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0&it=text&ii=~~V1~~5402010990329125525~~TlBmxB5zG237ssEBQbsKb-rNb45PwFeMNWfm3bzTAtMe79Ni-eBnd8iQ4KmvvX-QPtVvJT2oZsUKTcbUlOwtfOWXxTtTx_Fak-SIFGMSnsbiRvWpFbmdEPWF0ftLCnP9obLMpHiOEIpsASiSCRXYIBoTeIrt5sx_ydDi9n2STzHieKGbIM3XeKEXRN9Phoc2&pt=text&li=rbox-t2v&sig=7a5cf7762a763751e89718f1f2e684606eacdaf7ef78&redir=https%3A%2F%2Fwzqv6c.zbrjtstrclnm.com%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26subid1%3D25221585%7Cpalmate-bg3co%7C3694294158%26subid2%3D1524057%26subid3%3DWien%253A%2BUnverkaufte%2BContainerh%25C3%25A4user%2Bzum%2BVerkauf%2Bf%25C3%25BCr%2Bfast%2Bnichts%26subid4%3Dat-de-tb-pavel-shippingcontainerhomespr-210523-all-v1%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DWien%253A%2BUnverkaufte%2BContainerh%25C3%25A4user%2Bzum%2BVerkauf%2Bf%25C3%25BCr%2Bfast%2Bnichts%26click_id%3DGiAo2OoKQJCnX4c-nsJXfT7_eD3TTFWfISlrh_s8_RrGyyDRjV8ot-CrtKmU3Na4AQ%26dpco%3D1%26tblci%3DGiAo2OoKQJCnX4c-nsJXfT7_eD3TTFWfISlrh_s8_RrGyyDRjV8ot-CrtKmU3Na4AQ%23tblciGiAo2OoKQJCnX4c-nsJXfT7_eD3TTFWfISlrh_s8_RrGyyDRjV8ot-CrtKmU3Na4AQ&vi=1692059488610&p=tarzomedia-shippingcontainerhomes-sc&r=48&lti=deflated&ppb=CPEE&cpb=EhIyMDIzMDgxMi0xLVJFTEVBU0UYASAAKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE4NziA8o2RDEDpmQdI_4UQUOWG2ANY____________AWMI0DcQjVMYMGRjCP5IELZgGAFkYwiqPRCRURgyZGMI1xYQ1R8YI2RjCNIDEOAGGAhkYwiWFBCgHBgYZGMI7wMQpQkYCWRjCK9HEKReGAtkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgBmqPrtJ8x&cta=true
Title: Hier klicken

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&ri=7e636675b746583b6f516f92f1bf3cbc&sd=v2_854e36da0a7271afd16d64c2b41bee84_f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0_1692059488_1692059488_CNawjgYQ2YJdGOKi67SfMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0&it=text&ii=~~V1~~-5434966953556871588~~sxs1A0o0N9dQ2ag_Ho_4jIUEE-jFPEeL8nKJvv9B7MR9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kD7VbyU9qGbFCk3G1JTsLXxLu2p_FapL58U7V-zQVIzM64flFMo2kP6rZ8aEXPh_-I1MIa1FHFuUj5i-cwQe5zgaE3iK7ebMf8nQ4vZ9kk8x4nihmyDN13ihF0TfT4aHNg&pt=text&li=rbox-t2v&sig=63da1b835267899b1fc63d6d1a3e77085c0fc779709c&redir=https%3A%2F%2Fwp6nqs.zbrjtstrclnm.com%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26subid1%3D25057207%7Cpalmate-bg3co%7C3691232205%26subid2%3D1524057%26subid3%3DWien%253A%2BVerlassene%2BH%25C3%25A4user%2Bzum%2BVerkauf%2Bin%2BIhrer%2BN%25C3%25A4he%2Bzu%2Bg%25C3%25BCnstigen%2BPreisen%26subid4%3Dat-de-tb-pavel-abandonedhousespr-100523-all-v1%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DWien%253A%2BVerlassene%2BH%25C3%25A4user%2Bzum%2BVerkauf%2Bin%2BIhrer%2BN%25C3%25A4he%2Bzu%2Bg%25C3%25BCnstigen%2BPreisen%26click_id%3DGiAo2OoKQJCnX4c-nsJXfT7_eD3TTFWfISlrh_s8_RrGyyD89Fwo7_CU2eKEu9_ZAQ%26dpco%3D1%26tblci%3DGiAo2OoKQJCnX4c-nsJXfT7_eD3TTFWfISlrh_s8_RrGyyD89Fwo7_CU2eKEu9_ZAQ%23tblciGiAo2OoKQJCnX4c-nsJXfT7_eD3TTFWfISlrh_s8_RrGyyD89Fwo7_CU2eKEu9_ZAQ&vi=1692059488610&p=tarzomedia-abandonedhouses-sc&r=38&lti=deflated&ppb=CIMF&cpb=EhIyMDIzMDgxMi0xLVJFTEVBU0UYASAAKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE4NziA8o2RDEDpmQdI_4UQUOWG2ANY____________AWMI0DcQjVMYMGRjCP5IELZgGAFkYwiqPRCRURgyZGMI1xYQ1R8YI2RjCNIDEOAGGAhkYwiWFBCgHBgYZGMI7wMQpQkYCWRjCK9HEKReGAtkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgBmqPrtJ8x&cta=true
Title: Hier klicken

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbnails-vignette-la-delta:taboola-vignette:
Title: Sponsored

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 109

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 114

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 135

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Request Chain 165

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692052290&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692059489875&bpp=387&bdt=597&idt=599&shv=r20230810&mjsv=m202308090102&ptt=5&saldr=sd&correlator=6140857882584&frm=23&ife=1&pv=1&ga_vid=1278352286.1692059491&ga_sid=1692059491&ga_hid=1934867443&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2272&biw=1600&bih=1200&isw=336&ish=280&ifk=1845403065&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076874%2C42532315%2C44799569%2C21065725%2C31076964%2C44796313&oid=2&pvsid=2770806719754487&tmod=26512199&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5gzees4yb35d&btvi=1&fsb=1&dtd=730 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOxwNN14GRUe4t3s9aJXOs&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOxwNN14GRUe4t3s9aJXOs&google_cver=1&C=1

Request Chain 204

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNrHZEgACEKBArEQ0AebZAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOxwNN14GRUe4t3s9aJXOs&google_cver=1

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKhAWv19MGKENVuLICcMyjo&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKhAWv19MGKENVuLICcMyjo%26google_cver%3D1

Request Chain 206

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTgwNDAxMDc4MzkwMDY5MTUwNQ%3D%3D

Request Chain 217

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMfOgjUY6VenfjN5iZvR-g0&google_cver=1&google_push=AXcoOmReNgeuBQLo-0Wc4KxV_0RgoLKWXfWV1K193_vgoYVShl11Fbkn0fzu0Nnw0ZM4kPv1AdSzqpqkqiuGx5ZoXwZ-cLYuB5muYg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMfOgjUY6VenfjN5iZvR-g0&google_cver=1&google_push=AXcoOmReNgeuBQLo-0Wc4KxV_0RgoLKWXfWV1K193_vgoYVShl11Fbkn0fzu0Nnw0ZM4kPv1AdSzqpqkqiuGx5ZoXwZ-cLYuB5muYg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZFo3cDZnaEMxUXZIWTc1&google_gid=CAESEMfOgjUY6VenfjN5iZvR-g0&google_cver=1&google_push=AXcoOmReNgeuBQLo-0Wc4KxV_0RgoLKWXfWV1K193_vgoYVShl11Fbkn0fzu0Nnw0ZM4kPv1AdSzqpqkqiuGx5ZoXwZ-cLYuB5muYg

Request Chain 218

https://um.simpli.fi/gp_match?google_gid=CAESEBQdLPZ-KYNbXqRZQ63XimA&google_cver=1&google_push=AXcoOmRDJ_yMbHxgTWLtxV4WcQVkysehXWHpxpPwVtDDfGQf5ABqzIEWsJ8vnxuvIvsmwLdv8EJ7rGbmScOnD2V5rIGEUja937N9lw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B5BA621237C4AA894DFFFDE6997FF80&google_push=AXcoOmRDJ_yMbHxgTWLtxV4WcQVkysehXWHpxpPwVtDDfGQf5ABqzIEWsJ8vnxuvIvsmwLdv8EJ7rGbmScOnD2V5rIGEUja937N9lw

Request Chain 236

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 272

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

286 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html Show response
www.bg3.co/a/ 60 KB
18 KB 1684ms
1156ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 88f333c1d41d37b882b6de2340118e5a38070bbd23c4f7e9aa5176add5dc52af

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 15 Aug 2023 00:31:27 GMT
etag: "ee57-MGMUHQeSapR7tl9PyUgQD8HlChk"
expires: Tue, 15 Aug 2023 00:46:27 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 171ms
68ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

a7eb1447ae8fbeff087958d608790a15346e47e823a392f37f1686402bcd72e0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 15 Aug 2023 00:31:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72905
x-xss-protection: 0
server: sffe
etag: "2f38c6cc6ea98470"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 00:31:28 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 145ms
42ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

59ec623617cb9b008282077c49a57c3387e84b181deb844efa5ffcf1db4909a4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 15 Aug 2023 00:31:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9710
x-xss-protection: 0
server: sffe
etag: "8c65eb8d897931a1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 00:31:28 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
8 KB 165ms
89ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

59e415ebd0d3e2ab61a9b209889956069b95db9039392ac2249e565acaf4f1c2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 15 Aug 2023 00:31:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7620
x-xss-protection: 0
server: sffe
etag: "4ee5ccd9f9b5be3f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 00:31:28 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

142ms
45ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9607
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkKeYI0%2B1CKOw8uKvD%2FOy1qyG%2FdBfuWLuSQtwrD1w322dFBOAyCyDJNpauqE2Rr2ehE7YBcnsXX3zSvzx2qY3%2BNIuRmf3X8I4qbquwzl5IrjP2wJ8lWS729AWuVEjJoLsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f6d55bdd9bc0471-CDG

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 37 KB
10 KB 485ms
411ms Script
application/javascript 2.19.198.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-155.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 3a276faf7ecb07e9cfc5f53e0b306d515b0b4fd08ddc3e0c231965755269a7b2

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: AT
date: Tue, 15 Aug 2023 00:31:28 GMT
x-ap-device: DESKTOP
content-encoding: br
last-modified: Mon, 14 Aug 2023 07:00:32 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-ap-geo: AT
content-length: 10017
expires: Tue, 15 Aug 2023 01:31:28 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 655 KB
138 KB 109ms
29ms Script
application/javascript 2.19.198.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-153.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: add8cc21e392a94221faeaf1bcf60049f411b205d2e6d37af0912b8221a6ebc8

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: AT
date: Tue, 15 Aug 2023 00:31:28 GMT
x-ap-device: DESKTOP
content-encoding: br
last-modified: Sat, 12 Aug 2023 14:34:06 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-ap-geo: AT
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1692059488350_34850453_176050721_125_1398_11_0_146";dur=1
content-length: 140610
expires: Tue, 15 Aug 2023 01:31:28 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 447 KB
52 KB 90ms
52ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5719b4410443cb1a5fc08f400426f7b671017f4aa8a293271fcdd07294f84854

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UOPGnILXeBTx4zy3qSKQVfNU_diofyOk
content-encoding: gzip
via: 1.1 varnish
date: Tue, 15 Aug 2023 00:31:28 GMT
x-amz-request-id: W0WTDW4CECQNTQEZ
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 7
x-amz-replication-status: FAILED
content-length: 52336
x-amz-id-2: f8FSKbcwjdaLuegjT9ziRadQ9o2Gc/1rx4rXTheCYj66ZL8jSZdsTV3VJhXf6s3871myle/Exz0=
x-served-by: cache-vie6340-VIE
last-modified: Tue, 15 Aug 2023 00:31:28 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692059488.344363,VS0,VE37
etag: "11c153c4aec0b580c790cc16533b4ffece1610a0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 31
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 78 KB
17 KB 1023ms
490ms Script
text/javascript 52.68.201.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.201.121 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-201-121.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1251965e0cdfb818fa65720b8a1cadb9518c2962b0c97724e1ec8569e53ba28

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 impl.20230812-1-RELEASE.js Show response
cdn.taboola.com/libtrc/ 799 KB
166 KB 15ms
15ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230812-1-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a138d7b02edf2ec9de73d7dcb7ff659b168a4bc524d08758bc6bd90e52b682d1

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: v6WeHcl5B1HPYVg0rAFU10oErZpOr0lj
content-encoding: br
via: 1.1 varnish
date: Tue, 15 Aug 2023 00:31:28 GMT
x-amz-request-id: GKN28MNAGXDVR7QZ
age: 24385
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 169093
x-amz-id-2: j6NDyIfP2YFI0y/kjQf5wKuye7gvIbmVqjJHP3VR0SpawqArsiT/ucxy84f2NTRvtX/Ktea1+Mk=
x-served-by: cache-vie6340-VIE
last-modified: Sun, 13 Aug 2023 09:42:21 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692059488.484550,VS0,VE0
etag: "1039e92f85b1e0bb881571f02f1681a3"
vary: Accept-Encoding
content-type: application/javascript
abp: 33
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 15643

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 60ms
18ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:28 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1692059488.dop228.ve1.t,1692059488.cds220.ve1.hn,1692059488.cds210.ve1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET 114a851b14b8dafcf9ba0b31a938a920.jpg
static.bg3.co/imgs/202105/ 0
0

GET e2f0d1a84304e1280f3c51ea1efd9c71.jpg
static.bg3.co/imgs/202110/ 0
0

GET b608a8241f570ceb04b66175411b9d5c.jpg
static.bg3.co/imgs/202106/ 0
0

GET b3bb1da915c07496d5cd558bfffbb2ec.jpg
static.bg3.co/imgs/202105/ 0
0

GET b04f9b1ab7dbc2b41fb0485dc2e97624.jpg
static.bg3.co/imgs/202106/ 0
0

GET 90a192e6f25b0a3eb4ff43455ad8df63.jpg
static.bg3.co/imgs/202106/ 0
0

GET 8558b47c047743f37259973ce31fc38f.jpg
static.bg3.co/imgs/202105/ 0
0

GET 9371db77e8a0e778e19f326e5450ecee.jpg
static.bg3.co/imgs/202106/ 0
0

GET 363b8cbc522b0c4d175797c69a04941a.jpg
static.bg3.co/imgs/202106/ 0
0

GET 05be435b2c7412574cd875de8a3cbf11.jpg
static.bg3.co/imgs/202105/ 0
0

GET 14e2747a14fecf1b3cc2deea54176df5.jpg
static.bg3.co/imgs/202105/ 0
0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012307272333000/v0/ 8 KB
3 KB 103ms
35ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

b8d20ccf593b049aa3489da4c021d3b4b485e82e06a4cc0ed1337d08aa765987

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 12 Aug 2023 05:45:16 GMT
age: 240372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3021
x-xss-protection: 0
server: sffe
etag: "5992a434989da413"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Aug 2024 05:45:16 GMT

GET
H3 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012307272333000/v0/ 82 KB
23 KB 102ms
40ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

d462be35c61b5311a42bc6402e6e64e6e54a7c542963e1f448f10e480ea87cf9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 08 Aug 2023 19:50:43 GMT
age: 535245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23182
x-xss-protection: 0
server: sffe
etag: "fb56063241417f13"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Aug 2024 19:50:43 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 4 KB
875 B 120ms
41ms Fetch
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

b60c95edd9b60e895161e8724262e8944b94a92854af64e46aa1428636a64b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 527
x-xss-protection: 0

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012307272333000/v0/ 13 KB
4 KB 70ms
37ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

068619b9084242ce2ca2d3bab3e7a2d02911acce318eb05ac257e0f545c241a2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Aug 2023 17:53:38 GMT
age: 23870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3996
x-xss-protection: 0
server: sffe
etag: "36b638fb3883cf3b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Aug 2024 17:53:38 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 144ms
46ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230812-1-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 178244
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 70 KB
18 KB 298ms
291ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=02%3A31%3A28.614&lti=deflated&data=%7B%22id%22%3A187%2C%22ii%22%3A%22%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1692005511960%2C%22vi%22%3A1692059488610%2C%22cv%22%3A%2220230812-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html%22%2C%22vpi%22%3A%22%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2805%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1968%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230812-1-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1813f105155200dd13b25d998b729014be3dd3dd6f7e292aad7d7c2deef00b92

Request headers

Referer: https://www.bg3.co/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 270
date: Tue, 15 Aug 2023 00:31:28 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 70296
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-vie6340-VIE
x-log-content-encoding: gzip
server: nginx
x-timer: S1692059489.627668,VS0,VE270
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 110ms
44ms Script
application/javascript 2.19.198.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-153.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: AT
date: Tue, 15 Aug 2023 00:31:28 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: nginx/1.18.0
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692059488685_34850453_176050763_83_1270_11_0_146";dur=1
content-length: 122286
expires: Wed, 14 Aug 2024 00:31:28 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
560 B 52ms
32ms Script
application/javascript 2.19.198.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-153.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: AT
date: Tue, 15 Aug 2023 00:31:28 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692059488729_34850453_176050765_55_1243_11_0_146";dur=1
content-length: 211
expires: Wed, 14 Aug 2024 00:31:28 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 52ms
32ms Script
application/javascript 2.19.198.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-153.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: AT
date: Tue, 15 Aug 2023 00:31:28 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692059488729_34850453_176050764_55_1246_11_0_146";dur=1
content-length: 18371
expires: Tue, 15 Aug 2023 01:31:28 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
28 KB 126ms
46ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

1cd490ea0ef13d3034af3a721ba81f0a9b85555947bcd08caa0f2611c45c6f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28447
x-xss-protection: 0
server: cafe
etag: 509 / 19584 / m202308080102 / config-hash: 14771428451550081825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 00:31:28 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
309 B 119ms
38ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTIwNTk0ODg2OTAsInBhY2tldElkIjoiMDAwMEE3MDEtNTM4N2Y5ODUtZDZjMy00ZWJlLTgxZTAtNzI0ZDY2ZTgyMDc2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3pob25nLWtlLXl1YW4tamkteWluLXN1LWZlaS1kYW4temhlbi1zaGUtcXVhbi1xaXUtc2hlbi1taS1odS1ndW8tc2hlbi1zaGFuLXR1YW4tZHVpLXNob3UtcHUtZ3VhbmcuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQVQifQ%3D%3D&c_b=2113.199996948242
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:28 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
308 B 119ms
39ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:28 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 19 KB
9 KB 162ms
71ms Script
application/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

992a727ee2e6c7e6c7157a01f90c8b3fe5260df5a0353de9ca6af3fb8234110e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-6wkJXeRpvCpI9GBBzqw14g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-6wkJXeRpvCpI9GBBzqw14g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012307272333000/v0/ 40 KB
10 KB 34ms
34ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

9ffe5f229d338604f67ac27145be983cdb0e74170145052ca982a1054a8a82dc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 08 Aug 2023 19:50:43 GMT
age: 535245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10406
x-xss-protection: 0
server: sffe
etag: "d4bca0499463875a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Aug 2024 19:50:43 GMT

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012307272333000/v0/ 213 KB
56 KB 33ms
33ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

114792c3e764192ab8250ef71b0783010b1b03fa3f87649082f1c2ba73afa779

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 08 Aug 2023 19:51:48 GMT
age: 535180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57733
x-xss-protection: 0
server: sffe
etag: "713211f22a286027"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Aug 2024 19:51:48 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 125ms
35ms Script
application/javascript 91.228.74.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:28 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 22 Aug 2023 00:31:28 GMT

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012307272333000/v0/ 110 KB
32 KB 34ms
33ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

723df3c7d7a3d796cd19b2d214c09340b55cf08e08d26cdf29848731527239ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Aug 2023 11:53:57 GMT
age: 45451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32235
x-xss-protection: 0
server: sffe
etag: "e3f6ff5fb1ac62c8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Aug 2024 11:53:57 GMT

GET
H2 200 nameframe.html
d-42705650723265878878.ampproject.net/2307272333000/ 0
0 167ms
41ms Other
text/html 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-42705650723265878878.ampproject.net/2307272333000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.131 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/ 400 KB
126 KB 34ms
33ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

d7e1d11e09ae5619685a66e50267d80bc6b716e2a3d9377b922ead3c32cba527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:59:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55940
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129236
x-xss-protection: 0
server: cafe
etag: 3196626984536983108
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 13 Aug 2024 08:59:08 GMT

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
636 B 123ms
30ms Script
application/javascript 18.66.97.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:17:17 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 853
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: kWtFXhTDtOSghUY7Q8QjOIwWbuyD6_lxr6SyKWYqq_zHojkA6Q1XEw==

GET
H2 200 floating-unit.20230812-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 20ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230812-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ec8b20f3d2d901f74d7a40a7975de4fd159afe925c9068ea88008a1cbb72665

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 82gRYelsmuaClzAgJPoEjUgkjnsYxlAI
content-encoding: gzip
via: 1.1 varnish
date: Tue, 15 Aug 2023 00:31:28 GMT
x-amz-request-id: P7AGFNA2WATSAGT5
age: 53983
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2473
x-amz-id-2: jBhlaS56SrqjILXVrKkHSvvJFJuyhtpM7/NpM0QsApe0NhLfnh3zdvHoKciNWHlbCCWvPE7g0UM=
x-served-by: cache-vie6340-VIE
last-modified: Mon, 14 Aug 2023 09:31:46 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692059489.966011,VS0,VE0
etag: "08a4fce3397dfbebd9ba4caaf3af4dac"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 21
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1303

GET
H2 200 taboola-vignette-new-scanning.20230812-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 21ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230812-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e1f391a300a8bbc18065070baddfa2ad8bbf432e3cdf41a42948759c9b3b60b

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: A7ZGfU.MQK6_DTacNSN0hOjyih9ZK7iJ
content-encoding: gzip
via: 1.1 varnish
date: Tue, 15 Aug 2023 00:31:28 GMT
x-amz-request-id: 8ARCET54RJE8JBZG
age: 53965
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8019
x-amz-id-2: Ekezeeulqn1MR6XTzFUhSRbrOd1cOikMxA0EX2Pyu6PDaWALNmMLCVN+gt9VNEvqDbYfg1Xbf8Y=
x-served-by: cache-vie6340-VIE
last-modified: Mon, 14 Aug 2023 09:32:04 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692059489.966242,VS0,VE0
etag: "134212846c6743045d7c207f5ef33098"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 55
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 814

GET
H2 200 distance-from-article.20230812-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 16ms
15ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230812-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a82bb12fedc01a586aee4bedfdde088d5ad1a33c5b72ad1c5f8fe9c30eb4387b

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: d12_ceop48u0kaTg3zn7EOcWRFtHYelx
content-encoding: gzip
via: 1.1 varnish
date: Tue, 15 Aug 2023 00:31:28 GMT
x-amz-request-id: ZVFCDX67W9PT6RF7
age: 53993
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1132
x-amz-id-2: Z9RHa/7ovwRGPthHfTEZwwVkhiR1m1qGzaikkDYXpSIEHQuRQS5rETD3TaclVeyC+eRRdhcrtG0=
x-served-by: cache-vie6340-VIE
last-modified: Mon, 14 Aug 2023 09:31:36 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692059489.986318,VS0,VE0
etag: "36b8cd6e2cbfee414ce07e77a7cb697a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 35
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 38298

GET
H2 200 article-detection.20230812-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 17ms
16ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230812-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d12ec20630ab22ec93b4a6283ba696b71a96817f47506d4a044879fa8eb50df8

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: bfo3k0x64VhInLuysiqyAuS9K1UV.pIB
content-encoding: gzip
via: 1.1 varnish
date: Tue, 15 Aug 2023 00:31:28 GMT
x-amz-request-id: WKM7BYNMWZ78B76R
age: 53999
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1270
x-amz-id-2: SwCavKBT8VJNHxUSPg+7VolfZb4SQy0iZKzfQgs38UVlzblhvtNQWoEP8e3+jYq8XBW44TTX4Yg=
x-served-by: cache-vie6340-VIE
last-modified: Mon, 14 Aug 2023 09:31:30 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692059489.986583,VS0,VE0
etag: "5b08a978a09c36be87af557bb7b53d40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 38307

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.2.0/ 124 KB
35 KB 24ms
17ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.2.0/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230812-1-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2540712725a490b3478d193f3c2415c2ff66877e5432e47f6329c1e63d50fd47

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:28 GMT
via: 1.1 fadd210e8fada96866356688e5524d10.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: VIE50-C2
age: 471268
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 35571
x-served-by: cache-vie6340-VIE
last-modified: Wed, 09 Aug 2023 13:36:26 GMT
server: AmazonS3
x-timer: S1692059489.996318,VS0,VE0
etag: "2704f2e8c951ba78e93e4f90fb9c9119"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 69gCFxY4gCEh7HYgkcEdc3NfB3dXfYneNkTynhQcFrCQM93_BH8Bcg==
x-cache-hits: 35099

GET
H2 200 feed-card-placeholder.20230812-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 18ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230812-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e42f631fa6ad45718527c4b28c26832a12301246ce3892510b43fe9eaa837cbd

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: gO51kzge6TXUiVtMQtPgMGl66rvs6ALQ
content-encoding: gzip
via: 1.1 varnish
date: Tue, 15 Aug 2023 00:31:28 GMT
x-amz-request-id: D1ZXHXZF32B5QK2E
age: 53988
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: hj+R0i9LmrhnlOOHLSzyLqdxreV3Dgr88/8q430WIzeQApvk07xy700zVHt/Y9A0ZCp1Gv7LcL4=
x-served-by: cache-vie6340-VIE
last-modified: Mon, 14 Aug 2023 09:31:41 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692059489.993616,VS0,VE0
etag: "0b6242842fd58183ca63c59544b89858"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 69
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 26347

GET
H2 200 userx.20230812-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 19ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230812-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4145979c2eb88c690be416fd02d3e1eaaa15a5badf9d330ff964c5a15409b355

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4tE0zDc1XMq4FcJh2E1EsB9g6wQ.yTzq
content-encoding: gzip
via: 1.1 varnish
date: Tue, 15 Aug 2023 00:31:29 GMT
x-amz-request-id: MVZK9WKC3127RM41
age: 53962
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: 6MUUITtg7nXm6jBrW+S7FwHz9TsNlwACAreDhIz5zuTLZWtwLTUq20AkLFWf+euoZCWNaG3rla4=
x-served-by: cache-vie6340-VIE
last-modified: Mon, 14 Aug 2023 09:32:08 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692059489.000950,VS0,VE0
etag: "6319b5356ba60b64efba7a9d5593d2ae"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 8
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 5074

GET
H2 200 explore-more.20230812-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 15ms
15ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230812-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15dc488dbd3a40f3ae3d672fcfa67eda5a6d081ae370e6eaa15ddd0ea09a8adc

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8mug9iKNOqLjL69Eh4UxamTFclLN07r6
content-encoding: gzip
via: 1.1 varnish
date: Tue, 15 Aug 2023 00:31:29 GMT
x-amz-request-id: FV9J4QG9SBD2T0EQ
age: 53990
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8803
x-amz-id-2: +k4baP18JKf1TD2xQoWDpZgScv2DkagOZwk98NrzcivY7DArDEs7rjsMIyb7Qo/mMl5IlFfSuPM=
x-served-by: cache-vie6340-VIE
last-modified: Mon, 14 Aug 2023 09:31:39 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692059489.058980,VS0,VE0
etag: "73e1eea497b9002fd5cf6781dac736af"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 59
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 17627

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 272ms
82ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=919e8eeb51473605d73edf5f43a0a9a3&sd=v2_854e36da0a7271afd16d64c2b41bee84_f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0_1692059488_1692059488_CNawjgYQ2YJdGOKi67SfMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0&pi=/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&wi=-6107178901547747622&pt=text&vi=1692059488610&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=02%3A31%3A28.953&id=1978&llvl=2&cv=20230812-1-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 15 Aug 2023 00:31:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 272ms
83ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=919e8eeb51473605d73edf5f43a0a9a3&sd=v2_854e36da0a7271afd16d64c2b41bee84_f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0_1692059488_1692059488_CNawjgYQ2YJdGOKi67SfMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0&pi=/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&wi=-6107178901547747622&pt=text&vi=1692059488610&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1692059488955%7D&tim=02%3A31%3A28.955&id=2437&llvl=2&cv=20230812-1-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 15 Aug 2023 00:31:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 273ms
83ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=919e8eeb51473605d73edf5f43a0a9a3&sd=v2_854e36da0a7271afd16d64c2b41bee84_f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0_1692059488_1692059488_CNawjgYQ2YJdGOKi67SfMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0&pi=/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&wi=-6107178901547747622&pt=text&vi=1692059488610&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1692059488971%7D&tim=02%3A31%3A28.971&id=8924&llvl=2&cv=20230812-1-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 15 Aug 2023 00:31:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 274ms
84ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=919e8eeb51473605d73edf5f43a0a9a3&sd=v2_854e36da0a7271afd16d64c2b41bee84_f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0_1692059488_1692059488_CNawjgYQ2YJdGOKi67SfMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0&pi=/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&wi=-6107178901547747622&pt=text&vi=1692059488610&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=02%3A31%3A29.051&id=7312&llvl=2&cv=20230812-1-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 15 Aug 2023 00:31:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 271ms
81ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=02%3A31%3A29.055&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=8660&cv=20230812-1-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 65131

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 271ms
82ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=02%3A31%3A29.056&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=3270&cv=20230812-1-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 65131

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 80ms
79ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=02%3A31%3A29.061&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=5182&cv=20230812-1-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 65131

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 80ms
80ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=02%3A31%3A29.062&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=6841&cv=20230812-1-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 65131

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 85ms
85ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=02%3A31%3A29.067&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=7548&cv=20230812-1-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 65131

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 15ms
15ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Tue, 15 Aug 2023 00:31:29 GMT
x-amz-request-id: HJ09X8P4R5KH42F4
age: 80
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: faxoqOsk5L3JnOp4CGBe8HUwS5iaEetHw/chB8MAH8m+ety0Y1JRUtqjb3j3A4EIJUkOzqIpZ3duwTaXeu03nw==
x-served-by: cache-vie6340-VIE
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692059489.078232,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 77
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 23

GET
H2 200 3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_870%2Cw_1160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 129 KB
130 KB 1123ms
1115ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_870%2Cw_1160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a03255341bf468803f18b8a1c048b3096c36c88854438ecd48a7a193c4fd2fc

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1099
date: Tue, 15 Aug 2023 00:31:30 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_870%2Cw_1160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
age: 0
edge-cache-tag: 460077859501167843258512618898716504471,320200460870470800213157857266525756987,29ecf9b93bbf306179626feeda1fab70
cache-tag: 460077859501167843258512618898716504471,320200460870470800213157857266525756987,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, MISS, MISS
x-envoy-upstream-service-time: 881
expiration: expiry-date="Wed, 30 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.bg3.co/
content-length: 132284
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000124-IAD, cache-iad-kcgs7200050-IAD, cache-sna10727-LGB, cache-iad-kjyo7100133-IAD, cache-vie6340-VIE
last-modified: Sun, 30 Jul 2023 06:58:31 GMT
server: nginx
x-timer: S1692059489.138967,VS0,VE1099
etag: "f50b2ecf8ddf16e656ddeafd0309818e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 47 KB
47 KB 28ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c02151877c4257995f9d29a43f8c9fc193fbacd13b7b3248b9d72f4d39a8733

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
age: 503937
edge-cache-tag: 460077859501167843258512618898716504471,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag: 460077859501167843258512618898716504471,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 295
expiration: expiry-date="Fri, 18 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.oe24.at/
content-length: 47696
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000073-IAD, cache-iad-kjyo7100138-IAD, cache-lga21969-LGA, cache-iad-kjyo7100088-IAD, cache-vie6340-VIE
last-modified: Tue, 18 Jul 2023 07:37:25 GMT
server: nginx
x-timer: S1692059489.138781,VS0,VE1
etag: "cbf75ae390bbfa9440665532d068a539"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 3abf3278103cc7cc2178679f7356e86e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
23 KB 23ms
18ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3abf3278103cc7cc2178679f7356e86e.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 02c51e67fd6afc3bb9fd2ad77595cf343f13236953af86903842e676d0de7af0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3abf3278103cc7cc2178679f7356e86e.jpg
age: 1752077
edge-cache-tag: 306227302319841661861752669657988274880,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 306227302319841661861752669657988274880,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 243
req-referer: https://www.wordstrivia.com/
content-length: 22272
x-request-id: 8f466093bc9f79edb7b46669ba411956
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100038-IAD, cache-iad-kiad7000047-IAD, cache-lax10672-LGB, cache-iad-kiad7000152-IAD, cache-vie6340-VIE
last-modified: Tue, 25 Jul 2023 17:15:41 GMT
server: nginx
x-timer: S1692059489.138779,VS0,VE0
etag: "f60ed6afbd902b93102abcb4f6939652"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 0, 762, 2

GET
H2 200 f8c3aa0f-0d02-4135-9135-87708b14fa86__MDgEF7CX.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 41 KB
42 KB 17ms
16ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f8c3aa0f-0d02-4135-9135-87708b14fa86__MDgEF7CX.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7de9c7286d754d533c3c4c185fa8d27745a8e08bdec755b4d623fbdefbbb399d

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f8c3aa0f-0d02-4135-9135-87708b14fa86__MDgEF7CX.jpg
age: 132736
edge-cache-tag: 551042605193717955168050415327349786445,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 551042605193717955168050415327349786445,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 507
req-referer: https://www.huffpost.com/
content-length: 41888
x-request-id: ed7f5e366e9e5019577278ac8a29c265
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000063-IAD, cache-iad-kiad7000141-IAD, cache-lga21929-LGA, cache-iad-kjyo7100144-IAD, cache-vie6340-VIE
last-modified: Sun, 13 Aug 2023 10:57:38 GMT
server: nginx
x-timer: S1692059489.159740,VS0,VE1
etag: "fa7e52edb54e2813a55d5be9ea9dae98"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 e5cd1439806ffe139e39474ce2d76534.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 69 KB
70 KB 20ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 934e7afc3bf0992685646d136147be5edac19d1ed31557559ef134693c5c2900

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
age: 2622479
edge-cache-tag: 371149999047074580014513752138842485437,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 371149999047074580014513752138842485437,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 215
expiration: expiry-date="Mon, 14 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://canal1.com.co/
content-length: 70608
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200025-IAD, cache-iad-kjyo7100083-IAD, cache-chi-kigq8000040-CHI, cache-iad-kiad7000095-IAD, cache-vie6340-VIE
last-modified: Fri, 14 Jul 2023 02:57:32 GMT
server: nginx
x-timer: S1692059489.170230,VS0,VE1
etag: "7b4889e48e2b609ec20faf4ddacf1947"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 1305, 1

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012307272333000/v0/analytics-vendors/ 2 KB
886 B 35ms
33ms Fetch
application/json 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 13 Aug 2023 14:24:44 GMT
age: 122805
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "8f5886023517dc75"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 12 Aug 2024 14:24:44 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 141ms
45ms Fetch
application/json 172.64.203.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50237
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 14 Aug 2023 10:34:12 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSHAy6SiG1386CgBWXzS4FxkHfR7iJPKOeVFvsIpFz3p55uzRv9VHViQUtC3ulnIu6dQarkMvdQieyQ6MvGPa3ZZSF%2FcQ5cY1LwLv3P7hjCBSgnLWrl2n3xH%2BJoMzafNfhmKryK9fho8omQ1aA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 7f6d55bfce6d009c-CDG

GET
H2 200 d3f43649854d6addae9f6f56f29dca0d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 27 KB
28 KB 21ms
19ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d3f43649854d6addae9f6f56f29dca0d.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2de91230316231eaabfcef4dd253e3a83178cd00649065e2386466286ee6061d

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d3f43649854d6addae9f6f56f29dca0d.jpg
age: 2667912
edge-cache-tag: 538866984511226002241295778630189611367,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 538866984511226002241295778630189611367,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 145
req-referer: https://www.gazzetta.it/
content-length: 27838
x-request-id: 1fc36e4b22f7c32b5f2024767f29edcf
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200090-IAD, cache-iad-kcgs7200044-IAD, cache-chi-klot8100144-CHI, cache-iad-kjyo7100127-IAD, cache-vie6340-VIE
last-modified: Sun, 09 Jul 2023 20:55:33 GMT
server: nginx
x-timer: S1692059489.192371,VS0,VE1
etag: "80bfab44fb5bbb83127b6b719fd2e554"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 5, 1, 60, 1

GET
H2 200 13ba908d7a3fa3586fab9f0238a18709.jpg
images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_375,y_502/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 17ms
17ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_375,y_502/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13ba908d7a3fa3586fab9f0238a18709.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f43b4cd67457f0b42a05ba618d6111a99127eb413023700e17dd03f202d3db1

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_375,y_502/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13ba908d7a3fa3586fab9f0238a18709.jpg
age: 708998
edge-cache-tag: 558637057710670905957795250647531517476,297496338616802723905928704519131242202,29ecf9b93bbf306179626feeda1fab70
cache-tag: 558637057710670905957795250647531517476,297496338616802723905928704519131242202,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 266
expiration: expiry-date="Tue, 29 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.bbheute.de/
content-length: 9224
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100066-IAD, cache-iad-kcgs7200167-IAD, cache-lax10668-LGB, cache-iad-kjyo7100021-IAD, cache-vie6340-VIE
last-modified: Sat, 29 Jul 2023 21:49:17 GMT
server: nginx
x-timer: S1692059489.192614,VS0,VE1
etag: "b42de60c031e5ddbf29be906b3a9bcd8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 49 KB
49 KB 22ms
21ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 407649409da84d21705ad1e3a847c527e7a76f0cb3086f5c65cfc9b4e8326755

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
age: 976552
edge-cache-tag: 460077859501167843258512618898716504471,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 460077859501167843258512618898716504471,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 288
expiration: expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.t-online.de/
content-length: 49798
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000152-IAD, cache-iad-kjyo7100105-IAD, cache-chi-kigq8000118-CHI, cache-iad-kjyo7100087-IAD, cache-vie6340-VIE
last-modified: Sat, 15 Jul 2023 05:08:29 GMT
server: nginx
x-timer: S1692059489.214401,VS0,VE1
etag: "168beee3ca9ad9ff7835bab9ad49234c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 36, 1

GET
H2 200 e5cd1439806ffe139e39474ce2d76534.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 85 KB
86 KB 18ms
17ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8adb21eb9da22c7bcaae3a07eeca836037e57d4047e574581bc7b6457fae73ff

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
age: 1301330
edge-cache-tag: 371149999047074580014513752138842485437,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 371149999047074580014513752138842485437,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 208
expiration: expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.recettes.qc.ca/
content-length: 86944
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100125-IAD, cache-iad-kjyo7100066-IAD, cache-lax10649-LGB, cache-iad-kjyo7100145-IAD, cache-vie6340-VIE
last-modified: Wed, 12 Jul 2023 14:03:01 GMT
server: nginx
x-timer: S1692059489.214395,VS0,VE0
etag: "60b7a387a7a43cc80be456b79947f81e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 17, 141, 2

GET
H2 200 3abf3278103cc7cc2178679f7356e86e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 69 KB
69 KB 18ms
17ms Image
image/jpeg 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3abf3278103cc7cc2178679f7356e86e.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c723fa3b6f5a7da563cac98f3c973782a216c55c2e0b0f6af708790124c90c83

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3abf3278103cc7cc2178679f7356e86e.jpg
age: 1751637
edge-cache-tag: 306227302319841661861752669657988274880,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 306227302319841661861752669657988274880,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
content-length: 70148
x-request-id: 789d05cbece6e1e4844efed38a32d9da
x-backend-name: CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by: cache-iad-kjyo7100122-IAD, cache-iad-kiad7000072-IAD, cache-vie6340-VIE
last-modified: Tue, 25 Jul 2023 17:15:41 GMT
server: cloudinary
x-timer: S1692059489.236463,VS0,VE2
etag: "bda62d524dd2fc145e9bb20104023bc9"
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 27, 1

GET
H2 200 f8c3aa0f-0d02-4135-9135-87708b14fa86__MDgEF7CX.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 161 KB
162 KB 20ms
19ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f8c3aa0f-0d02-4135-9135-87708b14fa86__MDgEF7CX.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c97ce4c375c14bce379d1ec02180b849aecae192bb57a5b0ed7ac110c15b70fa

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f8c3aa0f-0d02-4135-9135-87708b14fa86__MDgEF7CX.jpg
age: 135189
edge-cache-tag: 551042605193717955168050415327349786445,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 551042605193717955168050415327349786445,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time: 272
req-referer: https://reportingly.com/
content-length: 164522
x-request-id: 10c2bc5452793857aea333fb70b8bbc4
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200075-IAD, cache-iad-kjyo7100049-IAD, cache-lga21956-LGA, cache-iad-kiad7000123-IAD, cache-vie6340-VIE
last-modified: Sun, 13 Aug 2023 10:57:38 GMT
server: nginx
x-timer: S1692059489.237375,VS0,VE1
etag: "55f98ef09a266394c5648d4eb241ff96"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 0, 1

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012307272333000/v0/analytics-vendors/ 3 KB
956 B 44ms
44ms Fetch
application/json 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 12 Aug 2023 06:02:19 GMT
age: 239350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "e8f9a09ed3d75e05"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Aug 2024 06:02:19 GMT

GET
H2 200 next-up-widget.20230812-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 17ms
15ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230812-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 238ecfcae2bb6a2160d4ee2a54328093b0c056d144e0c397c13526382d411d89

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: t6LzLxI0tkkTZHywaA9famfH9wsKV0z9
content-encoding: gzip
via: 1.1 varnish
date: Tue, 15 Aug 2023 00:31:29 GMT
x-amz-request-id: RPWM933V7SAAZPXA
age: 53980
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4622
x-amz-id-2: cp9QIkGQzpf5qZSiw6oO9eTpGU2Q99hdt1sv5vKNOx52vVnJb2r7i4+ZYmqHxybEiw1oFiApV34=
x-served-by: cache-vie6340-VIE
last-modified: Mon, 14 Aug 2023 09:31:49 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692059489.233768,VS0,VE0
etag: "a6e3cfd546c02cd0e418d68c78999775"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 9
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1282

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
643 B 45ms
44ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10356
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQAy1YkztvlojidRzx%2FORpvSCHQIA6vcWTAIem%2BkoFr9JWOcMZSvXulOOjW6szNyZuQyMd6d6m%2BS1uLas5hLQN%2Fo1g5PaEOTbkkgd7KsLgrhOK4CZLe6sN%2FoGu6rriGRiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f6d55bfca510471-CDG

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 537ms
127ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: d13b2dda41ceb6ea09bf438dd060219a325e7577c5db9039e0234b03c4f81c3e

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 00:31:29 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 505ms
126ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: d13b2dda41ceb6ea09bf438dd060219a325e7577c5db9039e0234b03c4f81c3e

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 00:31:29 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H2 200 pixel;r=175671291;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html;uh=e51ed67dfb8d91d...
pixel.quantserve.com/ 35 B
371 B 44ms
35ms Image
image/gif 91.228.74.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=175671291;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-612863681-1692059488914;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1692059489290;tzo=-120;ogl=;ses=9337360e-56b8-412a-b0cd-816d0b9ea591;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 423ms
171ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.7947426938282212&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
x-width: 336
x-height: 280
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-adtype: html
connection: close
content-length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 422ms
166ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.4641944585382698&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
x-width: 336
x-height: 280
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-adtype: html
connection: close
content-length: 564

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 81ms
81ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=919e8eeb51473605d73edf5f43a0a9a3&sd=v2_854e36da0a7271afd16d64c2b41bee84_f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0_1692059488_1692059488_CNawjgYQ2YJdGOKi67SfMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0&pi=/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&wi=-6107178901547747622&pt=text&vi=1692059488610&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1046%7D%22%2C%22eventTime%22%3A1692059489311%7D&tim=02%3A31%3A29.311&id=4796&llvl=2&cv=20230812-1-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 15 Aug 2023 00:31:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 80ms
80ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=919e8eeb51473605d73edf5f43a0a9a3&sd=v2_854e36da0a7271afd16d64c2b41bee84_f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0_1692059488_1692059488_CNawjgYQ2YJdGOKi67SfMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0&pi=/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&wi=-6107178901547747622&pt=text&vi=1692059488610&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2218%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=02%3A31%3A29.334&id=8928&llvl=2&cv=20230812-1-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 15 Aug 2023 00:31:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 80ms
79ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=02%3A31%3A29.356&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6260&cv=20230812-1-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 66109

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 118ms
42ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230812-1-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f10.1e100.net

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Aug 2023 00:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 23:25:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Aug 2023 00:31:29 GMT

GET
H2 200 spa-detector.20230812-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 16ms
15ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230812-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4268e99119731957bddfac51401d40f6d9bce3ff5c1f865ffa277d995d052bae

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: aVV78PcmNUxwm9ZxQRvbJcLGtQD3SFjJ
content-encoding: gzip
via: 1.1 varnish
date: Tue, 15 Aug 2023 00:31:29 GMT
x-amz-request-id: EAB500SZGYZ3P02E
age: 53974
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 809
x-amz-id-2: NbLaQKEWe99qRC9AS76twT8kTdNfQB1u+e8iwUhmPQpffZrAo75IXQhkAtm562aL4DC9WpHdMn0=
x-served-by: cache-vie6340-VIE
last-modified: Mon, 14 Aug 2023 09:31:56 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692059489.373364,VS0,VE0
etag: "f157b8e29c6fec6b2c01412898aefeda"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 31
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 18159

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 81ms
80ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=919e8eeb51473605d73edf5f43a0a9a3&sd=v2_854e36da0a7271afd16d64c2b41bee84_f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0_1692059488_1692059488_CNawjgYQ2YJdGOKi67SfMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0&pi=/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&wi=-6107178901547747622&pt=text&vi=1692059488610&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=02%3A31%3A29.357&id=8869&llvl=2&cv=20230812-1-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 15 Aug 2023 00:31:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 81ms
80ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=919e8eeb51473605d73edf5f43a0a9a3&sd=v2_854e36da0a7271afd16d64c2b41bee84_f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0_1692059488_1692059488_CNawjgYQ2YJdGOKi67SfMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0&pi=/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&wi=-6107178901547747622&pt=text&vi=1692059488610&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1692059489362%7D&tim=02%3A31%3A29.362&id=3824&llvl=2&cv=20230812-1-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 15 Aug 2023 00:31:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 81ms
81ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=919e8eeb51473605d73edf5f43a0a9a3&sd=v2_854e36da0a7271afd16d64c2b41bee84_f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0_1692059488_1692059488_CNawjgYQ2YJdGOKi67SfMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0&pi=/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&wi=-6107178901547747622&pt=text&vi=1692059488610&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=02%3A31%3A29.364&id=3993&llvl=2&cv=20230812-1-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 15 Aug 2023 00:31:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 82ms
81ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=919e8eeb51473605d73edf5f43a0a9a3&sd=v2_854e36da0a7271afd16d64c2b41bee84_f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0_1692059488_1692059488_CNawjgYQ2YJdGOKi67SfMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0&pi=/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&wi=-6107178901547747622&pt=text&vi=1692059488610&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1692059489366%7D&tim=02%3A31%3A29.366&id=3473&llvl=2&cv=20230812-1-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 15 Aug 2023 00:31:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 116ms
40ms Fetch
application/json 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 18ms
17ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bc43b92cd0ed6495cde2ac0f17ee1c4ac5980993148104c083a0c675f917b803

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
age: 2291082
edge-cache-tag: 460077859501167843258512618898716504471,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 460077859501167843258512618898716504471,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 34
expiration: expiry-date="Mon, 24 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.cocktail-rezepte.info/
content-length: 5778
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200076-IAD, cache-iad-kjyo7100138-IAD, cache-chi-klot8100171-CHI, cache-iad-kcgs7200140-IAD, cache-vie6340-VIE
last-modified: Fri, 23 Jun 2023 14:52:47 GMT
server: nginx
x-timer: S1692059489.420447,VS0,VE2
etag: "d80230bc0d2f1157ce7ea0d6d2e2df6e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 2, 1

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
568 B 101ms
29ms Script
text/javascript 23.36.163.114
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/javascript
date: Tue, 15 Aug 2023 00:31:29 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 445
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 325ms
252ms Script
text/plain 108.138.7.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY5MjA1OTQ4OF8xX2UzMDc4Y2VlMWY4OQ%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-20.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 00:31:29 GMT
Via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: gm94T2Jf9eq_SnJCAbdCnZ2fYq6KwYvT9g6gPVOQeppJKPU4CPUXLw==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 e5cd1439806ffe139e39474ce2d76534.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 16ms
16ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: da45ef32883906bc1a133e0f428131d8ebca6e802de09105a9633657166bdaa9

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
age: 2057799
edge-cache-tag: 371149999047074580014513752138842485437,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 371149999047074580014513752138842485437,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 43
expiration: expiry-date="Sun, 06 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://news.koreadaily.com/
content-length: 6466
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000165-IAD, cache-iad-kiad7000140-IAD, cache-chi-kigq8000055-CHI, cache-iad-kcgs7200046-IAD, cache-vie6340-VIE
last-modified: Thu, 06 Jul 2023 16:31:46 GMT
server: nginx
x-timer: S1692059489.424630,VS0,VE1
etag: "1d977e0cfaadd874c31053db67717886"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1180, 1

GET
H2 200 3abf3278103cc7cc2178679f7356e86e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 23ms
23ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3abf3278103cc7cc2178679f7356e86e.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b2100788a1e63768bcd5ab4f5e4862b7d883c847d829d67e5d88eeb8aee3128

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3abf3278103cc7cc2178679f7356e86e.jpg
age: 1751326
edge-cache-tag: 306227302319841661861752669657988274880,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 306227302319841661861752669657988274880,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 878
req-referer: https://flytant.com/
content-length: 8456
x-request-id: 923fd753e91adc478b4c26c1c3314c12
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200154-IAD, cache-iad-kiad7000179-IAD, cache-sna10723-LGB, cache-iad-kiad7000146-IAD, cache-vie6340-VIE
last-modified: Tue, 25 Jul 2023 17:15:41 GMT
server: nginx
x-timer: S1692059489.425129,VS0,VE8
etag: "3333afeaa05834676776e6824cc9e468"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 140, 1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 117ms
40ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=7401&cid=amp-iZkS7Kvz-SXeNsy0JtShLw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&dr=&dt=%E4%B8%AD%E7%A7%91%E9%99%A2%E3%80%8C%E6%A5%B5%E9%9F%B3%E9%80%9F%E9%A3%9B%E5%BD%88%E3%80%8D%E9%9C%87%E6%87%BE%E5%85%A8%E7%90%83%E3%80%80%E7%A5%9E%E7%A7%98%E3%80%8C%E8%AD%B7%E5%9C%8B%E7%A5%9E%E5%B1%B1%E3%80%8D%E5%9C%98%E9%9A%8A%E9%A6%96%E6%9B%9D%E5%85%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1692059489&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 149ms
47ms Ping
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-iZkS7Kvz-SXeNsy0JtShLw&aip=1&sid=1692059489&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
303 B 122ms
40ms Image
image/gif 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E4%B8%AD%E7%A7%91%E9%99%A2%E3%80%8C%E6%A5%B5%E9%9F%B3%E9%80%9F%E9%A3%9B%E5%BD%88%E3%80%8D%E9%9C%87%E6%87%BE%E5%85%A8%E7%90%83%E3%80%80%E7%A5%9E%E7%A7%98%E3%80%8C%E8%AD%B7%E5%9C%8B%E7%A5%9E%E5%B1%B1%E3%80%8D%E5%9C%98%E9%9A%8A%E9%A6%96%E6%9B%9D%E5%85%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-iZkS7Kvz-SXeNsy0JtShLw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.8452450387360875&gjid=0.38048092002397915&_r=1&a=7401&z=0.16022593528400164&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 53ms
53ms Script
application/javascript 23.36.163.114
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Tue, 15 Aug 2023 00:31:29 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 971F 439 B
386 B 43ms
36ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&cmcv=&pix=undefined&cb=1692059489610&uv=3318&tms=1692059489610&abt=id5mc_vB!mxrdvp_vB!mxrdvp_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=afa7cb08-943a-4e3b-ad9a-d04e92a20d0d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c55bce89254a14411918123e019539265932d6b46f60fa1c51b17f66e6e2773

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Tue, 15 Aug 2023 00:31:29 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-vie6340-VIE
x-timer: S1692059490.627515,VS0,VE21

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 6F89 439 B
534 B 206ms
34ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 7c55bce89254a14411918123e019539265932d6b46f60fa1c51b17f66e6e2773

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Tue, 15 Aug 2023 00:31:29 GMT
machineid: 3406
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
736 B 64ms
57ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692059489619&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1539&pt=-975580479&tz=120&viewable=true&ddast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=id5mc_vB!mxrdvp_vB!mxrdvp_vB!nonrv_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cf3fd4e9d345d1bd18f3d2aeb3fb1b2f153dfd9904feb6b20e3edf0dc6125274

Request headers

Referer: https://www.bg3.co/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Tue, 15 Aug 2023 00:31:29 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1431
x-cache: MISS
x-served-by: cache-vie6340-VIE
pragma: no-cache
server: nginx
x-timer: S1692059490.633111,VS0,VE42
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 205ms
33ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&cmcv=&pix=31589837&cb=1692059489610&uv=3318&tms=1692059489610&abt=id5mc_vB!mxrdvp_vB!mxrdvp_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1692059486579.2!ts:1692059489610&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
content-length: 0
server: nginx

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
180 B 458ms
291ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H7V9NNARAS213SZ5PDGKG555
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BE08 603 B
245 B 518ms
186ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-37741209071012232579&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2705&oid=2&is_amp=5&amp_v=2307272333000&d_imp=1&c=70007401&ga_cid=amp-iZkS7Kvz-SXeNsy0JtShLw&ga_hid=7401&dt=1692059489469&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&bdt=1202&dtd=7&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:31:30 GMT
expires: Tue, 15 Aug 2023 00:31:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 55F0 18 KB
8 KB 122ms
55ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

073c21f2734315dd21e09dde4158559fb419819a00a266f55b14adfdf2b4b64b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7899
x-xss-protection: 0
server: cafe
etag: 6852990640183246952
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 00:31:29 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 295F 18 KB
8 KB 137ms
70ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6a3758c3cc4b3aedb6cb6994359076057d13859bca357a2f13b759bd20beac3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7906
x-xss-protection: 0
server: cafe
etag: 6224851384953612771
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 00:31:29 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame FD97 714 B
770 B 45ms
45ms Document
text/html 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 8153
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7f6d55c34f6bd611-CDG
content-encoding: br
content-type: text/html
date: Tue, 15 Aug 2023 00:31:29 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRRvyapBAjmUZXNunzjEnpWaIIk5f7zyPeG78Ge03GSgvLrvQ%2BS2GBSoeG5ky8j1Zulu8sKmW2r8Pc%2Bv6EphPBI8igi0c22T%2BxVEVVrdd9Vcqf%2BiVb7pzSQ0EOaExq2LAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7458
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

117ms
26ms

Document
text/html

23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Aug 2023 00:31:29 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 15 Aug 2023 00:31:29 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 377ms
126ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 00:31:30 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_1_8/infra/ 889 KB
148 KB 48ms
15ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_1_8/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: ec8d4264d293ecd0a2602ffc58371c658fe25169b2403499b663207088958e64

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1692004706
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: J19VS4R0DPYW6WQ5
age: 54659
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1692004706
x-amz-meta-mode: 33188
content-length: 151030
x-amz-id-2: XEuRTCCLsugvsd+kBxv3fvVhO1w7TSjertzCxv6XZCszdobs/GBFL4ey06KxOlX7Pbr7kuKRmPA=
x-served-by: cache-vie6326-VIE
last-modified: Mon, 14 Aug 2023 09:18:27 GMT
server: AmazonS3-br
x-timer: S1692059490.822814,VS0,VE0
etag: "0c3c25e58c2ab529b7b769cffb97ceb2"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 56482

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_1_8/assets/css/ 60 KB
8 KB 15ms
15ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_1_8/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1692004724
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: J19ZK7KKNBC2H5A9
age: 54658
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1692004724
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: w1qT5VJsH7+BRip0ZDyfpOKwMyYoCvwwJxayL6SQ/tzGpXyjHK6mG5eVEBoX2Kii5VYy/j6aU3E=
x-served-by: cache-vie6340-VIE
last-modified: Mon, 14 Aug 2023 09:18:45 GMT
server: AmazonS3-br
x-timer: S1692059490.790395,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 98900

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame A799 714 B
732 B 42ms
42ms Document
text/html 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 8153
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7f6d55c34f6cd611-CDG
content-encoding: br
content-type: text/html
date: Tue, 15 Aug 2023 00:31:29 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cmQrN%2B7qCPxeICRgYYW4gk6t6o3TjIdBi6JPmoSdoaYOLYefOIfmU8AtJ8s%2FGBXnf6dfE%2BE8s9xsHv9kCgPhje5ysAEqiHbkVCxOGN0c1HsxDioHH7SGHK4X2cJaj36uA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0620
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

92ms
26ms

Document
text/html

23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Aug 2023 00:31:29 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 15 Aug 2023 00:31:29 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 971F 70 B
264 B 161ms
52ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&cmcv=&pix=undefined&cb=1692059489610&uv=3318&tms=1692059489610&abt=id5mc_vB!mxrdvp_vB!mxrdvp_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=afa7cb08-943a-4e3b-ad9a-d04e92a20d0d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 15 Aug 2023 00:31:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 971F 43 B
425 B 442ms
54ms Image
image/gif 54.73.141.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&cmcv=&pix=undefined&cb=1692059489610&uv=3318&tms=1692059489610&abt=id5mc_vB!mxrdvp_vB!mxrdvp_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=afa7cb08-943a-4e3b-ad9a-d04e92a20d0d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.141.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-141-177.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 971F 0
125 B 377ms
30ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 916ms
173ms Fetch
application/json 3.233.156.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.156.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-156-145.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2Evemhvbmcta2UteXVhbi1qaS15aW4tc3UtZmVpLWRhbi16aGVuLXNoZS1xdWFuLXFpdS1zaGVuLW1pLWh1LWd1by1zaGVuLXNoYW4tdHVhbi1kdWktc2hvdS1wdS1ndWFuZy5odG1s.json Show response
cdn.adpushup.com/42753/ 555 B
874 B 405ms
405ms XHR
text/html 2.19.198.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2Evemhvbmcta2UteXVhbi1qaS15aW4tc3UtZmVpLWRhbi16aGVuLXNoZS1xdWFuLXFpdS1zaGVuLW1pLWh1LWd1by1zaGVuLXNoYW4tdHVhbi1kdWktc2hvdS1wdS1ndWFuZy5odG1s.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-153.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: AT
date: Tue, 15 Aug 2023 00:31:30 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=6, origin; dur=371, ak_p; desc="1692059489819_34850453_176050852_37818_1012_11_0_219";dur=1
content-length: 555
expires: Tue, 15 Aug 2023 01:31:30 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6F89 70 B
265 B 121ms
52ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 15 Aug 2023 00:31:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 6F89 43 B
426 B 402ms
53ms Image
image/gif 54.73.141.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.141.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-141-177.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 6F89 0
15 B 339ms
30ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame FD97 83 KB
27 KB 60ms
60ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

d7ac1395ff3fbd8a5de85057eb0d5f7f9c0cd9c925e92dca16fca52a353e6033

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28107
x-xss-protection: 0
server: cafe
etag: 735 / 19584 / 31076971 / config-hash: 14771428451550081825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 00:31:29 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A799 83 KB
27 KB 79ms
78ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

6b1f7e4c2095a6521ffe5a8cc55af268a9e1bfafba51d0f722b260509b0e587d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28108
x-xss-protection: 0
server: cafe
etag: 3 / 19584 / m202308080102 / config-hash: 14771428451550081825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 00:31:29 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 55F0 145 KB
50 KB 51ms
51ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

7a759f620772f6ccd0d601c94ca5dcefee20d73e6c115e6370f1a6d3fe39cc6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50849
x-xss-protection: 0
server: cafe
etag: 13682872572155824770
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 00:31:29 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 295F 145 KB
50 KB 72ms
70ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

f4aa1ba4c304b3a367d194822826e70f0c68b956a500026b5e9c9773668f0314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50848
x-xss-protection: 0
server: cafe
etag: 17401506967187091859
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 00:31:29 GMT

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 19ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_1_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: VIE50-C2
age: 123091
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-vie6340-VIE
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1692059490.962970,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: HTwZxlTSakFPdvc0cDCR9PASMc04sIkVuaGJjIo42iGHTRf8TP49Vw==
x-cache-hits: 9474

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.9/ 446 KB
84 KB 15ms
15ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.9/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_1_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 90dde04650a1735ee60db025411f0dca61a80b2b7ba51d820bc16b082851cc51

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1691830863
date: Tue, 15 Aug 2023 00:31:29 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: VWEDFC75S6X4TB3X
age: 228577
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1691830876
x-amz-meta-mode: 33188
content-length: 85810
x-amz-id-2: HIISKbks/0GDQOf1rkS4jTDR5z0QahSfkOndwg9N8dsy8oy5rUJRYuWGi1LKiXcbu2UwJoVNfZM=
x-served-by: cache-vie6340-VIE
last-modified: Sat, 12 Aug 2023 09:01:17 GMT
server: AmazonS3-br
x-timer: S1692059490.987282,VS0,VE0
etag: "5d1f55363b766942c10885da2baa987d"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 208542

GET
H2 200 sync Show response
am-match.taboola.com/ Frame E173 577 B
671 B 35ms
35ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_1_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: f101c9ac8bdc4aae39c44368a32bcfcdcc38125318d7ef93dfe3883d60a804f1

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Tue, 15 Aug 2023 00:31:30 GMT
machineid: 3407
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 36ms
36ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&cmcv=&pix=31579697&cb=1692059489985&uv=3318&tms=1692059489985&su=3&abt=id5mc_vB!mxrdvp_vB!mxrdvp_vB!nonrv_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
content-length: 0
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 22ms
21ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Tue, 15 Aug 2023 00:31:30 GMT
via: 1.1 218366faeb88f6d265d2589e37ea2dac.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: VIE50-C2
age: 1367696
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-vie6340-VIE
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1692059490.093375,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: bg9T-gv14JSkyVMhukNhGve01LY3p6mSTu9jgy5Lc7cFiv-PrvE9VQ==
x-cache-hits: 603318

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0620 34 KB
10 KB 30ms
29ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 314b0806f5e1df6f4636c6844a2a75e1870128e3dbea79f1dcfd4437e528c953

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 00:31:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Aug 2023 06:03:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=19982
Connection: keep-alive
Content-Length: 10116
Expires: Tue, 15 Aug 2023 06:04:32 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7458 34 KB
10 KB 52ms
29ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 314b0806f5e1df6f4636c6844a2a75e1870128e3dbea79f1dcfd4437e528c953

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 00:31:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Aug 2023 06:03:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=19982
Connection: keep-alive
Content-Length: 10116
Expires: Tue, 15 Aug 2023 06:04:32 GMT

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 2962 495 B
664 B 2420ms
249ms Document
text/html 52.199.26.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.199.26.11 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-26-11.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Tue, 15 Aug 2023 00:31:32 GMT
etag: "64d7c5b1-1ef"
last-modified: Sat, 12 Aug 2023 17:47:29 GMT
server: nginx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 56EB
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

281 B
554 B

59ms
26ms

Document
text/html

23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Aug 2023 00:31:30 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 15 Aug 2023 00:31:30 GMT
location: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server: AkamaiGHost

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E173 70 B
264 B 53ms
52ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 15 Aug 2023 00:31:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0
pr-bh.ybp.yahoo.com/sync/taboola/ Frame E173 43 B
425 B 130ms
54ms Image
image/gif 54.73.141.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.141.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-141-177.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
318 B 117ms
117ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230812-1-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 84
date: Tue, 15 Aug 2023 00:31:30 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 70217
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-vie6340-VIE
pragma: no-cache
server: nginx
x-timer: S1692059490.131189,VS0,VE84
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/ Frame FD97 400 KB
126 KB 34ms
34ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076971

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

238331d3bee21cf334365e5e4f91796e9cc156e3c01c4f0f07cb11a4883158ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:07:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37432
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129196
x-xss-protection: 0
server: cafe
etag: 4052064757744512332
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 13 Aug 2024 14:07:38 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0D51 281 B
554 B 42ms
27ms Document
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Aug 2023 00:31:30 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/ Frame 55F0 372 KB
125 KB 75ms
75ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

20b1b5c2741fe04ce96a46121e8d0375ccc2fbed6956cf345d45fa0cc6f4b91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128451
x-xss-protection: 0
server: cafe
etag: 7391534486009001261
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 00:31:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/ Frame 3646 10 KB
5 KB 33ms
33ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

age: 33902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 15:06:28 GMT
etag: 12368291122986407432
expires: Mon, 28 Aug 2023 15:06:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/ Frame A799 400 KB
126 KB 34ms
34ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

d7e1d11e09ae5619685a66e50267d80bc6b716e2a3d9377b922ead3c32cba527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:59:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55942
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129236
x-xss-protection: 0
server: cafe
etag: 3196626984536983108
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 13 Aug 2024 08:59:08 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/ Frame 295F 372 KB
125 KB 72ms
72ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

43a6bff36f85d56e765f908c4a0f8fca09b0367a915fe88d6497757a8cd41794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128453
x-xss-protection: 0
server: cafe
etag: 6451209616611479784
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 00:31:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0D51 34 KB
10 KB 30ms
30ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 314b0806f5e1df6f4636c6844a2a75e1870128e3dbea79f1dcfd4437e528c953

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 00:31:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Aug 2023 06:03:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=19982
Connection: keep-alive
Content-Length: 10116
Expires: Tue, 15 Aug 2023 06:04:32 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 56EB 34 KB
10 KB 62ms
35ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 314b0806f5e1df6f4636c6844a2a75e1870128e3dbea79f1dcfd4437e528c953

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 00:31:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Aug 2023 06:03:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=19982
Connection: keep-alive
Content-Length: 10116
Expires: Tue, 15 Aug 2023 06:04:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
84 KB 51ms
50ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6dc157791f4dc566c43f95645f27c7f2825ea2b6858dfe506a38f9d504950476

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85275
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 15 Aug 2023 00:31:30 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 420ms
165ms Fetch
application/json 3.233.156.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.156.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-156-145.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0620 284 B
536 B 188ms
47ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 7458 284 B
536 B 233ms
49ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
741 B 15ms
15ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Tue, 15 Aug 2023 00:31:30 GMT
via: 1.1 varnish
x-amz-request-id: FD26D12Y7BK355FT
age: 25461
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ViPQbxvd//l6ZZAdT0W7FeqOO7M2ZDvihd8iXMpSx2rgFjyfVu3JdyZFiwkgF0Pws1fRiv4vTZg=
x-served-by: cache-vie6340-VIE
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1692059490.409427,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 81
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 5322

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0D51 284 B
536 B 195ms
48ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 56EB 284 B
536 B 175ms
46ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FD97 492 B
265 B 75ms
75ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=296930677189803&correlator=3409485971881085&eid=31076971&output=ldjh&gdfp_req=1&vrg=202308090102&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692059490453&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=j21uv9q7cgh4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1908223598.1692059490&ga_sid=1692059490&ga_hid=2125026989&ga_fc=false&dlt=1692059489832&idt=549&adks=64515409

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076971

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a61e749040e4e2b6bcadb0d31c949cce78d5e7673bc10a378c61e14b0dcbf24e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FD97 15 KB
12 KB 53ms
53ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308090102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e245939dddc7f7987c88d8e05aa0db537b2b32be904c9ea2279c1680f10a9231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11758
x-xss-protection: 0

GET
H2 200 container.html Show response
1d2a6d111db70ad87e64951e08d603e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B694 6 KB
3 KB 292ms
41ms Document
text/html 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1d2a6d111db70ad87e64951e08d603e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:31:30 GMT
expires: Wed, 14 Aug 2024 00:31:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 55F0 379 B
597 B 160ms
42ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

435956cc20f8d2c0c16c45d68d81f9bb665079a06081f6151689dbe42cf7f60f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7B71 27 KB
12 KB 743ms
742ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692052290&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692059489858&bpp=306&bdt=615&idt=555&shv=r20230810&mjsv=m202308090102&ptt=5&saldr=sd&correlator=6140857882584&frm=23&ife=1&pv=2&ga_vid=1300152995.1692059491&ga_sid=1692059491&ga_hid=935093570&ga_fc=0&ga_cid=amp-iZkS7Kvz-SXeNsy0JtShLw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1866121332&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076836%2C44795922%2C44799579%2C31076287%2C44796313&oid=2&pvsid=4431497539221961&tmod=2117179710&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l5l2phsan6na&fsb=1&dtd=663

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f233e3a2bcc8aa70a1ab2fe58a3c03453dc77c3fe5974622e9018ae9efd8c4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11850
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:31:31 GMT
expires: Tue, 15 Aug 2023 00:31:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 55F0 15 KB
12 KB 61ms
61ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e7cd9df2d301c9c2ff001a87e52450741f0ed017437fe279d8906cf6ef85cfe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11793
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A799 492 B
264 B 70ms
68ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2177201651626013&correlator=803737178848680&eid=31076475%2C31075591&output=ldjh&gdfp_req=1&vrg=202308080102&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692059490538&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=9qnfxhcia05m&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=Infinity&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=612040175.1692059491&ga_sid=1692059491&ga_hid=1439973557&ga_fc=false&dlt=1692059489834&idt=590&adks=64515409

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

1062ebebe5604507f1bab92a8d0d6d21ffda507c10fad643232a398e9fcf1c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A799 15 KB
12 KB 51ms
51ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308080102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

40d5d08320e1013b43e984348e6f706ab0bec2b79fd3be2265cba9f063cf7245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11852
x-xss-protection: 0

GET
H2 200 container.html Show response
2f8bbd530520db17a8e6f48de5337783.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7642 6 KB
3 KB 129ms
40ms Document
text/html 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2f8bbd530520db17a8e6f48de5337783.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:31:30 GMT
expires: Wed, 14 Aug 2024 00:31:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 41ms
40ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3890&_p=7401&cid=1278352286.1692059491&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692059490&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&dt=%E4%B8%AD%E7%A7%91%E9%99%A2%E3%80%8C%E6%A5%B5%E9%9F%B3%E9%80%9F%E9%A3%9B%E5%BD%88%E3%80%8D%E9%9C%87%E6%87%BE%E5%85%A8%E7%90%83%E3%80%80%E7%A5%9E%E7%A7%98%E3%80%8C%E8%AD%B7%E5%9C%8B%E7%A5%9E%E5%B1%B1%E3%80%8D%E5%9C%98%E9%9A%8A%E9%A6%96%E6%9B%9D%E5%85%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 295F 379 B
318 B 110ms
77ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

d0524f7b107fd5420af413fbc10e0bae429f3cba2400155535e5721aa6b689fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame 191F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=16920...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
870 B

1206ms
46ms

Document
text/html

18.66.122.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-20.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

accept-ranges: bytes
age: 130
content-length: 459
content-type: text/html
date: Tue, 15 Aug 2023 00:29:23 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-cf-id: bsbkKCYyGcU3sljOvw7QRVb_Gu8E3Vz3LDZw-MYvdPMi2X7P7tK_ww==
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:31:30 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 295F 15 KB
11 KB 50ms
50ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a958732cac67104258fb2aed82b025bd19216db479c7c6307629a395ee0beb72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11715
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FD97 17 KB
7 KB 138ms
46ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 00:31:30 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 7458 0
239 B 1205ms
46ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 55F0 17 KB
6 KB 140ms
60ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 00:31:30 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A799 17 KB
6 KB 130ms
56ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 00:31:30 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 295F 17 KB
6 KB 80ms
66ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 00:31:30 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B3BB 13 KB
5 KB 34ms
33ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

accept-ranges: bytes
age: 1777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:01:53 GMT
expires: Wed, 14 Aug 2024 00:01:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9A7E 831 B
1 KB 134ms
43ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f196.1e100.net

Software

GSE /

Resource Hash

7138e463fbe620ae5bb131f0c6a3eaeb0ccc9658618ce2b93bc3f7cd77218581

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D1rBh6ctXspfFZu3VQh1ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 532
content-security-policy: script-src 'report-sample' 'nonce-D1rBh6ctXspfFZu3VQh1ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:31:30 GMT
expires: Tue, 15 Aug 2023 00:31:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D5F4 13 KB
5 KB 39ms
33ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

accept-ranges: bytes
age: 1777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:01:53 GMT
expires: Wed, 14 Aug 2024 00:01:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 84F3 831 B
763 B 120ms
44ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f196.1e100.net

Software

GSE /

Resource Hash

ce1db4c84c99554a1aaf793cb9f0182aeeba84acd1e781666586c01f63d195d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qhEpQtHw8SqFo67YkWwr-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 534
content-security-policy: script-src 'report-sample' 'nonce-qhEpQtHw8SqFo67YkWwr-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:31:30 GMT
expires: Tue, 15 Aug 2023 00:31:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0CD1 13 KB
5 KB 36ms
34ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

accept-ranges: bytes
age: 1777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:01:53 GMT
expires: Wed, 14 Aug 2024 00:01:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5808 831 B
762 B 116ms
43ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f196.1e100.net

Software

GSE /

Resource Hash

4b1287caf91815294aff6b9a3631df84b00f0977e3f8b56fddf1ca37941eaad0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hkxvgK7zBsvpo-yAcOmH-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 533
content-security-policy: script-src 'report-sample' 'nonce-hkxvgK7zBsvpo-yAcOmH-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:31:30 GMT
expires: Tue, 15 Aug 2023 00:31:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 55A9 13 KB
5 KB 34ms
33ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

accept-ranges: bytes
age: 1777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:01:53 GMT
expires: Wed, 14 Aug 2024 00:01:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B338 831 B
756 B 114ms
45ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f196.1e100.net

Software

GSE /

Resource Hash

06ad79b8058b1de4f1a3998b11055e87c561d8d5d3b0dac9d3003a8329bd3fe0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5DfeKbi4Oald570nCFvNow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 532
content-security-policy: script-src 'report-sample' 'nonce-5DfeKbi4Oald570nCFvNow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:31:30 GMT
expires: Tue, 15 Aug 2023 00:31:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame B3BB 37 KB
14 KB 33ms
33ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 07:31:36 GMT

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame D5F4 37 KB
14 KB 34ms
33ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 07:31:36 GMT

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0CD1 37 KB
14 KB 34ms
33ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 07:31:36 GMT

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame 55A9 37 KB
14 KB 33ms
33ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 07:31:36 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 15ms
15ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230812-1-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Tue, 15 Aug 2023 00:31:30 GMT
x-amz-request-id: MQDSNR46H3J20HC9
age: 597
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: w6SwndseRSEXHUr6T/9rVp4xiT1srPcdJYojk5xKePC5DO/aJ4Ic9CuQQx6q63rTWJ+HO3ALZlA=
x-served-by: cache-vie6340-VIE
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1692059491.986075,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 14
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 640

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9A7E 0
0 66ms
66ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308090102&jk=296930677189803&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5808 0
0 67ms
66ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=4431497539221961&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 84F3 0
0 67ms
67ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308080102&jk=2177201651626013&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B338 0
0 66ms
66ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=2770806719754487&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
pips.taboola.com/ 4 B
119 B 22ms
15ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-vie6326-VIE
date: Tue, 15 Aug 2023 00:31:31 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B3BB 0
10 B 33ms
32ms Image
text/plain 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?U0w4Zw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 340ms
107ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=f21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Aug 2023 00:31:31 GMT
cache-control: no-store
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0CD1 0
10 B 33ms
32ms Image
text/plain 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RAt9Gg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D5F4 0
10 B 33ms
33ms Image
text/plain 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?n3rvdQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 55A9 0
10 B 33ms
32ms Image
text/plain 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?L4aW4w
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 323B 624 B
242 B 51ms
48ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGLTJ8eUBMAE&v=APEucNVdnDHkIs5VB2I6oD1UYso9b9FTmtXYMEriB_SpSOjdFu84lpecUDKYdLloIvJ3dEgTO2oO_c_S1L-TZu9KyW7m2cx3FebihvxUEyd71fXEORuXQ7hR-bBJwvYJZGAfc77YyE6MQjOWdNKK8ZMQZS26Zbl6u859pnjnpxIiFcBR2Cl61GM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692052290&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692059489858&bpp=306&bdt=615&idt=555&shv=r20230810&mjsv=m202308090102&ptt=5&saldr=sd&correlator=6140857882584&frm=23&ife=1&pv=2&ga_vid=1300152995.1692059491&ga_sid=1692059491&ga_hid=935093570&ga_fc=0&ga_cid=amp-iZkS7Kvz-SXeNsy0JtShLw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1866121332&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076836%2C44795922%2C44799579%2C31076287%2C44796313&oid=2&pvsid=4431497539221961&tmod=2117179710&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l5l2phsan6na&fsb=1&dtd=663

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692052290&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692059489858&bpp=306&bdt=615&idt=555&shv=r20230810&mjsv=m202308090102&ptt=5&saldr=sd&correlator=6140857882584&frm=23&ife=1&pv=2&ga_vid=1300152995.1692059491&ga_sid=1692059491&ga_hid=935093570&ga_fc=0&ga_cid=amp-iZkS7Kvz-SXeNsy0JtShLw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1866121332&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076836%2C44795922%2C44799579%2C31076287%2C44796313&oid=2&pvsid=4431497539221961&tmod=2117179710&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l5l2phsan6na&fsb=1&dtd=663
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:31:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C579 86 KB
29 KB 48ms
47ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 00:31:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame C579 3 KB
1 KB 35ms
33ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:55:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 19:55:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame C579 20 KB
8 KB 36ms
33ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:34:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35804
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:34:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C579 0
0 43ms
39ms Image
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2UfmEoABct1ERAhGDgysa2Cn1-lWmVUivgseD6pzNNIpbaGxOCL-rSzX6JaYMhPHxnaPX-5xqLOxfMGmacniHwCGp7Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692052290&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692059489858&bpp=306&bdt=615&idt=555&shv=r20230810&mjsv=m202308090102&ptt=5&saldr=sd&correlator=6140857882584&frm=23&ife=1&pv=2&ga_vid=1300152995.1692059491&ga_sid=1692059491&ga_hid=935093570&ga_fc=0&ga_cid=amp-iZkS7Kvz-SXeNsy0JtShLw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1866121332&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076836%2C44795922%2C44799579%2C31076287%2C44796313&oid=2&pvsid=4431497539221961&tmod=2117179710&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l5l2phsan6na&fsb=1&dtd=663
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f196.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C579 180 KB
57 KB 126ms
48ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 00:31:31 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C579 42 B
63 B 68ms
66ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AQm2bo1s0JSjaHwU8YpdxGqfxCKpVabFXf3nAFoo-BMIaa7BPpTeRhFNCusUkqU0Z4DoWTR_eTSbOv_LghoGc2mgzn2yOaBlUwVpEJ1kRKcham238

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C579 0
20 B 70ms
68ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11580585194440062497&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 323B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOxwNN14GRUe4t3s9aJXOs&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOxwNN14GRUe4t3s9aJXOs&google_cver=1&C=1

43 B
766 B

54ms
27ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOxwNN14GRUe4t3s9aJXOs&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGLTJ8eUBMAE&v=APEucNVdnDHkIs5VB2I6oD1UYso9b9FTmtXYMEriB_SpSOjdFu84lpecUDKYdLloIvJ3dEgTO2oO_c_S1L-TZu9KyW7m2cx3FebihvxUEyd71fXEORuXQ7hR-bBJwvYJZGAfc77YyE6MQjOWdNKK8ZMQZS26Zbl6u859pnjnpxIiFcBR2Cl61GM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 00:31:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 00:31:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEJOxwNN14GRUe4t3s9aJXOs&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 323B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNrHZEgACEKBArEQ0AebZAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOxwNN14GRUe4t3s9aJXOs&google_cver=1

43 B
766 B

27ms
27ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOxwNN14GRUe4t3s9aJXOs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGLTJ8eUBMAE&v=APEucNVdnDHkIs5VB2I6oD1UYso9b9FTmtXYMEriB_SpSOjdFu84lpecUDKYdLloIvJ3dEgTO2oO_c_S1L-TZu9KyW7m2cx3FebihvxUEyd71fXEORuXQ7hR-bBJwvYJZGAfc77YyE6MQjOWdNKK8ZMQZS26Zbl6u859pnjnpxIiFcBR2Cl61GM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 00:31:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOxwNN14GRUe4t3s9aJXOs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 323B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKhAWv19MGKENVuLICcMyjo&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKhAWv19MGKENVuLICcMyjo%26google_cver%3D1

43 B
894 B

37ms
36ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKhAWv19MGKENVuLICcMyjo%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaJpaQDEMX5kqYDGLTJ8eUBMAE&v=APEucNVdnDHkIs5VB2I6oD1UYso9b9FTmtXYMEriB_SpSOjdFu84lpecUDKYdLloIvJ3dEgTO2oO_c_S1L-TZu9KyW7m2cx3FebihvxUEyd71fXEORuXQ7hR-bBJwvYJZGAfc77YyE6MQjOWdNKK8ZMQZS26Zbl6u859pnjnpxIiFcBR2Cl61GM

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:32 GMT
an-x-request-uuid: 9f5d2400-a0a0-4a01-8296-136c1452e0fd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 194.35.121.113; 194.35.121.113; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:32 GMT
an-x-request-uuid: 954ef301-ed20-4fa0-8fc2-d25cbde98478
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKhAWv19MGKENVuLICcMyjo%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 194.35.121.113; 194.35.121.113; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 323B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTgwNDAxMDc4MzkwMDY5MTUwNQ%3D%3D

170 B
188 B

45ms
45ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTgwNDAxMDc4MzkwMDY5MTUwNQ%3D%3D

Requested by

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:32 GMT
an-x-request-uuid: 724a35fb-1583-47fa-b0cc-39ee2b22d137
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTgwNDAxMDc4MzkwMDY5MTUwNQ%3D%3D
x-proxy-origin: 194.35.121.113; 194.35.121.113; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C579 0
20 B 67ms
67ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6034085508201&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C579 0
20 B 68ms
67ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6034085508201&version=m202307240101&ct=76&x=1&cor=11580585194440063000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C579 88 KB
37 KB 71ms
70ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CofI38OM1qOf8-OMUCuJUSEMORUO32vj4Jl6YvSqcRjt2BweZOQpEmMEC5FDDtXEu8tf7NZmJtah-ItuD37omgPPAmCg&cry=1&dbm_d=AKAmf-AV15ahDCYUDQWVxl6QUwD0LF-DJM_fzF6YsIUQfy60V5vmFN30jLLURVw6zZ1moAMpMfp4K3Mvi8OvbCIFT5SqmpuFPEi0AXZesuC-v62bMdTfrIuw5NedG0uUI_48LSSeV0bL9PRJt3zSpfV3R-N6L9KMD1uxlhzQSw9iGbI6KpctaDg_chwIneCy-Ix8colaIDtmBHcu9wLWPICc_fChMdMCd9E0Rd76Df249n1_-bO2Br2az6B9WDfJIb3MUJUV40lqT5a8qFBJrnW9SvqljrhcXlk6qFfPpUuX1cYPYo0QmX-9JuPBUrgmXu_MeRcJKw7DqBVZT8Dyx311NtW5TmSLd5UQZNmJvS4cIScizsxGVYahCdjyw6THMkpImEyKW6FSFX7Tn7Rg_2yTL8iZd55Z2qZOdtMU2kvz4WRgQusDiIjPlKdtlJQNN4gAx_fP-Sk_UNL4bAMAJAeyGUdcSuM4syvrngmiOFxGL7zatrWtyxm_zr_AESKAp60gTlq3NVffRg4IxF9tVJMppmz-s0kpix01OPj7HTKCTa5A_IlRva8Me8GAujruaNYgt9mdEPgaUUJHY88DBBEfFuuLRgtXIALwF3ROPg9PfxYR57ugC5d6xigGfVN5twHfUHfFDeXBeS2Nz6b4YyWspR0X0gP33453mCGn_bVii9mNIcgJz6D22Nvafslma6HI0JPSAao3ozVLj7jTICJyKe1rxfJVMJR2T4goCig9FXfeyzKvwjLV5_HWIt-ScM1EMiDsym2rzgBJ42Mra9czemPTRIp2jsY0hiGHESb3EmoTWr0wuBougNdfF935vieTNQkoLOLF2EDTAXXPss_SdvSu0A_c3GpxC9kKubIODp6RM3kTilZpO2-m6HoHMtC3VepO758pAAg4ZEVYbA82jzrdnb8GvQ5PxIABX-3HAFXM7ymYKLPlS7Gkym3PycA9zAiXCDWfwuLx97FnptfokFGCesDd0UABYu35bLmIp2xBBkceuMDP8TiTvkKMqpIQaGhdTnwVKvHsX7Mqxyer0ulHlmVBZ2SG1ehYLdPDAxyXIvzciWR-QwB9xKxUD0k4sF6flTxeW6wUDI3yNL8_4ldGr9BzhEFDnE9aR6LtDJ6NSTQECyr13AaUmFs9FMe9zBQPxlD2MVF_CNv6jJvhomJGaQqVj5-PEB1EcbnTcla3Y2lMRQt-LwHQastqOnGc8lC9BVek9MJSiXdZ5fk_oKU2b2QwUpFFpyhmEmHopcC4D2RgPsP2x3Anq3VrNhM1WYFjlLdF1dvt7gAoD9GUVguO5rgRYpx8nPxvPd1EA1AHi65yG7nLgdmpm-80ysLjd7TsZynbG6zcN8SSGQlCcOoe0wwdIzMufXpv_keO9WT9zZaYVFT5P0wkLruS7LzCG5FwIZCDN2JsgTVmhI3K_JxPuQ5EvFAQCgunt8nJMktjozAJCCDMQGlLU4rg1yusfdNTXO-DV1sjQX00Fo5iHi8tbRyZq5zssKgCosfZMuezTqn9dWFmFDmkN0hlNwXd2z_eNQK_60kT8B44tDSekXiRI6IzR78QK0zyE5BNHI8vBfI-2esrmqBwJQXi-7-dqViZWGHA-wA9rhvE4ymcMwwj6cY5YjXa31aKAK56blPADi9XWeT2EQwJ7j4fPB40XaFgquO9_v8YMeofRbaec9nBnObidLSTc_rM7_e6kLcEofMW6_t1t3ctsDghftRnIJBssuCw0IdyTslCFirgqTTTwtkSoaeq4EPQj-mD2XcONbvceFhuXJ0Huncspwa1WGDqFYylb1TxJOkmHnhVeJ2ZXW6E9DkihvLEn4_5fIbK22HrBXYhbaDqzxQIq8pEmF4zM1xuOEhaI9mvOvxQUMKL4jEaPVPzpYX1sx8U3mS207vOyowIybLEYJ0Wj2wG8_aXEr9Z-kTcgtlJv9-nB2liis6wEWGSu8NWCg6SnX-bmCgLpBb2Gs_l64smICU25nWlB6TDQz-3xOOZPlRTKduFACbpnjzJ5tULL9UqCt1t6aTB3_SZ-DHDFOkhygqW_YYUjBW35zN8GwP7r6-ZfboHya8ydl_K2fk8dQD4bboZW-PPLzVLoAAnpX5m-No6ypZKrfnmTu2fZoNplagC_w6yXQbcXzHoW39aQTQCZqxuZyEyb_uW014Z1fhnHh40PH_L-6yJNy_wR47t0XcKqzbXvWGw13hW5l-Z4PmYOpdHmJZdUScTPunJpIbV0I7IPwi6ghckylqx3QXlWIBy-lAytdeDdvsbjiHIVc3ksKWE1XgVrN7JcCFzq1uDAu1MwzvBm78cER5diP7yNGUlHXj3DKZMKuozzuNjzhN0wo-IKgwTEqMNbe3CzeaDv8eXKtgZ3R-w5uIyouLb13qQOovVpHSRU7dc6wOxrdIIUfHGPcvtkwLY9jyh8fPYzYBdEnD7LMsZWRqDPGR8pSZ1DwtUDFNLLdDvfDuUl2ePiIUjqkthojDhCMGWRmuTqklWdwlm8bD7hej0NWycU94_2lEnD-7j4oHVx4YaEIBkzHdOy9JhbpE7CW7k0ytY6LV7x8dkQ5MVZdl8lfl7U0Jl-rDMftQpH3JQZEnUt-JgaMYBnaMaLaFq8eis6P262oT8sG3yT__KlPs2vrOe4V6LrDejWkZQp3n-zhoeuN-_7eNwjmg49DkLBRs6oDspRq_KHLCgKNYu5MWHQlj-iPCYfkN6lg5TsXOOd1Xpo6IF0HM59siR-yvfYhVpnz1PCFYoOoJijXZpy7C1myqo7pmrE-3_gmz9P1E4CgXTRjtzqNj9p68UrlTgkfebukIi4URqQAhPfXRdhSR5WxwqbJiL8b-4itsMp1m4V6qh5L_xkAjELH2JuAInUfOsfRVVgeDkd6tyAWAfgNplhdEumqdKYcS8WpSrGqzjU5hR6WVFtIv5pzwHQXXxx3o3ICZrWjSc5Hhinh4MZhqqrOzbvuJEQch5SpiDLxVs-lQweEfvuiElIGZxDxp-aYzEMA3efGWlodaHkaTCFNU8d9qQR5f5zAQF4qmfGDB9xAM4SEMfBS04p1orBzdF3qS4TDn5svyJ6Yz1hBLrLEOgs67uEcVzav1eL31QgDu3gic4JE7Br11c4JIpi04YD0Q94_gyphoPDgg4UgKVRBIZdvQKqx-tFwqA9L482kL-N4vCzwSO-WuybaluaDS7u6nEFPw-aD8EIV_kh6owim6uDS4v5tBKkrPwN0x-pIO6W1amEd2jcBinjIVzyorZ88yoyp4DQrfKXQDqGgO_XgJ9Ch8MWx98XZm-BSRGobTLNHk7emNyhO5aoteZk5WHvqkbTqprbPt_SoANUs2RpeYF8CuzCTaEAUZDp2ShufXvdneDYD9FzId1kRWBA_qiY9xBCtdHckjP8-naIAMfQMZi7VdiXme4cw9_Xnvv8PLIS0HsBEpdt08Iu3FXEIqB6C_AMfrnCFQbiQC1umdTn4XObn2luzBnwLGdjOH3gvZTgD1oa4wnkAo78s217EJjWfNbjaz5uOV9VA5j7-eVcwAEcmobK6O2hj-kwEzBWkp8s7eMsrDSmxtYXrZbyWuD7_L-T0D8NgWPe5NFbScvJ2X6Y3kCCLJtpNjJIK5ZBJKoC7xb8pEQPipvM1zE3y2ElTIAaHEvl-QVHf4Goy165S79fuPg-u_PEGLgMfo7t6s2PfuYtF8GAh4N8KeQxvxlMpC-LbZOp4LGJgHd_ZlWJg7Ni4436kAKeyOC25PCFRq6KRs6JQGKySHUCl4hmGesBPn6hrY-EPlMSdajCXQWM_boM21PC7o4669crPE8msdr3uUGqjSolX4CsbUAD1xKXLwNbqUbBC1e4ZsDM2gl&cid=CAQSKQBpAlJWRyyr0TmfeoxKyrCTRxMbMKC2KN-H1nxD0pEf9us8tpoNCns3GAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=11580585194440063000&adk=224573080&idt=51&cac=0&dtd=35

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

bf4962a85a0ee31959de406fb1b5c54780e7a9bf6f1b9c354b899985bd6d39c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692052290&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692059489858&bpp=306&bdt=615&idt=555&shv=r20230810&mjsv=m202308090102&ptt=5&saldr=sd&correlator=6140857882584&frm=23&ife=1&pv=2&ga_vid=1300152995.1692059491&ga_sid=1692059491&ga_hid=935093570&ga_fc=0&ga_cid=amp-iZkS7Kvz-SXeNsy0JtShLw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1866121332&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076836%2C44795922%2C44799579%2C31076287%2C44796313&oid=2&pvsid=4431497539221961&tmod=2117179710&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l5l2phsan6na&fsb=1&dtd=663
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37541
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C579 111 KB
39 KB 146ms
40ms Script
text/javascript 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 18:51:01 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/ Frame C579 11 KB
4 KB 33ms
33ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CofI38OM1qOf8-OMUCuJUSEMORUO32vj4Jl6YvSqcRjt2BweZOQpEmMEC5FDDtXEu8tf7NZmJtah-ItuD37omgPPAmCg&cry=1&dbm_d=AKAmf-AV15ahDCYUDQWVxl6QUwD0LF-DJM_fzF6YsIUQfy60V5vmFN30jLLURVw6zZ1moAMpMfp4K3Mvi8OvbCIFT5SqmpuFPEi0AXZesuC-v62bMdTfrIuw5NedG0uUI_48LSSeV0bL9PRJt3zSpfV3R-N6L9KMD1uxlhzQSw9iGbI6KpctaDg_chwIneCy-Ix8colaIDtmBHcu9wLWPICc_fChMdMCd9E0Rd76Df249n1_-bO2Br2az6B9WDfJIb3MUJUV40lqT5a8qFBJrnW9SvqljrhcXlk6qFfPpUuX1cYPYo0QmX-9JuPBUrgmXu_MeRcJKw7DqBVZT8Dyx311NtW5TmSLd5UQZNmJvS4cIScizsxGVYahCdjyw6THMkpImEyKW6FSFX7Tn7Rg_2yTL8iZd55Z2qZOdtMU2kvz4WRgQusDiIjPlKdtlJQNN4gAx_fP-Sk_UNL4bAMAJAeyGUdcSuM4syvrngmiOFxGL7zatrWtyxm_zr_AESKAp60gTlq3NVffRg4IxF9tVJMppmz-s0kpix01OPj7HTKCTa5A_IlRva8Me8GAujruaNYgt9mdEPgaUUJHY88DBBEfFuuLRgtXIALwF3ROPg9PfxYR57ugC5d6xigGfVN5twHfUHfFDeXBeS2Nz6b4YyWspR0X0gP33453mCGn_bVii9mNIcgJz6D22Nvafslma6HI0JPSAao3ozVLj7jTICJyKe1rxfJVMJR2T4goCig9FXfeyzKvwjLV5_HWIt-ScM1EMiDsym2rzgBJ42Mra9czemPTRIp2jsY0hiGHESb3EmoTWr0wuBougNdfF935vieTNQkoLOLF2EDTAXXPss_SdvSu0A_c3GpxC9kKubIODp6RM3kTilZpO2-m6HoHMtC3VepO758pAAg4ZEVYbA82jzrdnb8GvQ5PxIABX-3HAFXM7ymYKLPlS7Gkym3PycA9zAiXCDWfwuLx97FnptfokFGCesDd0UABYu35bLmIp2xBBkceuMDP8TiTvkKMqpIQaGhdTnwVKvHsX7Mqxyer0ulHlmVBZ2SG1ehYLdPDAxyXIvzciWR-QwB9xKxUD0k4sF6flTxeW6wUDI3yNL8_4ldGr9BzhEFDnE9aR6LtDJ6NSTQECyr13AaUmFs9FMe9zBQPxlD2MVF_CNv6jJvhomJGaQqVj5-PEB1EcbnTcla3Y2lMRQt-LwHQastqOnGc8lC9BVek9MJSiXdZ5fk_oKU2b2QwUpFFpyhmEmHopcC4D2RgPsP2x3Anq3VrNhM1WYFjlLdF1dvt7gAoD9GUVguO5rgRYpx8nPxvPd1EA1AHi65yG7nLgdmpm-80ysLjd7TsZynbG6zcN8SSGQlCcOoe0wwdIzMufXpv_keO9WT9zZaYVFT5P0wkLruS7LzCG5FwIZCDN2JsgTVmhI3K_JxPuQ5EvFAQCgunt8nJMktjozAJCCDMQGlLU4rg1yusfdNTXO-DV1sjQX00Fo5iHi8tbRyZq5zssKgCosfZMuezTqn9dWFmFDmkN0hlNwXd2z_eNQK_60kT8B44tDSekXiRI6IzR78QK0zyE5BNHI8vBfI-2esrmqBwJQXi-7-dqViZWGHA-wA9rhvE4ymcMwwj6cY5YjXa31aKAK56blPADi9XWeT2EQwJ7j4fPB40XaFgquO9_v8YMeofRbaec9nBnObidLSTc_rM7_e6kLcEofMW6_t1t3ctsDghftRnIJBssuCw0IdyTslCFirgqTTTwtkSoaeq4EPQj-mD2XcONbvceFhuXJ0Huncspwa1WGDqFYylb1TxJOkmHnhVeJ2ZXW6E9DkihvLEn4_5fIbK22HrBXYhbaDqzxQIq8pEmF4zM1xuOEhaI9mvOvxQUMKL4jEaPVPzpYX1sx8U3mS207vOyowIybLEYJ0Wj2wG8_aXEr9Z-kTcgtlJv9-nB2liis6wEWGSu8NWCg6SnX-bmCgLpBb2Gs_l64smICU25nWlB6TDQz-3xOOZPlRTKduFACbpnjzJ5tULL9UqCt1t6aTB3_SZ-DHDFOkhygqW_YYUjBW35zN8GwP7r6-ZfboHya8ydl_K2fk8dQD4bboZW-PPLzVLoAAnpX5m-No6ypZKrfnmTu2fZoNplagC_w6yXQbcXzHoW39aQTQCZqxuZyEyb_uW014Z1fhnHh40PH_L-6yJNy_wR47t0XcKqzbXvWGw13hW5l-Z4PmYOpdHmJZdUScTPunJpIbV0I7IPwi6ghckylqx3QXlWIBy-lAytdeDdvsbjiHIVc3ksKWE1XgVrN7JcCFzq1uDAu1MwzvBm78cER5diP7yNGUlHXj3DKZMKuozzuNjzhN0wo-IKgwTEqMNbe3CzeaDv8eXKtgZ3R-w5uIyouLb13qQOovVpHSRU7dc6wOxrdIIUfHGPcvtkwLY9jyh8fPYzYBdEnD7LMsZWRqDPGR8pSZ1DwtUDFNLLdDvfDuUl2ePiIUjqkthojDhCMGWRmuTqklWdwlm8bD7hej0NWycU94_2lEnD-7j4oHVx4YaEIBkzHdOy9JhbpE7CW7k0ytY6LV7x8dkQ5MVZdl8lfl7U0Jl-rDMftQpH3JQZEnUt-JgaMYBnaMaLaFq8eis6P262oT8sG3yT__KlPs2vrOe4V6LrDejWkZQp3n-zhoeuN-_7eNwjmg49DkLBRs6oDspRq_KHLCgKNYu5MWHQlj-iPCYfkN6lg5TsXOOd1Xpo6IF0HM59siR-yvfYhVpnz1PCFYoOoJijXZpy7C1myqo7pmrE-3_gmz9P1E4CgXTRjtzqNj9p68UrlTgkfebukIi4URqQAhPfXRdhSR5WxwqbJiL8b-4itsMp1m4V6qh5L_xkAjELH2JuAInUfOsfRVVgeDkd6tyAWAfgNplhdEumqdKYcS8WpSrGqzjU5hR6WVFtIv5pzwHQXXxx3o3ICZrWjSc5Hhinh4MZhqqrOzbvuJEQch5SpiDLxVs-lQweEfvuiElIGZxDxp-aYzEMA3efGWlodaHkaTCFNU8d9qQR5f5zAQF4qmfGDB9xAM4SEMfBS04p1orBzdF3qS4TDn5svyJ6Yz1hBLrLEOgs67uEcVzav1eL31QgDu3gic4JE7Br11c4JIpi04YD0Q94_gyphoPDgg4UgKVRBIZdvQKqx-tFwqA9L482kL-N4vCzwSO-WuybaluaDS7u6nEFPw-aD8EIV_kh6owim6uDS4v5tBKkrPwN0x-pIO6W1amEd2jcBinjIVzyorZ88yoyp4DQrfKXQDqGgO_XgJ9Ch8MWx98XZm-BSRGobTLNHk7emNyhO5aoteZk5WHvqkbTqprbPt_SoANUs2RpeYF8CuzCTaEAUZDp2ShufXvdneDYD9FzId1kRWBA_qiY9xBCtdHckjP8-naIAMfQMZi7VdiXme4cw9_Xnvv8PLIS0HsBEpdt08Iu3FXEIqB6C_AMfrnCFQbiQC1umdTn4XObn2luzBnwLGdjOH3gvZTgD1oa4wnkAo78s217EJjWfNbjaz5uOV9VA5j7-eVcwAEcmobK6O2hj-kwEzBWkp8s7eMsrDSmxtYXrZbyWuD7_L-T0D8NgWPe5NFbScvJ2X6Y3kCCLJtpNjJIK5ZBJKoC7xb8pEQPipvM1zE3y2ElTIAaHEvl-QVHf4Goy165S79fuPg-u_PEGLgMfo7t6s2PfuYtF8GAh4N8KeQxvxlMpC-LbZOp4LGJgHd_ZlWJg7Ni4436kAKeyOC25PCFRq6KRs6JQGKySHUCl4hmGesBPn6hrY-EPlMSdajCXQWM_boM21PC7o4669crPE8msdr3uUGqjSolX4CsbUAD1xKXLwNbqUbBC1e4ZsDM2gl&cid=CAQSKQBpAlJWRyyr0TmfeoxKyrCTRxMbMKC2KN-H1nxD0pEf9us8tpoNCns3GAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=11580585194440063000&adk=224573080&idt=51&cac=0&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:55:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 19:55:29 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame C579 30 KB
11 KB 33ms
33ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:48:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11540
x-xss-protection: 0
server: cafe
etag: 10407724091878522853
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:48:47 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C579 41 KB
13 KB 33ms
33ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 15:20:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Aug 2024 15:20:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2C4C 1 KB
643 B 34ms
33ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

age: 54144
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:29:07 GMT
etag: 48472445140208031
expires: Tue, 15 Aug 2023 09:29:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C579 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea5a735f7fb0913451464ed7a849efad61ab6a7279cb5024ec9fc97e241679f3

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2C4C 0
104 B 408ms
90ms Image
text/plain 89.207.16.201
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEA8SQS_fKwa_D3IPYlQi-j0&google_cver=1&google_push=AXcoOmQ6nEy_XxihVELP7tXCAwXj-iAhmpCHv6rp2i8UqKqTYIuIB1MLOnoQwfKu5GJ1Bnes35fTBUrAQOJCoXsQq3UbGJv9tDGJkQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692052290&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692059489858&bpp=306&bdt=615&idt=555&shv=r20230810&mjsv=m202308090102&ptt=5&saldr=sd&correlator=6140857882584&frm=23&ife=1&pv=2&ga_vid=1300152995.1692059491&ga_sid=1692059491&ga_hid=935093570&ga_fc=0&ga_cid=amp-iZkS7Kvz-SXeNsy0JtShLw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1866121332&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076836%2C44795922%2C44799579%2C31076287%2C44796313&oid=2&pvsid=4431497539221961&tmod=2117179710&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l5l2phsan6na&fsb=1&dtd=663
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.201 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams04-nessy-float1.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C4C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMfOgjUY6VenfjN5iZvR-g0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMfOgjUY6VenfjN5iZvR-g0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZFo3cDZnaEMxUXZIWTc1&google_gid=CAESEMfOgjUY6VenfjN5iZvR-g0&google_cver=1&google_push=AXcoOmReNgeuBQLo-0Wc4KxV_0RgoLKWXfWV1K193_vgoYV...

170 B
188 B

46ms
45ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZFo3cDZnaEMxUXZIWTc1&google_gid=CAESEMfOgjUY6VenfjN5iZvR-g0&google_cver=1&google_push=AXcoOmReNgeuBQLo-0Wc4KxV_0RgoLKWXfWV1K193_vgoYVShl11Fbkn0fzu0Nnw0ZM4kPv1AdSzqpqkqiuGx5ZoXwZ-cLYuB5muYg

Requested by

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 00:31:31 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0f5e39ca57a5c2bae@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZFo3cDZnaEMxUXZIWTc1&google_gid=CAESEMfOgjUY6VenfjN5iZvR-g0&google_cver=1&google_push=AXcoOmReNgeuBQLo-0Wc4KxV_0RgoLKWXfWV1K193_vgoYVShl11Fbkn0fzu0Nnw0ZM4kPv1AdSzqpqkqiuGx5ZoXwZ-cLYuB5muYg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2C4C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBQdLPZ-KYNbXqRZQ63XimA&google_cver=1&google_push=AXcoOmRDJ_yMbHxgTWLtxV4WcQVkysehXWHpxpPwVtDDfGQf5ABqzIEWsJ8vnxuvIvsmwLdv8EJ7rGbmScOnD2V5rIGEUja937N9lw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B5BA621237C4AA894DFFFDE6997FF80&google_push=AXcoOmRDJ_yMbHxgTWLtxV4WcQVkysehXWHpxpPwVtDDfGQf5ABqzIEWsJ8vnxuvIvsmwLdv8EJ7rGbmScOnD2V...

170 B
243 B

44ms
43ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B5BA621237C4AA894DFFFDE6997FF80&google_push=AXcoOmRDJ_yMbHxgTWLtxV4WcQVkysehXWHpxpPwVtDDfGQf5ABqzIEWsJ8vnxuvIvsmwLdv8EJ7rGbmScOnD2V5rIGEUja937N9lw

Requested by

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 15 Aug 2023 00:31:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B5BA621237C4AA894DFFFDE6997FF80&google_push=AXcoOmRDJ_yMbHxgTWLtxV4WcQVkysehXWHpxpPwVtDDfGQf5ABqzIEWsJ8vnxuvIvsmwLdv8EJ7rGbmScOnD2V5rIGEUja937N9lw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 14 Aug 2023 00:31:31 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 2C4C 43 B
363 B 155ms
46ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT1DXbxBrIkIXevHgUwFjeeQC03zdJp9Ude8OBJCCc1QdNMkLoQflqRKXUYH6GrDbHVYKTvcmPp6_hAW1irCVff_3kk2CyA&google_gid=CAESEDwc7J1DvX2KWQExG_NqYAg&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:31 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 175910
expires: Tue, 15 Aug 2023 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 2C4C 43 B
245 B 3173ms
55ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIKgYvskAIrCnUDaCI-FZ-o&google_cver=1&google_push=AXcoOmTUvpFmROKKwTiz_8wwWGWxvTOnbrm0nLfbQedFLICG0AtrfY8-f1JoWe5EGGW7W5d5k54icPEB_euSgj2oxqT2ql1sRnn6
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692052290&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692059489858&bpp=306&bdt=615&idt=555&shv=r20230810&mjsv=m202308090102&ptt=5&saldr=sd&correlator=6140857882584&frm=23&ife=1&pv=2&ga_vid=1300152995.1692059491&ga_sid=1692059491&ga_hid=935093570&ga_fc=0&ga_cid=amp-iZkS7Kvz-SXeNsy0JtShLw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1866121332&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076836%2C44795922%2C44799579%2C31076287%2C44796313&oid=2&pvsid=4431497539221961&tmod=2117179710&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l5l2phsan6na&fsb=1&dtd=663
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:34 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 2C4C 0
237 B 3174ms
68ms Image
text/plain 13.32.27.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEA6zu3zNWX8NRSqbU_Ewt0I&google_cver=1&google_push=AXcoOmQfanAJJ7sAxAWvJ8ygpl0PZp8iwvZ0RYGKVjN8uT_tdhwCXiUpwgq1X0z4A6xd1jB5misJQ1OW2gldvHEnHR2lwCGHT8hGsQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692052290&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692059489858&bpp=306&bdt=615&idt=555&shv=r20230810&mjsv=m202308090102&ptt=5&saldr=sd&correlator=6140857882584&frm=23&ife=1&pv=2&ga_vid=1300152995.1692059491&ga_sid=1692059491&ga_hid=935093570&ga_fc=0&ga_cid=amp-iZkS7Kvz-SXeNsy0JtShLw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1866121332&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076836%2C44795922%2C44799579%2C31076287%2C44796313&oid=2&pvsid=4431497539221961&tmod=2117179710&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l5l2phsan6na&fsb=1&dtd=663
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-67.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:34 GMT
cache-control: no-cache, must-revalidate
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: IndzBApTEWVfFSOXpz6I7RipAGFvnOszz21MAGj3bHmxEl7E2pZ1ng==
x-cache: Miss from cloudfront

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 2C4C 0
45 B 1238ms
46ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDCczVlbqjzukWNs48mN7zs&google_cver=1&google_push=AXcoOmSfxTfJYSJqeBhEV5R8-TT9tvWUYPFIoDadkWYyOH6TNFITcohGsdTjRNgHiDJxP7bQ53WXOAvYUdpzstNVafBrISa5OFGg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692052290&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692059489858&bpp=306&bdt=615&idt=555&shv=r20230810&mjsv=m202308090102&ptt=5&saldr=sd&correlator=6140857882584&frm=23&ife=1&pv=2&ga_vid=1300152995.1692059491&ga_sid=1692059491&ga_hid=935093570&ga_fc=0&ga_cid=amp-iZkS7Kvz-SXeNsy0JtShLw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1866121332&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076836%2C44795922%2C44799579%2C31076287%2C44796313&oid=2&pvsid=4431497539221961&tmod=2117179710&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l5l2phsan6na&fsb=1&dtd=663
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:32 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2C4C 0
139 B 129ms
40ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JZeMtgysCo-1GWZ_P4xcw1J9rBHKraIGQ09LkRdYrc-_1t6pu4nc5-ciIHdGzeYpN7Alj8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C9D4 22 KB
8 KB 41ms
40ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

accept-ranges: bytes
age: 8011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 22:18:00 GMT
expires: Tue, 13 Aug 2024 22:18:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame C9D4 37 KB
14 KB 33ms
33ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 07:31:36 GMT

GET
H3 200 23_01425_OWE_2304_OP_BSP_MM_704_230405_Display_PA_Saeule_OP_300x250.html Show response
s0.2mdn.net/sadbundle/7685724329878749184/ Frame B39B 7 KB
3 KB 103ms
33ms Document
text/html 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7685724329878749184/23_01425_OWE_2304_OP_BSP_MM_704_230405_Display_PA_Saeule_OP_300x250.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

sffe /

Resource Hash

9c96593001a5d1e8c7a8df1ea32355f737e2ba469556d8c3d5bee65068c8c87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 29327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2618
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 16:22:44 GMT
expires: Tue, 13 Aug 2024 16:22:44 GMT
last-modified: Wed, 05 Apr 2023 06:00:27 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C579 0
0 170ms
78ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssfM9bzy5ld7rgLcshHkgc3AEtNduEbSjuPVfSnPwyndfiIB-eEo_2FIdi_nnAqrykhMWPnYW1_hX6jstoLciR1SkQ4pce-OT30gaHbYz3IM2qjL_qm0OUcH8fCSC2gWlpVH9ZxHW6B-4LiYMwLRng2kUHstKR0Du0CTbv5oOcqiLCAtnQEZoroew-yiprKcJXapx4SJOu4AjAmrdNj8YjsVry2gNqvVB6yyElLMrPS-nZ6KZ1yzs21laCIaS1IAlKt56VwKXJX3PAIiuBkH1KUknGo_AH5OJrxEswgEYHaWUtyoIXHPv_CIfFTVnoJ3Tfa7pxBfYjZTLbpR8hTiBZohVrBsE0chFgFStqpqzw5Nt9bom7ZesiaN9Q7BhiO7CzXZMnI8XaBsOrQIJaSJgQAZWFYxVZFiLDynbnHN1NkfuoPXVBWCg5Bxn7DiSyyVHq6sD_9otdWdgBnW6GHp7zIqptAxGNOPmiO3gZJ3LZjeKP0vLDKCgtMPliG8Xp6Qg7tS4dPSH4B5rSFW1NPgQ1gfPh2kayy4p1AodQDxCt6eqNymvRvr-1ZzySRVxpOPSk9-OtHojHaw5aGnheWa85QbYXfxnYprEtYFE21-xZEtrREz5QJ-fRyuuYNmR8qE6ELwW5qLdxiZ2JtYt02XNNFllOOA4U3i71ojISG0t9WPo0fyQEhQzJVcsLmpuQdCfPdI45-Vmol3xqeg7pNwjDqfjD6p5Vqq9q4Mf76h6qsuSua4jFg5LKRqBdJx1_9L71Mqswu-lQ9uwmcZcbG7931ktTBwYB9OpnyWoZer0o8zcSXg9yUMRUY6smE0RFuYhjn9Dy9SkHuBWAgORzIqOK8yCm7Xajlh85qZLeRdL_XpJ9eo37NZZR2_ouMxg2sXM1AzNjL0xs3xfuf1aCOXNam-DgBz-eGzBUUqURNRaRAy8OMq8BoPoyxJr-u5yAwAfuWncU7piiyu5N8UzHepfDls3e1rGswcON2v7Iu4sEnL2McwP8dG9AaQSeQT6ZQt45GXAB6m8VL9sLaYVPdymmoWJYCfZGuhFVStSKIfWpL8IA7Ioy25P85w-Pl6qxZ8OZep7KuvY8WJwHiPYzg0NnNJRRhFFY9tAPDYC3-j5rQsCM62--mP-Lzt5soTVf0cWwz9rhnU6CVkF3X7YBo6kxVQ37jTPYiL7CGk0wjGngwwehPOpFiOPWeb0d7NV2zhDvDhXeYO8JdZqMCdFS07KN6CdS2ZVY3SYgb0_O5A1fTDnpJQ1BQOVxG1hnTactdD_6v_KBPQB_rSnNBJYu0DIpBwqnjo7ZWyNq_oeSVBMIxBLqnjdzbjZvlY5cWsxXj-FjDMY7xrEuk_Smx67hN&sai=AMfl-YT7vCN6VIlC6CFT3hLuBmoPUAuujc7PfMY3pHyGCPxK5OM18ObazeTGEMXwF-9Qiv1zooq28APmLIezEC6QoG3EtfVWZ181uNqU1LWA3eLg2BhSrW02uVaujsLGhIAjt96KW-6BqpO9uSdnWQG6VYXZbUk-BXTFXph3Z8fdQ1NIePRoS63s8O2d8aoGEk5W_hdIPTbPGTw_&sig=Cg0ArKJSzHk4P2WZt9ABEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=185&cbvp=1&cstd=181&cisv=r20230810.05593&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 15 Aug 2023 00:31:31 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 15 Aug 2023 00:31:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FD97 0
0 70ms
70ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308090102&jk=296930677189803&bg=!d3SldCDNAAaiGN5Pghg7ADkAdvg8WowKQuqYAPXqgj1h7osGkAa4Um-yIssL5qiMIKW0pzN5NEvDuBM2nAMZWHDgCwynFkIuhd0CAAABHFIAAAAKaAEHCgCCytDVQeey7UY6kzERok_kFgNOkZSahdvwkD2lv3c4x41lm5ViYK9le5Zq0Fo6bPpubdcbtdtOEoFGxNKZBEgMnwblli52ByJ-ZqvCAkxdcNRQvCuSjx6z9ZO_6QIps-usub6uuLoX-vWyG8olxn3O4qvSxy482icL3mpMXj8POm3rgZkC3XvsQIxYmH_Iu_B7mb72iKTk_F8PTx0kCiU3bHJLShZ5ipDJUYboUvkHJpYbHdLsxCBf9qtgFI0_UcBH1R_godWKgao5cdeTOLL0G1Q0dvIJWEKZ6zeWXlEOl61WFRdci8Tek3VF3j0dfATlbNw1GjQT1W7AHvd98mjGNVcIjCXwI6XdWsDQRJoUFmHhpn1sTShfpFyBbZ3sPVcjU8YVmHnUFTFZ5-iQNMADv4uHWBK9XxLojNL9jQfE6xMMCdbwZHCn2Y2Nu6PfbnYWM8yc3184BmUiSYObBa-Yb8sC9frZ83H3j837Cy-pTEMfp3DezXbFU9TTdLiq1FvSMevww8lTY3lo13bKsHwv9qyZizTlu3hEtJXBx0TWZiZR90iqgNUtNh_IvfDAc-ilvxdA8MCYfBSsD-OkSpJeRrMR0tuCsM1kZz354D_j9D01xGaV--zD1Q1UYv_7bh9L9ct9s2Ny60VmG-2Gt5wmubyMgYMRZ7JUj2WRe2CAfNK3nM4MZXTVX0q7rvmdBUOCK0VPaHFjySkuY_9ak10OF42fO00RCOmRn7xPcRwwre8EeN30YsP9gZKxi8UzsS7-NxGrg6uV4JgOGXpcFVHSrIp9AAUXb1Ojo9SMHfkym_ND8B2FiJ4Js48aSxnzL0Yha73uLG0VrVS5mSTWuOkF65HbT7MSmDwfdRP73zMpugi2bq794YVll6eDxq4sGZRStfdzFV6x7DPLNYPOApRpsC79riy0smx8n9gE3joOvf1nnVc-IeaJnfhjrrXFDUinLddopjQG0-uSLLtRDHKVwwkk-xYX3WM7TB0ZWgTO5Pc9xj72bueDD9ikRXa0kvtc16mGbESMjl-zkhENqHlx_C6pk9gA5KVbKRIQAtVNWHFlKef0P3qXTqgK1g9ErrIQZwIiH8FreR0Mlqw0clZ5Rsm_0mZaV_JpGumBms1n6ddQ97hqczYV1kTunsJMDQCTnXU
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 55F0 0
0 70ms
69ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=4431497539221961&bg=!uLulu-_NAAaiGN5Pghg7ADkAdvg8WsW0CxnBixqr0VXo8a9so9IClQVvWnl6tQ2Xu1I-BQxRdLCziPYvYOAqVR8p_Xs0b1zL7-wCAAAA9lIAAAAHaAEHmQLQJtOQVzKH-v3TYZ8cxyHVhrtF7lExX2Xv001Yei8E5xdTfDcz8rPi3RVKE-hl1PozyFH_HcpzVeo3Z_mV_G-jqE1jamKgeugpuKKP9RqPNA7648fx31AwzN7naArny_Qefe6B9egEe0F-Dpd7e8qpUFDfDhueUqQpHYhTX97MoDjvkHTUiUn1ZGc2WrQBDYyJmm3qt7uScs6V73NINfY8HP84HX7XUVG7p_eNXY86gvCp8o5UxIonD1knpY8Vz13XTl-xLmW7GRYCYAzKwulcobHTo4UTPOUYLFparJsLV8p_-rnf8cjxkDzAG4dCP-RSvd-l-USRwSBuqBGyEAMJB42ah9N2bPMYvN7wFGOPvmBLBBH7TFlCxKSkVLyNury0iP-MVds-OLAgI7gEMCF9_Y0j7I33_y5re52p4y4WcEzmdXrW85eva0iO_80duTk4zXJtXl7-ONCDCIgjqzzitNIATonk1s7Kn713ilt89pWvwkXY28M_WSuyLUSBgTwsL6jRtdja439g_46FNBitJMDrB0KNZwx85mryx1B-6O8obg9qSWMlu4eYr1Tf8X4JKwFL_eOFs0qMivVZVe0_cJyXYud8OU8v80RkGtsQKDwTKE76VmEu_JeQECLRjmvZ8B36dMiQN3UkNhaoBrxpLWmNLza9QG0aVSPXHvjZJBgQHaqmAPCWJJkvF4CrIc2AufOz1YQcd9w7MDtir-ez_H3RjdPKN057NYdBb42xkayPESbi54AYcDsmfEONa34luGsiv0ycvQJSbuX8wSlo8PUJ6BdGhY8pPQz6qrACmkI_06iLwKkpUiPoMBubb8I2C3WHr4fXE3Ya1bE-LUcRrxieiggfzVPmrGrb2XhWeIIHQixaQzW7lE1AFVnaDTjlYtxLfShjP7znLq3f9n5_DEj5NEnsxgAm16TPDG1aIa22gDuoHT2Qqc2WegcitP9H
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A799 0
0 70ms
69ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308080102&jk=2177201651626013&bg=!_P-l_6vNAAaiGN5Pghg7ADkAdvg8Wv6IxP2aFqwJo95xTJ-FUshhg_TTTSqJ1CfHYmSFLsopZHWRtCIJukw0VQVetgumljEMrHcCAAABGlIAAAAIaAEHCgCaLPoQBIba3MeInVIMxQAYUhZn5W5PPvHVxHMdq-Gq4T1ZtX7AbJQnG2pziIbbvYNUnnuw4Z_UOmNSNHTXLOO3C75gM2s1MHqd82iJw7XZGqyl5huGE_YFCZ0Mywv7br6nhOXU6vIaB4W9Yr4eWu-zJuKBbtKjbnkmRMwvRFxmoZevQMAKezvwG8fMdqDbK9vii4WgHe2M8GRg3JkC1NYd6NOEWBVAf5lMzLdLOUs3GdL3-g8ZoRTKJXY2PCAxMrMCQjoOC8eb-6HcPKANaS2TmK74OL26wFaTj2Om-r2P3xnUnrwIn-fISDIPs2EkOL04Tx4YN0ZD4009t-VgY4_wOCjYdmDULhliIUYavCqcY_-E724SemMZ1nWhDMiJqdUOM1eLzgKlv-jqRaoceNhmv6Ph4C1oD9xrD2MTiMOSiF1IhIgzk6jrZNm0YEaNeTNrJf73lFQD3UXzRwE_csKCpZxdY6ImYtc8mVIElsp-gy7v6nqwx5uZu6J0UfLsCP_sfsZ6QD1Y3DtCPaPq6_zBL2FSkA1Yf7KNphjLADGNAx8SHzbwx3kuZn6CwOVA7LZQ5mG6eFcCVDjKqVUJeiEbtH2PQFNSOHOpIg5zr3CLuYrw79shDBSt-K4UUa0wkVAmslFzfMGWPgyysVCMNeInFezkg1_w3wCiAv-ILMwh83pBtIe0FM8EWDkzMkOl4QtZ0W_WX5lzOKb9tCjJafffO0r3_th6nuo0g3LNssgAora-rXwxHcZvKjLb4QrJiL7S1VzabOziZrQAs4azgQaWXDn6UXJQuLsd6GVRz-gjBUe4AHZzTKOI2R0Yw68amAAJfagYokRD-_ecSrFjl54XfvWukBfPt6-iUg2_nI07IXpD2Yyh1blzmNmQi_76-9x5MHIC3ZLb0X8NgtzjEMYy2Xh8T642AHUirk6OdIMgGn6MJa9V6iNC2a6x586aOqwyFgTXSfzlaZt0cZ75AQRdAvvFAMZIn79AXVu2yXNBlxuWNh3v-9s3IKRdAkjLAjnmVcSHqqJkNspzfoGfXnRK2X8penUCtTHdOXXuwvWinQGeZmPWyDMGN05m_WTnr-7M4XLq_D5cYhY_e2B0leWynSXui4sw_tYjwzsxEDn1BcKdGwc6m591JD_YPVI2RcrG1jLObDk7E8WB1e5cx7DifXQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 295F 0
0 70ms
70ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=2770806719754487&bg=!AgGlAVXNAAaiGN5Pghg7ADkAdvg8WkumMvUq2gmZR7YiEBZVy0vJK1KVLgWCkia3EUszMVCGf8fqK92lXpqm5-R2gWSyMwHBxOcCAAAAx1IAAAAJaAEHmQLP4_Z1-3T_btbgTKS2L-MMR-9c-3gf4BWBRL6Uh5TpTDZTZqDtkE7DrsceLcgMCJbwGeDyOJkqk6l7TuhuGekcUMaMo7tFrsU1Hi84-8wnRYkWHDg3Ner6scAws_AhRLP3Gye5GoA0OcLrp_g2_cutrARRzAghB9wH2zVTVRPMtGIa2-53OekkgsyQa1FOg8Pt6tQGK1kdx2E0VuNUHsxN_BcWTIEANYiHDYdX_Xs3q5KN5KFbNpacKNUQs5YDl8jNGwNU2yL7G3Np4dgwDxSeg7TqbBR0q27XW4OKVL_sJxHD_Aa-abYuQdxK3ytDIEdjx7rQfSqpBGtzwtAcBfFSVlVukQ84DXb0WUZNPDZRLOTBVye2XLrG82PCt_UwVVOhfXXix3L5HLkl0C7p8atUDsTYB3brBbqzkhrnGjTVzSbQVfuzeNZxqi5TzqfHt2lpi7_bYgMdVSVfa-LCa0CHyG1mqaIR5Yvsof1H8A880Z2vs8b0hugyJ0i0PCNe75T3TTLCt8zbt04r9pPrUWtIHxdR0bzqdMqh9zqacecrsMqfc51wCktMk74gHASDIR6cyRxMJwx9m-rLBT_7i8zOkrUDQgQBr3tCVelGoBgzxYhiQqxQAmbmfklJBQRYIIoFLeWsa12DDn58MRQNgI6U1-p3bKTJy82Cw8J6d_qdXjV9Qji7IvZlTRq_-EUZQOyplrc7P1XuGHObm_sq2am1YncqvQAMTCi5HHMsrZ6SznSaN2JctUgIfcrLaj94MWsZQnAo5yWqUWLczF0af5bYpIocTaydfayxeqSG0dhRx7euBAs-mXmIcxu0k013if-QONHqEptMTPEph58Aez4FVOfsE7M6IZLZlY8JWnKs8cT8l6FtrWgSxYo1cUGBxkJxx7JPT1UIGAi9Wt3MPsEAwFYZCLaCfnYHmTR4SlME5-NhZ4kKhbNO3qn4SB4BkQs
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame B39B 236 KB
63 KB 493ms
37ms Script
text/javascript 23.48.23.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7685724329878749184/23_01425_OWE_2304_OP_BSP_MM_704_230405_Display_PA_Saeule_OP_300x250.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.48.23.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:32 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Tue, 15 Aug 2023 00:46:32 GMT

GET
H3 200 23_01425_OWE_2304_OP_BSP_MM_704_230405_Display_PA_Saeule_OP_300x250.js Show response
s0.2mdn.net/sadbundle/7685724329878749184/ Frame B39B 267 KB
49 KB 34ms
33ms Script
application/x-javascript 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7685724329878749184/23_01425_OWE_2304_OP_BSP_MM_704_230405_Display_PA_Saeule_OP_300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7685724329878749184/23_01425_OWE_2304_OP_BSP_MM_704_230405_Display_PA_Saeule_OP_300x250.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

sffe /

Resource Hash

69f4e3a5cd2bb080976bb792d7b898abb39ddd9a6ceeadca2e0c6414ae38014b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7685724329878749184/23_01425_OWE_2304_OP_BSP_MM_704_230405_Display_PA_Saeule_OP_300x250.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545333
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49936
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 06:00:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Aug 2024 17:02:38 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C9D4 0
20 B 70ms
69ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhHHeY8faZLSYGvC39u8P6cassAEAAAAAOAHgBAI&bg=!4eKl4rbNAAaiGN5Pghg7ADkAdvg8Wlv_iVWT86UlDqbYZmkrJoxJFtHNaCdAw3o4dpjrajYUY6-zjIrHAa4ciWColpKmm99l2DECAAAAY1IAAAAJaAEHmQMs9QR59e4e7xD46IFbEI3hnhFum2-dyfoxpXKfR-8ezjzrO5Ag4uIWtKY3ZcP1BV8YRIc_mwWb3NCTqlYu2RudbKM1-ShngVcEV0_IHdNjx-4FzPNlXgMy9emET0MAs37lDNcIRbr41AdKTEJ3X2Nn1mU8zBG7-g2zJOr8E5w1c3hvjkprD0703K8kbKj0OxJTFPzgT0ReVReLyWY-xSZhpoGwj8MaGoCdxhDskfZP3-qmqptC0QHOUpxrk6hAUxqBzncmp7Lr9IpSjnRoUNyF_ukn1ubbW5EllNN3uw6iS97ELZTZ-gKDg2WFp7V3roDATRcDjeGxWU2xKA1-lmPoF3YjnbUhbije4MX5InDqjkZR694WwMB7gIqz0bfIrp_Sh0CEDsOrCD9YJFwBOp3i0davNrvNNsGkS-kVMdBnJZqYQiBbpHi9u1pL6C72FW5fKCmsO3ZZPoIUeagsEeSDHFa7t6u17eajLi7z2auEJgOZLx77pDetsfqvZeNLbdPlKcSNKj4ctq7M4iide1CNTRoL1zK6_FrlChYu-5pjdeQlmDM21ZZEMNMwdUyvESJoHb9ncjb8JGGd1L2Bd4KbAyuh15JxC_Dysxh8peCEttZbxPqCGRqbM1rw1dbh-7Jwba1PqmsTtYnZuhBoQUa36exShMbuoYIwpw7m9ybpNMg-3fwM5p0XrrHkSKoktPfYJeRFhpf8tvAjbupJKsQtQ_qg7XindxFgWkP9lrEUTROn6cxtHSdqdxamkdnaHkzWC9ZBBaj3RM5JDBYwpKkksnjlP97PMAqrWgd7539_dOxNzAoDYOFoc23yJ3sh3hN8xpEs3PGaHswO2uQ9oFyuXnjCV0_-gUQqRJBQwTnoR_YHrlom0C2oLQH7J4T4xUFh9Tx6gkIj8RLGQgO5E1-UbZJOeqCrxJXmq7w0L8pYKdILizE6BA73kPgnfQi4k2un5bNtpO7xQlqCPCNTnC6qmrsZTPT-y0FYZkwmtfgSs7XMKxgc1CQIyF0trbTlkuDD-JFKF9ZVIoBQOCkmuqWw9j_FoqChhrAwx_67X7IIw_eiXubWaAzhzrn2qOE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 191F 31 KB
10 KB 222ms
34ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 06:11:17 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 66015
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Tue, 15 Aug 2023 06:11:17 GMT

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 191F
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

44ms
44ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12850
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7BApQcWFX5jvjHuyN1dSOYUyr%2FHDrfHon%2BzvU9WTlE3ZRMUbQ%2B7Nr77K%2B9vE%2BiCJ7AxmUJwuYJ2NPQWC9u2pZsbqkMS1ODdphpqckydJkR%2BmoSpAzJO9wnsE8Lp7Glbcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f6d55d63f56d611-CDG

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 200 main_pic_300x250.jpg
s0.2mdn.net/sadbundle/7685724329878749184/ Frame B39B 38 KB
38 KB 33ms
33ms Image
image/jpeg 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7685724329878749184/main_pic_300x250.jpg?1680514488712

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

sffe /

Resource Hash

5aeab809679918dd3ff6b0c70c34b3a43e427b95384e54a04a7862711d3ef61d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7685724329878749184/23_01425_OWE_2304_OP_BSP_MM_704_230405_Display_PA_Saeule_OP_300x250.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:55:41 GMT
x-content-type-options: nosniff
age: 574551
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39229
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 06:00:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Aug 2024 08:55:41 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C579 0
0 70ms
70ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssfM9bzy5ld7rgLcshHkgc3AEtNduEbSjuPVfSnPwyndfiIB-eEo_2FIdi_nnAqrykhMWPnYW1_hX6jstoLciR1SkQ4pce-OT30gaHbYz3IM2qjL_qm0OUcH8fCSC2gWlpVH9ZxHW6B-4LiYMwLRng2kUHstKR0Du0CTbv5oOcqiLCAtnQEZoroew-yiprKcJXapx4SJOu4AjAmrdNj8YjsVry2gNqvVB6yyElLMrPS-nZ6KZ1yzs21laCIaS1IAlKt56VwKXJX3PAIiuBkH1KUknGo_AH5OJrxEswgEYHaWUtyoIXHPv_CIfFTVnoJ3Tfa7pxBfYjZTLbpR8hTiBZohVrBsE0chFgFStqpqzw5Nt9bom7ZesiaN9Q7BhiO7CzXZMnI8XaBsOrQIJaSJgQAZWFYxVZFiLDynbnHN1NkfuoPXVBWCg5Bxn7DiSyyVHq6sD_9otdWdgBnW6GHp7zIqptAxGNOPmiO3gZJ3LZjeKP0vLDKCgtMPliG8Xp6Qg7tS4dPSH4B5rSFW1NPgQ1gfPh2kayy4p1AodQDxCt6eqNymvRvr-1ZzySRVxpOPSk9-OtHojHaw5aGnheWa85QbYXfxnYprEtYFE21-xZEtrREz5QJ-fRyuuYNmR8qE6ELwW5qLdxiZ2JtYt02XNNFllOOA4U3i71ojISG0t9WPo0fyQEhQzJVcsLmpuQdCfPdI45-Vmol3xqeg7pNwjDqfjD6p5Vqq9q4Mf76h6qsuSua4jFg5LKRqBdJx1_9L71Mqswu-lQ9uwmcZcbG7931ktTBwYB9OpnyWoZer0o8zcSXg9yUMRUY6smE0RFuYhjn9Dy9SkHuBWAgORzIqOK8yCm7Xajlh85qZLeRdL_XpJ9eo37NZZR2_ouMxg2sXM1AzNjL0xs3xfuf1aCOXNam-DgBz-eGzBUUqURNRaRAy8OMq8BoPoyxJr-u5yAwAfuWncU7piiyu5N8UzHepfDls3e1rGswcON2v7Iu4sEnL2McwP8dG9AaQSeQT6ZQt45GXAB6m8VL9sLaYVPdymmoWJYCfZGuhFVStSKIfWpL8IA7Ioy25P85w-Pl6qxZ8OZep7KuvY8WJwHiPYzg0NnNJRRhFFY9tAPDYC3-j5rQsCM62--mP-Lzt5soTVf0cWwz9rhnU6CVkF3X7YBo6kxVQ37jTPYiL7CGk0wjGngwwehPOpFiOPWeb0d7NV2zhDvDhXeYO8JdZqMCdFS07KN6CdS2ZVY3SYgb0_O5A1fTDnpJQ1BQOVxG1hnTactdD_6v_KBPQB_rSnNBJYu0DIpBwqnjo7ZWyNq_oeSVBMIxBLqnjdzbjZvlY5cWsxXj-FjDMY7xrEuk_Smx67hN&sai=AMfl-YT7vCN6VIlC6CFT3hLuBmoPUAuujc7PfMY3pHyGCPxK5OM18ObazeTGEMXwF-9Qiv1zooq28APmLIezEC6QoG3EtfVWZ181uNqU1LWA3eLg2BhSrW02uVaujsLGhIAjt96KW-6BqpO9uSdnWQG6VYXZbUk-BXTFXph3Z8fdQ1NIePRoS63s8O2d8aoGEk5W_hdIPTbPGTw_&sig=Cg0ArKJSzHk4P2WZt9ABEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=838&vt=11&dtpt=653&dett=3&cstd=181&cisv=r20230810.05593&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Aug 2023 00:31:32 GMT

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 2962 0
268 B 250ms
250ms Script
text/plain 52.199.26.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.199.26.11 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-26-11.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 15 Aug 2023 00:31:32 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

POST VideoBidRequestHandlerServlet
wf.taboola.com/ 0
0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 191F 975 B
748 B 44ms
44ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9076
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FogO0x6ggOMMigxCPAVIm7%2B2Inj8M2Tp%2FaXVbAf3Z9CSjX55CjO0MZOkQqtGUgaFh6w0lwx6qYXxQtqhroMlZudez9N9iT3QyftA1excPAs%2FQpTD9O67RpYA5uGpvRBbnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f6d55d71fbbd611-CDG

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 191F 3 KB
2 KB 419ms
168ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.6900345510310979&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 4b40261c1d5df0df1c26f08c6b09bc4e2ea1d2d00eedbe6306cccd84d7dc3fd5

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:33 GMT
content-encoding: gzip
x-height: 250
x-adstyle: banner
transfer-encoding: chunked
x-sspid: 22955bd6-7ef3-3308-aba8-823eff50e2cb
connection: close
x-width: 300
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://adx.holmesmind.com
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 40ms
40ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=7401&cid=amp-iZkS7Kvz-SXeNsy0JtShLw&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&dr=&dt=%E4%B8%AD%E7%A7%91%E9%99%A2%E3%80%8C%E6%A5%B5%E9%9F%B3%E9%80%9F%E9%A3%9B%E5%BD%88%E3%80%8D%E9%9C%87%E6%87%BE%E5%85%A8%E7%90%83%E3%80%80%E7%A5%9E%E7%A7%98%E3%80%8C%E8%AD%B7%E5%9C%8B%E7%A5%9E%E5%B1%B1%E3%80%8D%E5%9C%98%E9%9A%8A%E9%A6%96%E6%9B%9D%E5%85%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1692059489&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=6429&epn.domain_lookup_time=10&epn.tcp_connect_time=518&epn.redirect_time=0&epn.server_response_time=1155&epn.page_download_time=2&epn.content_download_time=1723&epn.dom_interactive_time=1723
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
119 B 34ms
33ms Image
image/gif 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E4%B8%AD%E7%A7%91%E9%99%A2%E3%80%8C%E6%A5%B5%E9%9F%B3%E9%80%9F%E9%A3%9B%E5%BD%88%E3%80%8D%E9%9C%87%E6%87%BE%E5%85%A8%E7%90%83%E3%80%80%E7%A5%9E%E7%A7%98%E3%80%8C%E8%AD%B7%E5%9C%8B%E7%A5%9E%E5%B1%B1%E3%80%8D%E5%9C%98%E9%9A%8A%E9%A6%96%E6%9B%9D%E5%85%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-iZkS7Kvz-SXeNsy0JtShLw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=6429&dns=10&tcp=518&rrt=0&srt=1155&pdt=2&clt=1723&dit=1723&a=7401&z=0.10062507615855876&gtm=45De1110&t=timing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 14:03:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37701
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 5D2D 128 KB
41 KB 173ms
78ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 16 Aug 2023 00:31:33 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C579 0
22 B 68ms
67ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6034085508201&version=m202307240101&ct=76&x=1&cor=11580585194440063000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C579 42 B
64 B 76ms
76ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbveGZevFsBeOTeFxA8PLUetP1XKtAFz-o-v1ejae9vIOeebsm3JLvuEOJqXt-f3De9vW_7eH6_YkBsvPJKRQafjWjgeHkzCw48UKQ548HS4pzM3_Q8W46crM8jIZNq_8O7p5v7N7PGoTY&sai=AMfl-YQRh8lo0M2BW2QJ8r6Rw-oIv2eqP8kirv6b0vBYwGozChczjBsDnqJri2yvQde-mSNId5Oce8Q6HNMZEyAdf831A-_6SPW53gg&sig=Cg0ArKJSzI6vQ5VguCIyEAE&cid=CAQSKQBpAlJWRyyr0TmfeoxKyrCTRxMbMKC2KN-H1nxD0pEf9us8tpoNCns3GAE&id=lidar2&mcvt=1028&p=0,0,250,300&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20230814&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1587687671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692059491284&rpt=1304&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B556 15 KB
6 KB 50ms
50ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:31:33 GMT
server: Kestrel
server-processing-duration-in-ticks: 296275
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 5D2D 0
197 B 141ms
46ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=52462460596

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://adx.holmesmind.com/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://adx.holmesmind.com
date: Tue, 15 Aug 2023 00:31:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame B556 428 B
556 B 47ms
47ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=adx.holmesmind.com&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3f54aa7584a817cbc0704cc5d0c134c3fdf2b7c328d7c4b742abfe2e034838b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1032729
expires: 0

POST
H2 204 events
bidder.criteo.com/csm/ Frame 5D2D 0
196 B 47ms
47ms Ping
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://adx.holmesmind.com/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://adx.holmesmind.com
date: Tue, 15 Aug 2023 00:31:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 5D2D 43 B
365 B 46ms
46ms Image
image/gif 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 09 Aug 2024 00:31:33 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 5D2D 43 B
365 B 46ms
46ms Image
image/gif 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 09 Aug 2024 00:31:33 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5D2D 83 KB
27 KB 55ms
55ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

3d372494b9b6ae7b3f37940aafc176df909545e5a6c875df15a652ba534fa887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28118
x-xss-protection: 0
server: cafe
etag: 883 / 19584 / 31076972 / config-hash: 14771428451550081825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 00:31:33 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ Frame 5D2D 400 KB
126 KB 33ms
33ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27886
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129087
x-xss-protection: 0
server: cafe
etag: 2193028555055074692
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 13 Aug 2024 16:46:47 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5D2D 27 KB
12 KB 160ms
160ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1977385409059997&correlator=1556999230205802&eid=31076475%2C31076868%2C31076972&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1692059494006&lmt=1692052294&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=phreyvbv6qjq&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=5.33&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=2025556914.1692059494&ga_sid=1692059494&ga_hid=873686983&ga_fc=false&dlt=1692059492964&idt=1013&adks=1911528252

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ea573e1a90b2ce1d1b46303a80da3802dc010232620198119e79f42bb36a5ec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12053
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5D2D 15 KB
12 KB 170ms
170ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308100101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

7fd8a52b47f938cb78dd23a83bb525a20df9fd56ab37ed3471c25f2a27132ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0

GET
H2 200 container.html Show response
c6ace8bddb280d43c21b861d74a4f308.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E4EA 6 KB
3 KB 56ms
41ms Document
text/html 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c6ace8bddb280d43c21b861d74a4f308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:31:34 GMT
expires: Wed, 14 Aug 2024 00:31:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CE2C 0
0 71ms
70ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuoKvHUi5GVXL0wjIxLJ4XPjtbCEV4I0AZenHg1LCAGxeV3vDXO4YxGrXFHn1KNSCTCFOvtuvA3Vup7AOzBULQ7OdmuEEIV7oZ4AzIT6eC65w1CIC5NShLTLUyQ18M1OTJgk4sur9V3A9n9OVi31m5wxLh1ouI8f5JqVUi8wLIslkrqxg0GGEtyrcUrRaCJj_ZaWpW6VT-yCNRZlAfNT1TmpZNsHyrlC7O76iRfecFylWT537Lg8pUMJtllFDRTudHN7s4haXvALZNYZ9QWK55WdP4-9Gl_mQirM1KL16sfMkJPNFfmJt5zV8ftf34iZ5Fp6jKJK0W580aViQ&sai=AMfl-YRlI6LAQQEhNylpjtzjH4hg0OJ7My2DGirqPqh7To13LC5WThaK1ybQ6x0Zjx-e5YNxE9hOVE0vaKTCvhfpX88aMzwOceeUruOruw&sig=Cg0ArKJSzOx8vGuQqAL1EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame CE2C 31 KB
10 KB 36ms
35ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 06:11:17 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 66017
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Tue, 15 Aug 2023 06:11:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE2C 180 KB
56 KB 42ms
41ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 00:31:34 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5D2D 17 KB
6 KB 48ms
48ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 00:31:34 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame CE2C 80 KB
30 KB 91ms
32ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: BZ780CG33QFW5WES
age: 226
x-amz-server-side-encryption: AES256
x-amz-id-2: T2E3Cst/25KZh8rJ2vB5uQx4cEE/UALfaEXlxsiXi+xqhtB7oHfQ8KzytWFIP8c7sHfmhly/Fp4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame CE2C 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5269bb2b4df1357df11b00a3ac9a3b751fc68d9b63f4ccbecd9cf672745ca81a

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E434 13 KB
5 KB 34ms
33ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

accept-ranges: bytes
age: 1781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:01:53 GMT
expires: Wed, 14 Aug 2024 00:01:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 21E7 831 B
555 B 43ms
43ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f196.1e100.net

Software

GSE /

Resource Hash

1b57bdcc256d0c4a6bfdb159b5063d3586943b4b7b0e1e317dfe293eba825d23

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sERinKXXPQOw-yv_T3IEOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 533
content-security-policy: script-src 'report-sample' 'nonce-sERinKXXPQOw-yv_T3IEOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:31:34 GMT
expires: Tue, 15 Aug 2023 00:31:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame E434 37 KB
14 KB 33ms
33ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 07:31:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 21E7 0
0 66ms
66ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308100101&jk=1977385409059997&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame CE2C 290 B
614 B 199ms
74ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Tue, 15 Aug 2023 00:31:34 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 18
x-xss-protection: 1; mode=block
x-request-id: 9e4aac68-4e9f-4cfe-b1fb-0048b8ab248d

GET
H2 200 b
geo.yahoo.com/ Frame CE2C 43 B
366 B 173ms
55ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:34 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E434 0
10 B 33ms
32ms Image
text/plain 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ve4_uQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame CE2C
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

43ms
42ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12853
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfl%2FWrClwqlTDqN818Aj4yi8siAxT3MNAZ2eMhr5E9SqjD12AgaftVRjiwDr1gcgpngMHh%2Faf6%2BN0KP0m8Adryw3JXx%2FHXKxoN4k5wTL%2BPtVeb6EOEgSMTSRCKaWsnFIig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f6d55e3cd52d611-CDG

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5D2D 0
0 69ms
69ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308100101&jk=1977385409059997&bg=!PT6lPmrNAAaiGN5Pghg7ADkAdvg8Wiw84I2BgO0sMgnay1MPHVrlSjT66Fj2QNQ25DppdLJQXvqiNMQ22tkQDLGuiu3UCdYRNg0CAAAAaFIAAAAMaAEHmQMRFY05kIv5g-NYEZ6mMYVJMdC_776lSg1mRmpU1EwTZoOR_UQohGwfUMj_wiKw6h7OZuTxP6hMtdzJc1q_P98kAXyZ8Tg_ctwWFU8tYB5M4twsKQsqIH9ybE-E5hJ34hvYWp05AtEZk_vjSsEfnV8zmS6h65c5IyfhREblpCRD2tyS-q6tw_s5BaKOl60GK4tvlJIz5dS72rLhRYaB2UfqddyZjsPqMXjxaUe7ZHKyyP9lKTOmhVLToU2knrKHXZzqaN8QujwZeVSCCwoYDtfhmcINps4maK9TstHfbr6ClbYo_98NoBK-24rbTLlCNkDZ5vZrzeQ6qJM5_cfmzvtRbHie50rG1Whv6FeESP0VIbCcBqg_Lnn2E4TASlLWBJ4J1oEPoAYGTp52dca_yDGI7lq89ZDU6I86Xnv6bSeFp1GIE-Nw0ietJmgCewx8UeYxgR_Y3bz7o8Jpw1GxCTBnPU4D735HBR4lOWH89Vb0B0LK8cCsQHB-esuz5MX36uAN4mFEGuO-TSykfX3sSZWdZ0j7go_4Zc31c-i_e1h2emWs1ER1C3R8qwlQvyt6_DlIBgqiAAoISPGbPDUfrcBf4EWn38l-6UqUlijUNVw3AUefdgz6SJaX6tKcGjQsM-O5aVZ1h9TdL2uoDj5HG9DUgKyDTbNvfzskEngDBf2oHH4vigTyM0CVJNToa0FCKr_f10XYnc8eO0_zkW37REkVZzq_A5q6lSvsNzL1C-Y4OCMG5Fn6c5O3Zf57IS_VlvPFVS8R35P7kK-2Ve-Iaik1jPkBy44C1cULuE6K5gLHvF_T_lk_VPlz_D89fOCZQQA9ITvg2nlVUKakhX9MH04EJau8bmnwv3rWut-P6lASmTlRSPZ6U03Iy13tJaGNHUSqgxOqwlkxfXc1R_SqXRylTvAmGS8YVlC9tQkUHUFKyMZFDD9eIPp1G5ukc-0lEdyLRgzQjYQIwCToNWuLsFcugCDNR_1kNBuHOBgVnPu1a1gNc93YcU0b2G-AhqmpbcpUeyWFoiWObcZRejXEOgam6I8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame CE2C 975 B
747 B 42ms
42ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9079
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njDDo5OJgd3Y%2B4pQinw9UtemiureiguGzrNRdYaRFD74%2BJLm5Ry4HhnSUMHEDzuWrd1iPx9scWupqjayIhwV%2FKUq85xvfI3493HMdHyCgF1U18JcfYVtssB3LN8wCt%2B89A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f6d55e44d74d611-CDG

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame CE2C 3 KB
2 KB 489ms
238ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.6091285454950737&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5dafdd3411d03066a35df45a14148c4be74233baac96fbb424d2c795680d85d9

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:35 GMT
content-encoding: gzip
x-height: 250
x-adstyle: banner
transfer-encoding: chunked
x-sspid: 22955bd6-7ef3-3308-aba8-823eff50e2cb
connection: close
x-width: 300
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://adx.holmesmind.com
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CE2C 0
0 139ms
72ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuW40CNeB8FXNXb1AbTZa_Av27iCIcvaTHVv8EVoU1LCLa88yhrbaT6nt6JefkTfcb7VdEKyj0HHBZzXS-44fvO7I2kXZE4C2gKADJaqrsWsHeSs9IWwI0-oYq7N1-yaGM-8Zwn934O9sRo4lb3UXuA85IAk07nk86pCL1OvJBGrltqglU2y18HtmPLq4JW7ppntwi0TQAgN0G_mTcHGBPzdS4B9fdJhu_AvjUX-XESG8Hv5zZzLghv2074pbRgjXwf5hlN9fyVqsvS2IFLBaz5XrwLnO4NiZXVuNz75-PgCwK-VNbyU6eah6bPzIwt5L45_rMh5NHwuA5E7KixYg&sai=AMfl-YT3RpfnfyYocgEO5OLcFDdO4xzJc9sDz7vAD8WiWYHzgBmZzLbzaieuii04xDnOQiJdkYe_P1vbr9wFk2-E5YnyHZShBYrmYYxRRw&sig=Cg0ArKJSzI0NPxM9KqIKEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Aug 2023 00:31:35 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame A2AA 128 KB
41 KB 54ms
54ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 16 Aug 2023 00:31:35 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 41ms
41ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3890&_p=7401&cid=1278352286.1692059491&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1692059490&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html&dt=%E4%B8%AD%E7%A7%91%E9%99%A2%E3%80%8C%E6%A5%B5%E9%9F%B3%E9%80%9F%E9%A3%9B%E5%BD%88%E3%80%8D%E9%9C%87%E6%87%BE%E5%85%A8%E7%90%83%E3%80%80%E7%A5%9E%E7%A7%98%E3%80%8C%E8%AD%B7%E5%9C%8B%E7%A5%9E%E5%B1%B1%E3%80%8D%E5%9C%98%E9%9A%8A%E9%A6%96%E6%9B%9D%E5%85%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 5 KB
3 KB 65ms
57ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692059495630&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1539&pt=1557169019&tz=120&viewable=true&ddast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=id5mc_vB!mxrdvp_vB!mxrdvp_vB!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 578de06a60ad6f53fd6b61713d870f95cf970059a0f6cf390599f92574f4d1cb

Request headers

Referer: https://www.bg3.co/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:35 GMT
content-encoding: gzip
server: nginx
machineid: 1428
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
link: <https://ioms.bfmio.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4B7A 15 KB
6 KB 54ms
53ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:31:34 GMT
server: Kestrel
server-processing-duration-in-ticks: 719190
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame A2AA 0
196 B 49ms
49ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&bundle=MwSz3l8xS1JSTDdveiUyRmlyd2slMkZGSERwZHlLSGsxd0o3WXN5bEhjRWNGTVlxekZJM0w5ZzJGeXcwbUdiQThTT1pCQTFzeXMyY2ZPUDVEVXJXJTJCWFdMTjNyelJhN0FaMXZmQ3NkRkNEZDlnZldOZENtczBOSEtsUUY1ejFrUWhVaXhSZEh4WTJ1bXhab1FjYUoyTFBnQnhuJTJCWVN2USUzRCUzRA&cb=28869952355

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://adx.holmesmind.com/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://adx.holmesmind.com
date: Tue, 15 Aug 2023 00:31:34 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 events
bidder.criteo.com/csm/ Frame A2AA 0
196 B 48ms
47ms Ping
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://adx.holmesmind.com/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://adx.holmesmind.com
date: Tue, 15 Aug 2023 00:31:35 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame A2AA 43 B
365 B 48ms
48ms Image
image/gif 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 09 Aug 2024 00:31:35 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame A2AA 43 B
365 B 48ms
48ms Image
image/gif 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 09 Aug 2024 00:31:35 GMT

GET getmu
ioms.bfmio.com/ 0
0

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 4B7A 438 B
555 B 47ms
47ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=adx.holmesmind.com&sn=ChromeSyncframe&so=2&topUrl=www.bg3.co&bundle=MwSz3l8xS1JSTDdveiUyRmlyd2slMkZGSERwZHlLSGsxd0o3WXN5bEhjRWNGTVlxekZJM0w5ZzJGeXcwbUdiQThTT1pCQTFzeXMyY2ZPUDVEVXJXJTJCWFdMTjNyelJhN0FaMXZmQ3NkRkNEZDlnZldOZENtczBOSEtsUUY1ejFrUWhVaXhSZEh4WTJ1bXhab1FjYUoyTFBnQnhuJTJCWVN2USUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b15fdf488f40fa15acee859cc1df188dddf37cf0cf167af19248238accc5a10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 00:31:35 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 689722
expires: 0

GET
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame A2AA 15 KB
0 53ms
53ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Origin: https://adx.holmesmind.com
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50783
x-xss-protection: 0
server: cafe
etag: 10820745625829061110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 00:31:35 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/114a851b14b8dafcf9ba0b31a938a920.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202110/e2f0d1a84304e1280f3c51ea1efd9c71.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/b608a8241f570ceb04b66175411b9d5c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/b3bb1da915c07496d5cd558bfffbb2ec.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/b04f9b1ab7dbc2b41fb0485dc2e97624.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/90a192e6f25b0a3eb4ff43455ad8df63.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/8558b47c047743f37259973ce31fc38f.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/9371db77e8a0e778e19f326e5450ecee.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/363b8cbc522b0c4d175797c69a04941a.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/05be435b2c7412574cd875de8a3cbf11.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/14e2747a14fecf1b3cc2deea54176df5.jpg?w=150&h=100&q=100

Domain: wf.taboola.com
URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692059492630&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1539&pt=1557169019&tz=120&viewable=true&ddast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=id5mc_vB!mxrdvp_vB!mxrdvp_vB!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3

Domain: ioms.bfmio.com
URL: https://ioms.bfmio.com/getmu?aid=bce3140f-08da-4881-e9f1-5dd3e036a4ca&output=html5&width=700&height=393&v=1&pageurl=https%3A%2F%2Fwww.bg3.co&i_type=out&stream=out&playback=2&cb=R0.1692059495702&us_privacy=1---

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bg3.co/	1970-01-20 22:46:35	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Df21e9fe5-3549-4f89-a4d2-dbd49f631458-tuctbd44ce0
.quantserve.com/	1970-01-20 23:31:13	Name: mc Value: 64dac761-4d04b-d6d3d-f3dae
.bg3.co/	1970-01-20 23:25:28	Name: __qca Value: P0-612863681-1692059488914
.www.bg3.co/	1970-01-20 14:44:11	Name: _im_vid Value: 01H7V9NNARAS213SZ5PDGKG555
.aralego.com/	1970-01-20 22:46:35	Name: sspid Value: 22955bd6-7ef3-3308-aba8-823eff50e2cb
.aralego.com/	1970-01-20 22:46:35	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 22:46:35	Name: gdpr Value: 1
.bg3.co/	1970-01-20 23:36:59	Name: _ga Value: GA1.1.1278352286.1692059491
.bg3.co/	1970-01-20 23:36:59	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1692059490.1.0.1692059490.0.0.0
.bg3.co/	1970-01-20 23:22:35	Name: __gads Value: ID=d125717748235d69-224acd1b50de00ef:T=1692059490:RT=1692059490:S=ALNI_Mazi5WPU3JkCyP-unRUJGzcL5WYBQ
.bg3.co/	1970-01-20 23:22:35	Name: __gpi Value: UID=00000c608bfe0a62:T=1692059490:RT=1692059490:S=ALNI_MZQTVuQ0tHkLAHCULmJY1PMc4xWxw
.doubleclick.net/	1970-01-20 23:22:35	Name: IDE Value: AHWqTUk6VMR_IYDVS0qVoc8ZE3JsiPERQamt1MSWtu35r37nVOzcR89DQDULdL_1XzU
.simpli.fi/	1970-01-20 22:48:01	Name: suid Value: 8B5BA621237C4AA894DFFFDE6997FF80
.w55c.net/	1970-01-20 23:32:40	Name: wfivefivec Value: dZ7p6ghC1QvHY75
.w55c.net/	1970-01-20 14:44:11	Name: matchgoogle Value: 5
.adnxs.com/	1970-01-20 16:10:35	Name: uuid2 Value: 1804010783900691505
.casalemedia.com/	1970-01-20 16:10:35	Name: CMPS Value: 1157
.casalemedia.com/	1970-01-20 16:10:35	Name: CMPRO Value: 1157
.adnxs.com/	1970-01-20 16:10:35	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>2rc=Ee!]tbPl1M>e)ZlrFUfJ+tGXxoeP4BMwXw#x+a$[p@[O6wz_B]?Xc?/wLkC?jqbpRzqF1`b_yx6=LY
.casalemedia.com/	1970-01-20 22:46:35	Name: CMID Value: ZNrHZEgACEKBArEQ0AebZQAA
.criteo.com/	1970-01-20 23:22:35	Name: uid Value: 4b88df45-712a-42e3-ac24-143161afecc3

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202105/114a851b14b8dafcf9ba0b31a938a920.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/90a192e6f25b0a3eb4ff43455ad8df63.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202110/e2f0d1a84304e1280f3c51ea1efd9c71.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/b3bb1da915c07496d5cd558bfffbb2ec.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/b608a8241f570ceb04b66175411b9d5c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/b04f9b1ab7dbc2b41fb0485dc2e97624.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/8558b47c047743f37259973ce31fc38f.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/9371db77e8a0e778e19f326e5450ecee.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/05be435b2c7412574cd875de8a3cbf11.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/363b8cbc522b0c4d175797c69a04941a.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/14e2747a14fecf1b3cc2deea54176df5.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2Evemhvbmcta2UteXVhbi1qaS15aW4tc3UtZmVpLWRhbi16aGVuLXNoZS1xdWFuLXFpdS1zaGVuLW1pLWh1LWd1by1zaGVuLXNoYW4tdHVhbi1kdWktc2hvdS1wdS1ndWFuZy5odG1s.json Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.bg3.co/a/zhong-ke-yuan-ji-yin-su-fei-dan-zhen-she-quan-qiu-shen-mi-hu-guo-shen-shan-tuan-dui-shou-pu-guang.html Message: Access to XMLHttpRequest at 'https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692059492630&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1539&pt=1557169019&tz=120&viewable=true&ddast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=id5mc_vB!mxrdvp_vB!mxrdvp_vB!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3' from origin 'https://www.bg3.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692059492630&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1539&pt=1557169019&tz=120&viewable=true&ddast=V8bekCLAYEz7oqAxeTvRMInnVVBi4mey8AAABgYID-AEnYHL6NxTBcK0ebhVu08kzcCpNz4RYZRivnZGEZjAwjIyAJm8O3sRiGa-Vos3CLVp6JW2FyLtwiw2jlnCwsg5FhZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv80qPf7nNrXW7l62F3S51u5dPu1rzeMpfTLXLY3dKjy-7WHF1uxethdyuerrfm6LK71U630PXWuf5uzdFld2uODrtb9HrY3SLX0605-l1vweutcz3sPrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQANHAzs6bLbHf4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxC_Ce6f3mtnJCIFlEUYAQAAABAeyYs7MkknqFhU-f__77cCcAUAICDRXjOaO4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aISArhXSBAnWD6v5BQQAWPMLCADARt0AALwJgBN0AmB1AmJ2AAAAAO78____6wHB1WjlmY0choVvslssbCbHbGQbbSwT02LichlH27N4s6DXgGlf0WdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGLIuVc-ZyrTWr0XItmhmXa4VpZFmLLCbTcmbbLEar4Vr0-pguJtNo4zJskWBA4F4kT4t0IltYbKvlcrAwGYfLzWKwGrlGm5XLMZpNRhaHwzURSzQni3Qiu-yLq9HKMxs5DAvfZLdY2EyO2cg22lgmpsXE5TKO9jXLYuWcuVxrzWq0XItmxuVaYRpZ1iKLybSc2TaL0Wq4Fr0-povJNNq4DPvGbDkZrJaj4XDfmC0ng9VyNBzuO3SG7-pzNirLKsnH5zJtu03NzWlQuAwW70S9Gt6OkoNfWjU6fV6PsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_06Lf73FqXW_l62N1Sp1v5tLs1r7fM5XSLHHa39OiyuzVHl1vxetjdiqfrrTm67G610y10vXWuv1tzdNndmqPD7ha9Hna3yPV0a45-11vweutcD7vPLjS9zRaxRHC6SCeil_F0Uf-RQyxHc81qrpgs5orFZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28BOXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMNsPV_gGoEGu1Wt1urNVqBSSI3WAzgf____8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=id5mc_vB!mxrdvp_vB!mxrdvp_vB!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d2a6d111db70ad87e64951e08d603e1.safeframe.googlesyndication.com
2f8bbd530520db17a8e6f48de5337783.safeframe.googlesyndication.com
ad.sitemaji.com
ads.aralego.com
ads.yap.yahoo.com
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
audiencedata.im-apps.net
bidder.criteo.com
c6ace8bddb280d43c21b861d74a4f308.safeframe.googlesyndication.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
code.createjs.com
code.jquery.com
d-42705650723265878878.ampproject.net
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
dmp.im-apps.net
dsum-sec.casalemedia.com
e3.adpushup.com
eus.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
geo.yahoo.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
http-intake.logs.datadoghq.com
ib.adnxs.com
il-trc-events.taboola.com
images.taboola.com
imprammp.taboola.com
ioms.bfmio.com
l.logly.co.jp
match.adsrvr.org
nt.compass-fit.jp
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.yimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.bg3.co
static.criteo.net
stats.g.doubleclick.net
sync.aralego.com
sync.logly.co.jp
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
ioms.bfmio.com
static.bg3.co
wf.taboola.com
103.231.174.251
104.26.4.103
108.138.7.20
13.32.27.67
141.226.224.32
141.226.228.48
142.250.184.194
142.250.184.226
142.250.185.161
142.250.185.168
142.250.185.193
142.250.185.226
142.250.185.66
142.250.186.131
142.250.186.174
142.250.186.65
142.250.186.98
151.101.1.44
151.101.129.44
162.210.196.208
172.217.16.134
172.217.16.196
172.217.18.2
172.64.203.13
173.194.76.155
178.250.1.11
178.250.1.3
178.250.1.8
178.250.1.9
18.66.122.20
18.66.97.31
185.106.33.48
185.80.39.216
185.86.139.93
188.125.72.139
192.96.203.13
2.19.198.153
2.19.198.155
216.239.34.36
216.239.36.178
216.58.206.34
216.58.212.170
23.35.229.251
23.36.163.114
23.48.23.26
23.56.202.187
23.97.225.52
3.122.199.127
3.233.156.145
3.71.149.231
34.120.96.193
35.186.215.140
35.204.158.49
35.227.252.103
35.71.131.137
37.252.171.21
52.199.26.11
52.68.201.121
54.73.141.177
69.16.175.42
69.173.144.165
87.248.100.137
87.248.119.251
89.207.16.201
91.228.74.168
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
02c51e67fd6afc3bb9fd2ad77595cf343f13236953af86903842e676d0de7af0
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
068619b9084242ce2ca2d3bab3e7a2d02911acce318eb05ac257e0f545c241a2
06ad79b8058b1de4f1a3998b11055e87c561d8d5d3b0dac9d3003a8329bd3fe0
073c21f2734315dd21e09dde4158559fb419819a00a266f55b14adfdf2b4b64b
09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0a03255341bf468803f18b8a1c048b3096c36c88854438ecd48a7a193c4fd2fc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
1062ebebe5604507f1bab92a8d0d6d21ffda507c10fad643232a398e9fcf1c1d
114792c3e764192ab8250ef71b0783010b1b03fa3f87649082f1c2ba73afa779
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
15dc488dbd3a40f3ae3d672fcfa67eda5a6d081ae370e6eaa15ddd0ea09a8adc
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1813f105155200dd13b25d998b729014be3dd3dd6f7e292aad7d7c2deef00b92
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1b2100788a1e63768bcd5ab4f5e4862b7d883c847d829d67e5d88eeb8aee3128
1b57bdcc256d0c4a6bfdb159b5063d3586943b4b7b0e1e317dfe293eba825d23
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1cd490ea0ef13d3034af3a721ba81f0a9b85555947bcd08caa0f2611c45c6f56
20b1b5c2741fe04ce96a46121e8d0375ccc2fbed6956cf345d45fa0cc6f4b91e
238331d3bee21cf334365e5e4f91796e9cc156e3c01c4f0f07cb11a4883158ba
238ecfcae2bb6a2160d4ee2a54328093b0c056d144e0c397c13526382d411d89
2540712725a490b3478d193f3c2415c2ff66877e5432e47f6329c1e63d50fd47
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2de91230316231eaabfcef4dd253e3a83178cd00649065e2386466286ee6061d
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
314b0806f5e1df6f4636c6844a2a75e1870128e3dbea79f1dcfd4437e528c953
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a276faf7ecb07e9cfc5f53e0b306d515b0b4fd08ddc3e0c231965755269a7b2
3d372494b9b6ae7b3f37940aafc176df909545e5a6c875df15a652ba534fa887
3e1f391a300a8bbc18065070baddfa2ad8bbf432e3cdf41a42948759c9b3b60b
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f54aa7584a817cbc0704cc5d0c134c3fdf2b7c328d7c4b742abfe2e034838b0
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407649409da84d21705ad1e3a847c527e7a76f0cb3086f5c65cfc9b4e8326755
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
40d5d08320e1013b43e984348e6f706ab0bec2b79fd3be2265cba9f063cf7245
4145979c2eb88c690be416fd02d3e1eaaa15a5badf9d330ff964c5a15409b355
4268e99119731957bddfac51401d40f6d9bce3ff5c1f865ffa277d995d052bae
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
435956cc20f8d2c0c16c45d68d81f9bb665079a06081f6151689dbe42cf7f60f
43a6bff36f85d56e765f908c4a0f8fca09b0367a915fe88d6497757a8cd41794
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b1287caf91815294aff6b9a3631df84b00f0977e3f8b56fddf1ca37941eaad0
4b40261c1d5df0df1c26f08c6b09bc4e2ea1d2d00eedbe6306cccd84d7dc3fd5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec8b20f3d2d901f74d7a40a7975de4fd159afe925c9068ea88008a1cbb72665
4f43b4cd67457f0b42a05ba618d6111a99127eb413023700e17dd03f202d3db1
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5269bb2b4df1357df11b00a3ac9a3b751fc68d9b63f4ccbecd9cf672745ca81a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719b4410443cb1a5fc08f400426f7b671017f4aa8a293271fcdd07294f84854
578de06a60ad6f53fd6b61713d870f95cf970059a0f6cf390599f92574f4d1cb
59e415ebd0d3e2ab61a9b209889956069b95db9039392ac2249e565acaf4f1c2
59ec623617cb9b008282077c49a57c3387e84b181deb844efa5ffcf1db4909a4
5aeab809679918dd3ff6b0c70c34b3a43e427b95384e54a04a7862711d3ef61d
5dafdd3411d03066a35df45a14148c4be74233baac96fbb424d2c795680d85d9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
69f4e3a5cd2bb080976bb792d7b898abb39ddd9a6ceeadca2e0c6414ae38014b
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a3758c3cc4b3aedb6cb6994359076057d13859bca357a2f13b759bd20beac3f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1f7e4c2095a6521ffe5a8cc55af268a9e1bfafba51d0f722b260509b0e587d
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6dc157791f4dc566c43f95645f27c7f2825ea2b6858dfe506a38f9d504950476
7138e463fbe620ae5bb131f0c6a3eaeb0ccc9658618ce2b93bc3f7cd77218581
723df3c7d7a3d796cd19b2d214c09340b55cf08e08d26cdf29848731527239ce
7a759f620772f6ccd0d601c94ca5dcefee20d73e6c115e6370f1a6d3fe39cc6c
7c55bce89254a14411918123e019539265932d6b46f60fa1c51b17f66e6e2773
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
7de9c7286d754d533c3c4c185fa8d27745a8e08bdec755b4d623fbdefbbb399d
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7fd8a52b47f938cb78dd23a83bb525a20df9fd56ab37ed3471c25f2a27132ee8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88f333c1d41d37b882b6de2340118e5a38070bbd23c4f7e9aa5176add5dc52af
8adb21eb9da22c7bcaae3a07eeca836037e57d4047e574581bc7b6457fae73ff
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90dde04650a1735ee60db025411f0dca61a80b2b7ba51d820bc16b082851cc51
934e7afc3bf0992685646d136147be5edac19d1ed31557559ef134693c5c2900
9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
992a727ee2e6c7e6c7157a01f90c8b3fe5260df5a0353de9ca6af3fb8234110e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c02151877c4257995f9d29a43f8c9fc193fbacd13b7b3248b9d72f4d39a8733
9c96593001a5d1e8c7a8df1ea32355f737e2ba469556d8c3d5bee65068c8c87d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ffe5f229d338604f67ac27145be983cdb0e74170145052ca982a1054a8a82dc
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a138d7b02edf2ec9de73d7dcb7ff659b168a4bc524d08758bc6bd90e52b682d1
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a61e749040e4e2b6bcadb0d31c949cce78d5e7673bc10a378c61e14b0dcbf24e
a7eb1447ae8fbeff087958d608790a15346e47e823a392f37f1686402bcd72e0
a82bb12fedc01a586aee4bedfdde088d5ad1a33c5b72ad1c5f8fe9c30eb4387b
a958732cac67104258fb2aed82b025bd19216db479c7c6307629a395ee0beb72
add8cc21e392a94221faeaf1bcf60049f411b205d2e6d37af0912b8221a6ebc8
b1251965e0cdfb818fa65720b8a1cadb9518c2962b0c97724e1ec8569e53ba28
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15fdf488f40fa15acee859cc1df188dddf37cf0cf167af19248238accc5a10f
b60c95edd9b60e895161e8724262e8944b94a92854af64e46aa1428636a64b7f
b8d20ccf593b049aa3489da4c021d3b4b485e82e06a4cc0ed1337d08aa765987
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc43b92cd0ed6495cde2ac0f17ee1c4ac5980993148104c083a0c675f917b803
bf4962a85a0ee31959de406fb1b5c54780e7a9bf6f1b9c354b899985bd6d39c2
c723fa3b6f5a7da563cac98f3c973782a216c55c2e0b0f6af708790124c90c83
c97ce4c375c14bce379d1ec02180b849aecae192bb57a5b0ed7ac110c15b70fa
ce1db4c84c99554a1aaf793cb9f0182aeeba84acd1e781666586c01f63d195d0
cf3fd4e9d345d1bd18f3d2aeb3fb1b2f153dfd9904feb6b20e3edf0dc6125274
d0524f7b107fd5420af413fbc10e0bae429f3cba2400155535e5721aa6b689fa
d12ec20630ab22ec93b4a6283ba696b71a96817f47506d4a044879fa8eb50df8
d13b2dda41ceb6ea09bf438dd060219a325e7577c5db9039e0234b03c4f81c3e
d462be35c61b5311a42bc6402e6e64e6e54a7c542963e1f448f10e480ea87cf9
d7ac1395ff3fbd8a5de85057eb0d5f7f9c0cd9c925e92dca16fca52a353e6033
d7e1d11e09ae5619685a66e50267d80bc6b716e2a3d9377b922ead3c32cba527
da45ef32883906bc1a133e0f428131d8ebca6e802de09105a9633657166bdaa9
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e245939dddc7f7987c88d8e05aa0db537b2b32be904c9ea2279c1680f10a9231
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42f631fa6ad45718527c4b28c26832a12301246ce3892510b43fe9eaa837cbd
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e7cd9df2d301c9c2ff001a87e52450741f0ed017437fe279d8906cf6ef85cfe9
ea573e1a90b2ce1d1b46303a80da3802dc010232620198119e79f42bb36a5ec0
ea5a735f7fb0913451464ed7a849efad61ab6a7279cb5024ec9fc97e241679f3
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
ec8d4264d293ecd0a2602ffc58371c658fe25169b2403499b663207088958e64
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f101c9ac8bdc4aae39c44368a32bcfcdcc38125318d7ef93dfe3883d60a804f1
f233e3a2bcc8aa70a1ab2fe58a3c03453dc77c3fe5974622e9018ae9efd8c4e0
f4aa1ba4c304b3a367d194822826e70f0c68b956a500026b5e9c9773668f0314
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.bg3.co Open in urlscan Pro 103.231.174.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

286 Requests

92 %HTTPS

0 %IPv6

43 Domains

80 Subdomains

63 IPs

10 Countries

4054 kBTransfer

11897 kBSize

21 Cookies

18 Outgoing links

Redirected requests

286 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Screenshot
Live screenshot

Full Image

286
Requests

92 %
HTTPS

0 %
IPv6

43
Domains

80
Subdomains

63
IPs

10
Countries

4054 kB
Transfer

11897 kB
Size

21
Cookies

286 HTTP transactions
3 data transactions