www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

URL: https://intouch.wunderweib.de/michelle-hunziker-von-frueher-bis-heute-so-sehr-hat-sie-sich-veraendert-113494.html
Title: InTouch

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

URL: https://2mbxk5.llsdzktnxwnnr.com/
Title: Außensauna | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

URL: https://intouch.wunderweib.de/charlene-von-monaco-ihre-verwandlung-von-frueher-bis-heute-113992.html
Title: InTouch

URL: https://ecohouses-ch.com/
Title: Ökohäuser | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ri=e53c032a950bacf247d55171a7495018&sd=v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831951_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&it=text&ii=~~V1~~2675586259779403774~~0BIqOhok0Gk5jaWU4dEqoenK2ybER6wNVRNMkqyT1C4e79Ni-eBnd8iQ4KmvvX-QCoTT_IvWFG7RTbSa_z-XXnMfYswGd-ksPnaRNZN-tYxYMqbQHGBqMFEZM9daPMerKbpz6f2_8QqdQlZQhxHEtDIasC_tBEqckS0TMPB2uIdRQh2D2cEFoulXreODML14mkieiAyctcjN_vhIsNyTpA&pt=text&li=rbox-t2v&sig=389438250d7d6baf04e5bd68c39d7ed75f2f850aee69&redir=https%3A%2F%2Fecohouses-ch.com%3Fsub1%3D25987440---delimjuwe---3705879347%26sub2%3D1524057---delimjuwe---palmate-bg3co%26sub3%3Dtaboola-GiDbENavZ4XGhSlCVegd8g2MmVNMBSN4rBIxDtcBI-3nCSD_tF8ozrjRhJT2ofQF%26network%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DUnverkaufte%2B%25C3%2596ko-H%25C3%25A4user%2Bin%2BLes%2BAcacias%2B%2528Sehen%2BSie%2Bsich%2Bdie%2BPreise%2Ban%2529%23tblciGiDbENavZ4XGhSlCVegd8g2MmVNMBSN4rBIxDtcBI-3nCSD_tF8ozrjRhJT2ofQF&vi=1693831951831&p=ajaskagmbh-search-sedo-ecohouses-sc&r=40&tvi48=10638&tvi50=12238&lti=deflated&ppb=CDI&cpb=EhIyMDIzMDkwMy02LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDIzNDiApJqXDECy0A1IvogQUIGh3QNY____________AWMI0DcQjlMYMGRjCLNGEM5fGDJkYwjXFhDVHxgjZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCeHBgYZGMI7wMQiwcYCWRjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAHJgoxJkAEcmAG_7IGCpjE&cta=true
Title: Weiterlesen

URL: https://www.tippsundtricks.co/hausundgarten/unkraut-entfernen-mit-diesem-trick-dauert-es-nicht-mehr-lange-super-praktisch/
Title: Tipps Und Tricks

URL: https://www.lecker.de/was-soll-ich-kochen-rezepte-fuer-jeden-tag-59372.html
Title: Lecker.de

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ri=9ea9667cc61ad22156ee5874b228c606&sd=v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831951_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&it=text&ii=~~V1~~6525076643348350659~~hvMPaLXWg60Eu_oTbP4Jp4OsS-sUrg41Gynb3QmInOse79Ni-eBnd8iQ4KmvvX-QPtVvJT2oZsUKTcbUlOwtfGXWZV3gOZpR_PkTZtyD6SdYMqbQHGBqMFEZM9daPMerQduf2w6go7zdIO7EDypQ9LmanRa8F34mo1Vlf7kRxXBRQh2D2cEFoulXreODML14o2q2cNWZ8qU8Pfnjl1rReo6zhr_uog6GC70OqLAd6RE&pt=text&li=rbox-t2v&sig=9558f5277b3ca549edb34ca4d6daf575f0678cc05bac&redir=https%3A%2F%2Fwww.lecker.de%2Fwas-soll-ich-kochen-rezepte-fuer-jeden-tag-59372.html%3Futm_source%3Dtaboola%26utm_medium%3Dcampaign%26utm_campaign%3D10919013%26utm_term%3D3126919776%26utm_content%3Dbg3.co%23tblciGiDbENavZ4XGhSlCVegd8g2MmVNMBSN4rBIxDtcBI-3nCSDjmkYou_b83-rf5avdAQ&vi=1693831951831&p=bauerxcelmediadeutschlandkg-leckerde-sc&r=54&tvi48=10638&tvi50=12238&lti=deflated&ppb=CMgB&cpb=EhIyMDIzMDkwMy02LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDIzNDiApJqXDECy0A1IvogQUIGh3QNY____________AWMI0DcQjlMYMGRjCLNGEM5fGDJkYwjXFhDVHxgjZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCeHBgYZGMI7wMQiwcYCWRjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAHJgoxJkAEcmAG_7IGCpjE&cta=true
Title: Hier klicken

URL: https://www.lecker.de/schnelles-abendessen-blitz-rezepte-zum-feierabend-59380.html
Title: Lecker.de

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%205:
Title: Sponsored

URL: https://www.praxisvita.de/die-5-haeufigsten-symptome-bei-herzproblemen-2602.html
Title: PraxisVita

URL: https://intouch.wunderweib.de/camilla-parker-bowles-jung-114535.html
Title: InTouch

URL: https://intouch.wunderweib.de/gilmore-girls-so-sehen-die-stars-der-serie-heute-aus-114149.html
Title: InTouch

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%207:
Title: Sponsored

URL: https://skapu.de/products/curren
Title: Skapu

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%209:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ri=77a45a7ce69980b28897569205dfb21d&sd=v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831952_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&it=text&ii=~~V1~~4202922704564538611~~qibJnMAV0DdpFPGa-HNVmlmkFQt8yImKx5RII83Agrh9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l15K9yYrgPCj86nuq3C4pU1neRFEOk0jjRNjAYU-cpX63FhKZ-TRCJsW-HBoHOIqxHyPty428XVfgjc-OnjEeXGBp_S0ig87w5lOV3QycS3MEQ&pt=text&li=rbox-t2v&sig=8213709dfb0432129ef8050965d24cbb1aba11cbb1bd&redir=https%3A%2F%2Fskapu.de%2Fproducts%2Fcurren%3Fvariant%3D43376141369569%26utm_source%3Dtaboola%26utm_medium%3Dnative%26utm_campaign%3D24358909%26utm_term%3D1524057%26utm_content%3D3728084626%26tabclid%3DGiDbENavZ4XGhSlCVegd8g2MmVNMBSN4rBIxDtcBI-3nCSCcqFsowMSujt-Q35-uAQ%26tblci%3DGiDbENavZ4XGhSlCVegd8g2MmVNMBSN4rBIxDtcBI-3nCSCcqFsowMSujt-Q35-uAQ%23tblciGiDbENavZ4XGhSlCVegd8g2MmVNMBSN4rBIxDtcBI-3nCSCcqFsowMSujt-Q35-uAQ&vi=1693831951831&p=warbruckonlinehandel-skapu-sc&r=49&tvi48=10638&tvi50=12238&lti=deflated&ppb=CKsF&cpb=EhIyMDIzMDkwMy02LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDEyNziApJqXDECy0A1IvogQUIGh3QNY____________AWMI0DcQjlMYMGRjCLNGEM5fGDJkYwjXFhDVHxgjZGMI3AoQoBAYFmRjCJYUEJ4cGBhkYwjSAxDgBhgIZGMI7wMQiwcYCWRjCKQnEIo1GC9kYwj0FBCeHRgfZHgBgAECiAHJgoxJkAEcmAHI8YGCpjE&cta=true
Title: Mehr erfahren

URL: https://www.tipps-zum-reisen.de/travel/architektur/das-sind-die-10-schnellsten-flugzeuge-weltweit/2/
Title: Tipps-zum-Reisen.de

URL: https://www.liebenswert-magazin.de/amp/victoria-kate-middleton-co-die-brautkleider-der-royal-hochzeiten-3909.html
Title: Liebenswert-Magazin

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ri=09df98f70cf6c573efbbf6c7a2c864af&sd=v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831952_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&it=text&ii=~~V1~~-3907978689778780632~~4uR99fR-hPBP0YtEKO-hMdupUC3OLYsyEotriHDvWVjFXgXpBSk7xKnYXcDrrK4sebr2riaK6N9umGJKDShy0FApCADrztxifJelUZlcs8OjRVWe9mtdoqp8eQGwhk5eYTIa30RsRaeCery_-LBHDvohrRRL2n_Mr0aylFgMUlw&pt=text&li=rbox-t2v&sig=c7e5f6235ca7424b7144ef9fd7f98c5095a3729bd111&redir=https%3A%2F%2Fwww.liebenswert-magazin.de%2Famp%2Fvictoria-kate-middleton-co-die-brautkleider-der-royal-hochzeiten-3909.html%3Futm_source%3Dtaboola%26utm_medium%3Dcampaign%26utm_campaign%3D24699945%26utm_term%3D3684980079%26utm_content%3Dbg3.co%23tblciGiDbENavZ4XGhSlCVegd8g2MmVNMBSN4rBIxDtcBI-3nCSCt40Youcy7qMTK3qB8&vi=1693831951831&p=bauerxcelmediadeutschlandkg-liebenswert-sc&r=84&tvi48=10638&tvi50=12238&lti=deflated&ppb=CJIG&cpb=EhIyMDIzMDkwMy02LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDEyNziApJqXDECy0A1IvogQUIGh3QNY____________AWMI0DcQjlMYMGRjCLNGEM5fGDJkYwjXFhDVHxgjZGMI3AoQoBAYFmRjCJYUEJ4cGBhkYwjSAxDgBhgIZGMI7wMQiwcYCWRjCKQnEIo1GC9kYwj0FBCeHRgfZHgBgAECiAHJgoxJkAEcmAHI8YGCpjE&cta=true
Title: Weiterlesen

URL: https://wordsa.com/trending/ausergewohnliches-dubai-tauche-ein-in-eine-welt-voller-kuriositaten-2-tb
Title: Wordsa

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%2011:
Title: Sponsored

URL: https://erfahrungsportal.de/
Title: Startseite

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=rec-reel-sc2-delta:Below%20Article%20Feed%20|%20Card%2012:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ri=aa5cdb37d0f1ff162e7f1c6643e37f95&sd=v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831951_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&it=text&ii=~~V1~~2675586259779403774~~0BIqOhok0Gk5jaWU4dEqoenK2ybER6wNVRNMkqyT1C4e79Ni-eBnd8iQ4KmvvX-QPtVvJT2oZsUKTcbUlOwtfOWXxTtTx_Fak-SIFGMSnsZYMqbQHGBqMFEZM9daPMerKbpz6f2_8QqdQlZQhxHEtDIasC_tBEqckS0TMPB2uIdRQh2D2cEFoulXreODML14mkieiAyctcjN_vhIsNyTpA&pt=text&li=rbox-t2v&sig=16b451c00c88644c47912f29f0f724e437e0d5f0b856&redir=https%3A%2F%2Fecohouses-ch.com%3Fsub1%3D25987440---delimjuwe---3705879347%26sub2%3D1524057---delimjuwe---palmate-bg3co%26sub3%3Dtaboola-GiDbENavZ4XGhSlCVegd8g2MmVNMBSN4rBIxDtcBI-3nCSD_tF8o-IXXooDctKM0%26network%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DUnverkaufte%2B%25C3%2596ko-H%25C3%25A4user%2Bin%2BLes%2BAcacias%2B%2528Sehen%2BSie%2Bsich%2Bdie%2BPreise%2Ban%2529%23tblciGiDbENavZ4XGhSlCVegd8g2MmVNMBSN4rBIxDtcBI-3nCSD_tF8o-IXXooDctKM0&vi=1693831951831&p=ajaskagmbh-search-sedo-ecohouses-sc&r=33&tvi48=10638&tvi50=12238&lti=deflated&ppb=CM0G&cpb=EhIyMDIzMDkwMy02LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDIzNDiApJqXDECy0A1IvogQUIGh3QNY____________AWMI0DcQjlMYMGRjCLNGEM5fGDJkYwjXFhDVHxgjZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCeHBgYZGMI7wMQiwcYCWRjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAHJgoxJkAEcmAG_7IGCpjE&cta=true
Title: Weiterlesen

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbnails-vignette-la-delta:taboola-vignette:
Title: Sponsored

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 116

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 117

https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/18f405ba-cc50-38f9-be07-6f29314e4dbf?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-rzcoiUhE2oXaowPJc4PIW5EtcpFPkjPaUb3llgE-~A&redirect= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 119

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 216

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM4VT927-Z-6W5P HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM4VT927-Z-6W5P

Request Chain 217

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzdmZjdhYzNiNDYzMTczMzVkN2QzYTE1ODYyMzE0ZDk5ODVhZmYwNQ&gdpr=1&us_privacy=1---

Request Chain 218

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 219

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 220

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM4VT927-Z-6W5P&gdpr=1&us_privacy=1---

Request Chain 221

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ebd2ff4c-835b-469a-ac8e-403850d10723&expires=30&gdpr=1&us_privacy=1---

Request Chain 222

https://token.rubiconproject.com/token?pid=2046&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=Zly4CSt1NzL436cpr1t3VA&gdpr=1&us_privacy=1--- HTTP 302
https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=5b8c4ced3338182f&is_secure=true&networkId=12783&version=1&nuid=Zly4CSt1NzL436cpr1t3VA&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAH7sG5zQizGwNYwArOAAAAAAA&expiration=1693918356&nuid=Zly4CSt1NzL436cpr1t3VA&is_secure=true&us_privacy=1---&gdpr=1

Request Chain 223

https://rbp.mxptint.net/sn.ashx?gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R35CA9_1087A841E_1224B765&expires=60

Request Chain 224

https://dmp.brand-display.com/cm/api/rubicon?gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=7eba365a-5808-83ce-f41c4a55

Request Chain 225

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM4VT95I-J-BAHL HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM4VT95I-J-BAHL

Request Chain 232

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&rid=esp&cc=1

Request Chain 291

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGKlpVKFl7Kr-gPI7gyu9k&google_cver=1

Request Chain 292

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPXTFAENtD8.Dp7n6Q8SjAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGKlpVKFl7Kr-gPI7gyu9k&google_cver=1&google_hm=2

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGKlpVKFl7Kr-gPI7gyu9k&google_cver=1

Request Chain 295

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPXTFAENtD8.Dp7n6Q8SjAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGKlpVKFl7Kr-gPI7gyu9k&google_cver=1&google_hm=2

Request Chain 307

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 315

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5405736498204780663

Request Chain 316

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b6382f7b-0c73-ce5b-2a90-f090a1117f38 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b6382f7b-0c73-ce5b-2a90-f090a1117f38&dcc=t

Request Chain 319

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENZP7G5tu_y5OmD0Jo15ew0&google_cver=1

Request Chain 335

https://hal900021.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=a2273c1c88&subid=&uid=51f12e8240c17ec8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCv1OsE9P1ZOeaHsuAngWi7rqQC5HB0Jtp-_CDktwP8C4QASDSzIEaYPWNu4GYBMgBCakCe7uNKzEdsj6oAwHIA5uEgIAEqgT-AU_QYQUOqU_S7V36hhrAY6dwdA7hak0Gs1RS32meqS2hZYxnF75W6W7v9DNTBXJIIqDt6EfO1Kb_Tasf6GhxvZbZ07N7MNKXbyFKkXp9y8SU_3maCIMlVp2hbq6g9LgmKYSWS5TIbQFzrdOcn6e3-on9uXFN9DbxJWQn8NvPPPIn_rr0qkksB7hWjbkQqnSQprpnnJsF0QEIM1J9OzgRFP8f5G89qhI9NPZn14QajPuYx6GKGPwMY3zDPmRcQcPvAhX-Ij2clQdd5pJ4aCySgtDw5AAmG2hB-wyYzFndC8xo0_4P0JfQSgKKfqwfiXWcnjafl2L18xZCuAPfygUcwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARhdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkNIyA0BsBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIp_CQ4P-QgQMVS4CnCh0itw6yEAEYASAAEgItuPD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWisWF2FLtkaug4rUzJBFWw93JCm_SyK4FpXwVJvoSUhlHTbweGAE%26sig%3DAOD64_2bbxIgfYMcL8uiZ-aNsIz6pcc4uQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-D7E7TcDGpvehZGx-icQY2YTtJwlZPTZ96rZFhDSKIwe9fagOTsI0fK6SdFvVquCmj4_odWsseNrXmsuVIBgX_gMpHThIYgXy49uVXvZa4rI7YDzkyQDfoBik2qLPjHlrNTHofuKp3hZtF0qPme8gR29WP-Sh6D7ZchTdpf8JY38iDWdAo%26cry%3D1%26dbm_d%3DAKAmf-D2qoFfAitG2Drgf05oYxaBrfzj0QjcE9bgu4CYhyenx9WEKMSSJNBogmYShNfo0bxBMyPkG-lofDLnyjHSyYVDYotDjAiuNlZ8vQpklycbt5r3G7mzplzVTXlL8S-Wi-1nCkT4-ma1exNWVf3qo8sGdYt-vuZ0Ut6baNsOrfD_jiHtkouoXa6TfYS3T4W_hYx-rtmSSsxMVkQc0nfS_o9PtnWxcbVUBFIcAcS2c7eD3xG2na7eAcfjkhc6TCVTZ6I2KZhr7OjPK4CWdgFEtnJsDACMi1eSkEVjCjMFajJujZ04XxagWiyK7yo-19WI5_aEpwSBvPZdyDAXU2qv2FenYXMu_syZNLgHk1GV4ADZcelXFDo4RzQ6c1czPtOwiLe5AXBD_rMUvDvl605SsIUEswfxqAFAktCAKySxeMEKvuzpJtsdTbg1pddoGufQQDZaI1Hhu7YlKyzbF6kRvhJ1jrV8clWeIDBJBx2ysfcqGgKo6JetCNUYQB-q2D4H2Xv6fL_kXqyopCOZRDRlCr7oOT0pmXZnd25h5Bs3F2t1EVRUtc1xQB0lN_--mSJUuxs41aPvO-Xb-JMqGCgPMZNdmFfebNnrkAgWIjhXSQ_NY15xgvBvV7oNbOPwQ8c3XHW7mWBlW5IeCL3m8MvhYwPsQedCdJDx0xVwQSHHhUUE51KRAhrc2g3-UC99L5LO3hf0V0s1%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=1256845453216&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900021.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=a2273c1c88&subid=&uid=51f12e8240c17ec8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCv1OsE9P1ZOeaHsuAngWi7rqQC5HB0Jtp-_CDktwP8C4QASDSzIEaYPWNu4GYBMgBCakCe7uNKzEdsj6oAwHIA5uEgIAEqgT-AU_QYQUOqU_S7V36hhrAY6dwdA7hak0Gs1RS32meqS2hZYxnF75W6W7v9DNTBXJIIqDt6EfO1Kb_Tasf6GhxvZbZ07N7MNKXbyFKkXp9y8SU_3maCIMlVp2hbq6g9LgmKYSWS5TIbQFzrdOcn6e3-on9uXFN9DbxJWQn8NvPPPIn_rr0qkksB7hWjbkQqnSQprpnnJsF0QEIM1J9OzgRFP8f5G89qhI9NPZn14QajPuYx6GKGPwMY3zDPmRcQcPvAhX-Ij2clQdd5pJ4aCySgtDw5AAmG2hB-wyYzFndC8xo0_4P0JfQSgKKfqwfiXWcnjafl2L18xZCuAPfygUcwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARhdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkNIyA0BsBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIp_CQ4P-QgQMVS4CnCh0itw6yEAEYASAAEgItuPD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWisWF2FLtkaug4rUzJBFWw93JCm_SyK4FpXwVJvoSUhlHTbweGAE%26sig%3DAOD64_2bbxIgfYMcL8uiZ-aNsIz6pcc4uQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-D7E7TcDGpvehZGx-icQY2YTtJwlZPTZ96rZFhDSKIwe9fagOTsI0fK6SdFvVquCmj4_odWsseNrXmsuVIBgX_gMpHThIYgXy49uVXvZa4rI7YDzkyQDfoBik2qLPjHlrNTHofuKp3hZtF0qPme8gR29WP-Sh6D7ZchTdpf8JY38iDWdAo%26cry%3D1%26dbm_d%3DAKAmf-D2qoFfAitG2Drgf05oYxaBrfzj0QjcE9bgu4CYhyenx9WEKMSSJNBogmYShNfo0bxBMyPkG-lofDLnyjHSyYVDYotDjAiuNlZ8vQpklycbt5r3G7mzplzVTXlL8S-Wi-1nCkT4-ma1exNWVf3qo8sGdYt-vuZ0Ut6baNsOrfD_jiHtkouoXa6TfYS3T4W_hYx-rtmSSsxMVkQc0nfS_o9PtnWxcbVUBFIcAcS2c7eD3xG2na7eAcfjkhc6TCVTZ6I2KZhr7OjPK4CWdgFEtnJsDACMi1eSkEVjCjMFajJujZ04XxagWiyK7yo-19WI5_aEpwSBvPZdyDAXU2qv2FenYXMu_syZNLgHk1GV4ADZcelXFDo4RzQ6c1czPtOwiLe5AXBD_rMUvDvl605SsIUEswfxqAFAktCAKySxeMEKvuzpJtsdTbg1pddoGufQQDZaI1Hhu7YlKyzbF6kRvhJ1jrV8clWeIDBJBx2ysfcqGgKo6JetCNUYQB-q2D4H2Xv6fL_kXqyopCOZRDRlCr7oOT0pmXZnd25h5Bs3F2t1EVRUtc1xQB0lN_--mSJUuxs41aPvO-Xb-JMqGCgPMZNdmFfebNnrkAgWIjhXSQ_NY15xgvBvV7oNbOPwQ8c3XHW7mWBlW5IeCL3m8MvhYwPsQedCdJDx0xVwQSHHhUUE51KRAhrc2g3-UC99L5LO3hf0V0s1%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=1256845453216&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 351

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEKmUn0q7s5VjMyGQ27uLmCo&google_cver=1&google_push=AXcoOmQyhc5UC96uig1AFJidcseuog6b651rCska_o381W-ak_bFO-sZIkAAeRQwq8VEYDHmAU8D0uEAR5dAm0t3qXp82W9JDqmuzzoHhVIKXaaDz_400ZLp50sNjddefneeOamOIBbXPXmySnElmgIulnK3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823004513490

Request Chain 353

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEjE9LvoqjU5ohSst6dl8sE&google_cver=1&google_push=AXcoOmTCntJxXlzuCJRRKxsuJdLYMMr8JwKTMUxNcuyJeZ8Z-rhod-2-rc7zFF21Dp_Q3NQO0oFvyQIHFxlMDNWhkFfRRMJuxpiRYjs2cg0nQegBVTyzewoWZYQ7h5wfJ4D0pzDlup4xgYl75pbCA1AMqVWK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=2zNv3FvXQDhs4QVahYkzZg&google_push=AXcoOmTCntJxXlzuCJRRKxsuJdLYMMr8JwKTMUxNcuyJeZ8Z-rhod-2-rc7zFF21Dp_Q3NQO0oFvyQIHFxlMDNWhkFfRRMJuxpiRYjs2cg0nQegBVTyzewoWZYQ7h5wfJ4D0pzDlup4xgYl75pbCA1AMqVWK

Request Chain 354

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKzem3AFrU6EncCUVO3sN34&google_cver=1&google_push=AXcoOmTjK1OA70pibucnxfJP7BPCzP4PJpOSeNhpr8RR7fmpolSqbQlxB077y1JwJ5F9plXE-IspO84W5I5ADvw1J9r_JTBZjrBsC1ipeUER_qrcnjGHBdzQFYtugbtrWpWrlQQP1do-5brL0EkIl6IOC3qz HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTjK1OA70pibucnxfJP7BPCzP4PJpOSeNhpr8RR7fmpolSqbQlxB077y1JwJ5F9plXE-IspO84W5I5ADvw1J9r_JTBZjrBsC1ipeUER_qrcnjGHBdzQFYtugbtrWpWrlQQP1do-5brL0EkIl6IOC3qz&google_gid=CAESEKzem3AFrU6EncCUVO3sN34 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTYxOTI1ODEyNzIyNjkyNDc1Njk4Mw%3D%3D&google_push=AXcoOmTjK1OA70pibucnxfJP7BPCzP4PJpOSeNhpr8RR7fmpolSqbQlxB077y1JwJ5F9plXE-IspO84W5I5ADvw1J9r_JTBZjrBsC1ipeUER_qrcnjGHBdzQFYtugbtrWpWrlQQP1do-5brL0EkIl6IOC3qz

Request Chain 355

https://cs.media.net/cksync?type=g&google_gid=CAESEBnW4UpiGAncrm-D-5D-LrA&google_cver=1&google_push=AXcoOmQTE7h-1_5AjRKJkbRXKgYwn-0ug0mVyEFy_sPEd4w1sctLtseUxwzZZj2ruprlrQ1_ho76xqrYaz1Kh5mzU9kdTN75NGNUKO_9KnsLE6cMzqQlUetssYMaapGdxSVIQXT3rOOLDOHKLpzFTrapLLQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM2ODMzNTU4OTA3NDYyMTAwMFYxMA%3d%3d&mn_hm=MzM2ODMzNTU4OTA3NDYyMTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQTE7h-1_5AjRKJkbRXKgYwn-0ug0mVyEFy_sPEd4w1sctLtseUxwzZZj2ruprlrQ1_ho76xqrYaz1Kh5mzU9kdTN75NGNUKO_9KnsLE6cMzqQlUetssYMaapGdxSVIQXT3rOOLDOHKLpzFTrapLLQ&gdpr=&gdpr_consent=

Request Chain 356

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEE8I1MAzIONFZGMoMU3_Oa0&google_cver=1&google_push=AXcoOmSTRcqk_l5NJqKWzebavtAfvVQeRALNIIYtGsSdyYCG3fXKiaF0huiSivG3q0XsnYP56Acuau-KDSYqE1sXdHhcEbjPFcQLzTx0SSakZlZtA3vbWRRXUBSNh9VE-Em55WzWt8YzXcJEfiEKSOldEq1OdQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSTRcqk_l5NJqKWzebavtAfvVQeRALNIIYtGsSdyYCG3fXKiaF0huiSivG3q0XsnYP56Acuau-KDSYqE1sXdHhcEbjPFcQLzTx0SSakZlZtA3vbWRRXUBSNh9VE-Em55WzWt8YzXcJEfiEKSOldEq1OdQ&google_hm=QlMuYmU2NS0wYTE5LTQ2NjMtYmE3Nw==

Request Chain 357

https://sync.inmobi.com/gob?google_gid=CAESEAASdZtJKS-dqk1PYrmVmNk&google_cver=1&google_push=AXcoOmTveV11E2UEIuw11m38EaeJvZji55Wj5eUai1FqC9j1P9rkVsw8HGDg1BbidTkhzrlBsLzPlWPbsWjgbg4YizV_DOD763rW6WsOQ-NV9UnUBb9lV-lry1UTsYv5WEzQ4hP5kh-zscvUgDAfNX_J3GmNsQ HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTveV11E2UEIuw11m38EaeJvZji55Wj5eUai1FqC9j1P9rkVsw8HGDg1BbidTkhzrlBsLzPlWPbsWjgbg4YizV_DOD763rW6WsOQ-NV9UnUBb9lV-lry1UTsYv5WEzQ4hP5kh-zscvUgDAfNX_J3GmNsQ

Request Chain 369

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=e0d0cda8-b2f5-4ee0-93c4-4a27373150c8&google_hm=ZTBkMGNkYTgtYjJmNS00ZWUwLTkzYzQtNGEyNzM3MzE1MGM4 HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELFYVrkqWVkGYdTfSuJ87M0&google_cver=1&ssp=themediagrid&bsw_param=e0d0cda8-b2f5-4ee0-93c4-4a27373150c8

Request Chain 389

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEJg9y6lL3gsY6sqMFcqRpKU&google_cver=1

Request Chain 390

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEAPtLe4HHmqRlkorWrjo8Gw&gdpr=0&google_cver=1

Request Chain 396

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHpVBqtRV2ZyG5m-gjrvkbc&google_cver=1

Request Chain 397

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTIzODA1NzM2OTI5OTIzNQ%3D%3D

Request Chain 398

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENZP7G5tu_y5OmD0Jo15ew0&google_cver=1

Request Chain 399

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzI4MTgwY2MtZDlhZS0yYjA1LWZmN2UtMjhiZTAzYzA3YWI4

Request Chain 422

https://ums.acuityplatform.com/tum?umid=4&uid=CAESENlLbEhzjnfh60AVCqW_oJo&google_cver=1&google_push=AXcoOmT0wKMSw9ynSftRZRGmVP7izExdZ0VYgVk73-nTcLe68BBlA1lt181Ct0kscLwdItrAZbye8zBOlg07W_Kv0L0zsdiM-HA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823004513490

Request Chain 426

https://cs.media.net/cksync?type=g&google_gid=CAESEA6Apa4Pjqcuvqhh6D_tLw8&google_cver=1&google_push=AXcoOmTxigWLNpkE7ritoe4AnOMzH36jNxNk35Ik6X1Kb8ALiYvtxKn213syUKTy5gji8SXaZuhndk_szI6sXM-JKa5Yv_nJKqZ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM2ODMzNTU4OTA3NDYyMTAwMFYxMA%3d%3d&mn_hm=MzM2ODMzNTU4OTA3NDYyMTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTxigWLNpkE7ritoe4AnOMzH36jNxNk35Ik6X1Kb8ALiYvtxKn213syUKTy5gji8SXaZuhndk_szI6sXM-JKa5Yv_nJKqZ8&gdpr=&gdpr_consent=

Request Chain 474

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOB9v0gUPkwm4vyQD66chDQ&google_cver=1&google_push=AXcoOmR7qPmyWfhwPfj5g7n_BVQ6sr5zlTtHtTBQe_eVP7ddwvzIx8iYt9s1LwlT-Li2aEbYRtHphSGOPmYPwc25VCBpA_kZPbgN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR7qPmyWfhwPfj5g7n_BVQ6sr5zlTtHtTBQe_eVP7ddwvzIx8iYt9s1LwlT-Li2aEbYRtHphSGOPmYPwc25VCBpA_kZPbgN&google_hm=4NDNqLL1TuCTxEonNzFQyA==

Request Chain 486

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=277AF428C2C44A3DA376601F9E099576&RedC=c.clarity.ms&MXFR=318F45BFC2C36D48072D563DC6C36335 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=277AF428C2C44A3DA376601F9E099576&MUID=1D0A6E4177836F5502FC7DC376396EAF

Request Chain 511

https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=43775deaafda1654&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIl4K5YBntUwMtUrXYAAAAAAA&expiration=1693918361&nuid={OX_USER_ID}&is_secure=true

Request Chain 512

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=MbjZOrlfzI8M6j6wGjuOYg==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 514

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dopenx%26user_id%3D%40%40CRITEO_USERID%40%40

Request Chain 516

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=CEBxSVpHJkgTTXEdBhA6HVhBLkkTQCcZDRErwvo4

Request Chain 520

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8281238057369299235

Request Chain 522

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimBAmSFG8TPyWYdegc-9j-wulhknShCgnQ

Request Chain 525

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=v4UEgfAOIOQasluWtxIheNOya9OgnTSTHhNFRNhUcpQ

Request Chain 527

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESENGZkZg_xNjROszbGmH4KQs&google_cver=1

Request Chain 554

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimBA9rKgdqGBMHcmNamlbUK22Lx7L_C6kw

Request Chain 555

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=AlOkKTk_Tp0s_4C2kTr7z8D2231cPdv7v_HeYXD22Ig

Request Chain 560

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8281238057369299235

Request Chain 565

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESENGZkZg_xNjROszbGmH4KQs&google_cver=1

Request Chain 576

https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/smartyads/751a0d0537a12dd49cd80bfb9d459c33c23cea0d9b3e567daac673a2d72a3cba

579 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html Show response
www.bg3.co/a/ 49 KB
14 KB 2570ms
1437ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3aeb45061fc67b419cb95a14ccdb4558c42ee19099cb4f953fe3ff03d7aa2359

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 04 Sep 2023 12:52:30 GMT
etag: "c291-sLqKa22Nb0vsPDzTeYseyY1CoAg"
expires: Mon, 04 Sep 2023 13:07:30 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 715ms
129ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a303bdbfce6897ec74ce030b85480f417f9e17804f7a19b8f2a90feff115b94f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 12:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72923
x-xss-protection: 0
server: sffe
etag: "8f05ddb4de6114d6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 04 Sep 2023 12:52:31 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 702ms
116ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58cead55b65f3b0678c4b30ae3d13b6e12567e960e0bb85cdde591943acc9932

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 12:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9638
x-xss-protection: 0
server: sffe
etag: "3c97018a73867a04"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 04 Sep 2023 12:52:31 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
7 KB 687ms
118ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b259bb222a39b3d352bd17275abf5799be7aba7c78275743c801ad55b7332531

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 12:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7567
x-xss-protection: 0
server: sffe
etag: "694191137fe44b1a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 04 Sep 2023 12:52:31 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

669ms
106ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12676
alt-svc: h3=":443"; ma=86400
content-length: 40188
last-modified: Mon, 28 Aug 2023 06:02:11 GMT
server: cloudflare
etag: "64ec3863-9cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlt0FsmKBx4teoXYeAhZR7bLF491xMSW3JH84J2g36573zmJHIyxAAoppwo877FQJxm2HfwsZg8t8GvnKIYJSOvPN7nSs2rQZSp8p6GVXlLU%2B5DY%2FT%2BFYqS%2FEuNqXkBIMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 80165ec799fdd5ac-CDG

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 player.js Show response
cdn.unibotscdn.com/ubplayer/ 244 KB
93 KB 740ms
110ms Script
application/javascript 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/player.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: 72733561a4030b10d08d15daed28ca2e67708a34c33aad818949c91bf1413787

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:31 GMT
content-encoding: br
cdn-edgestorageid: 1049
cdn-storageserver: DE-382
cdn-cachedat: 09/02/2023 08:40:33
cdn-pullzone: 873945
last-modified: Sat, 02 Sep 2023 08:40:17 GMT
server: BunnyCDN-DE1-722
cdn-fileserver: 645
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64f2f4f1-3ce5e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: e0292d9132f50964646eb68e10a1181e
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 37 KB
10 KB 844ms
221ms Script
application/javascript 2.16.238.159
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.159 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-159.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 21ae83bd23677cdebc8138a1dc65b1479d03466c9200e943acfcf4a9adc33702

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Mon, 04 Sep 2023 12:52:31 GMT
x-ap-device: DESKTOP
content-encoding: br
last-modified: Mon, 04 Sep 2023 11:39:39 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-ap-geo: CH
content-length: 10026
expires: Mon, 04 Sep 2023 13:52:31 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 658 KB
139 KB 749ms
171ms Script
application/javascript 95.101.54.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.104 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-104.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 0ca5dae92ef6608fe14a8ba5e56f72d38b31e7570d98f2287024bfe4a0d53c99

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Mon, 04 Sep 2023 12:52:31 GMT
x-ap-device: DESKTOP
content-encoding: br
last-modified: Thu, 31 Aug 2023 21:40:02 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-ap-geo: CH
server-timing: cdn-cache; desc=HIT, edge; dur=8, origin; dur=0, ak_p; desc="1693831951623_1600468580_126602454_838_1284_92_107_146";dur=1
content-length: 141535
expires: Mon, 04 Sep 2023 13:52:31 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 482 KB
53 KB 323ms
112ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe3c20f18142b060a4c1fa922c592b337d066ff73acdd4607967813743b8dc71

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Myur2UuYoSUf2mNvKFP7hLeDB001EPve
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 12:52:31 GMT
x-amz-request-id: PH206K3Z9RBP8AR4
age: 6867
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 53338
x-amz-id-2: 0SYysHcIfyad1SeQ6YzPvpK7NXRwKH0Gm7DQq7Owuo2b21YExZY4u/+/fGbUiRLFLZ2Jg+om1aY=
x-served-by: cache-ams21033-AMS
last-modified: Mon, 04 Sep 2023 09:35:58 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693831951.370344,VS0,VE15
etag: "3dbd65c3380c9c36c804fd4dfb059871"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 55
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 impl.20230903-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 803 KB
166 KB 116ms
116ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a80eae4454fa66280866a7243d2ea51e927c41af8ba045ade41a03f64d1180fa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: CuiuU6eMv4WPX.TpIvx1Q1d3yMlp43ER
content-encoding: br
via: 1.1 varnish
date: Mon, 04 Sep 2023 12:52:31 GMT
x-amz-request-id: ECKZP7X3PPWJ8EBA
age: 12126
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 170019
x-amz-id-2: kW8OcsfI+KmctG9MGo/u9WC7aspShFPB7K+XfSf29AMAE6O2jLpOWqAKZ4yxzISLweKdVIFWlBA=
x-served-by: cache-ams21033-AMS
last-modified: Sun, 03 Sep 2023 09:12:15 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693831952.626156,VS0,VE0
etag: "ebfc5e8f71b99d31d408f4b268b3cf64"
vary: Accept-Encoding
content-type: application/javascript
abp: 80
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 3791

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 634ms
108ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 206564
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 72 KB
18 KB 525ms
518ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=14%3A52%3A31.834&lti=deflated&data=%7B%22id%22%3A613%2C%22ii%22%3A%22%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1693820150756%2C%22vi%22%3A1693831951831%2C%22cv%22%3A%2220230903-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%22%2C%22vpi%22%3A%22%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2574%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A612%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 32cc233fb402488fde9386b9e20b0a45539d1f11a4eb46bed7f683814f1ba228

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 402
date: Mon, 04 Sep 2023 12:52:32 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 59264
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-ams21033-AMS
x-log-content-encoding: gzip
server: nginx
x-timer: S1693831952.901558,VS0,VE402
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET 04c4d37ae9c12cc7731fe54c89556f22.jpg
static.bg3.co/imgs/202109/ 0
0

GET 94651aacfc2eefd7411f99de237fb6da.jpg
static.bg3.co/imgs/202111/ 0
0

GET a1ee9b988fd23d5fd545d7681a8c2706.jpg
static.bg3.co/imgs/202212/ 0
0

GET dd3fefeb39f99742708f4762700dc3c1.jpg
static.bg3.co/imgs/202202/ 0
0

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012308181609000/v0/ 8 KB
3 KB 682ms
125ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08d502e7f6319b0015d0ea006b216f287353f60e0cd84462a5a43d6294bfea7a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 20:32:08 GMT
age: 490825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2971
x-xss-protection: 0
server: sffe
etag: "81fe35e806c986f9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 20:32:08 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012308181609000/v0/ 82 KB
23 KB 683ms
126ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5a151f6d9e09fd60bf6973d09630854a1ea0545ac0cbeb88dec0790b3c04b7b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 20:32:08 GMT
age: 490825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23145
x-xss-protection: 0
server: sffe
etag: "1e24d49ff16f97fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 20:32:08 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 4 KB
857 B 693ms
140ms Fetch
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22dc79ab92abba87adc663fbd3b8d9242b1ede690743e6d92eca2d5d69ec597b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 509
x-xss-protection: 0

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012308181609000/v0/ 12 KB
4 KB 672ms
115ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7c94d5780fa800afb0066d0ceed10b6488d78ec4cb2a85c42e5772b6218cd26

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 20:32:09 GMT
age: 490824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3937
x-xss-protection: 0
server: sffe
etag: "256c2c03e8e2f982"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 20:32:09 GMT

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 751ms
133ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-14e98"
vary: Accept-Encoding
x-hw: 1693831953.dop236.am5.t,1693831953.cds115.am5.hn,1693831953.cds266.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29880

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 829ms
212ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-15d9d"
vary: Accept-Encoding
x-hw: 1693831953.dop236.am5.t,1693831953.cds115.am5.hn,1693831953.cds004.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 floating-unit.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 188ms
184ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14d5ac95bdb379cabf3dc5b7d05703dfe86530b6e6eb936d0a4379d9d5c50fcb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .yEughranwzu4XAiXNtBhLCGXOuBjoHW
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 12:52:32 GMT
x-amz-request-id: 1S54QP4JYK2MAD5T
age: 12004
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2473
x-amz-id-2: BeOIWWs7E63eCuZootFI/9K/ZND60lscsyh9TCidXf67+niDL87lUNFwcgBJrJOocRuqo+oH2EE=
x-served-by: cache-ams21033-AMS
last-modified: Mon, 04 Sep 2023 09:32:30 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693831953.715237,VS0,VE0
etag: "e6ec393f791a40cbd66ae2e15a57707d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 72
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 215

GET
H2 200 taboola-vignette-new-scanning.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 188ms
184ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 450da0ff2bb9a7682fa0823ecfece25fb7cb6a5c561b91163bb1f90365099b45

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6HznuFWW1c7szS25tB3w98NnAXkJ4Wpx
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 12:52:32 GMT
x-amz-request-id: 1D8KANA7S94K0CDX
age: 11984
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8019
x-amz-id-2: /l1jNGqujRwwVGDG7cAcjY10hBQBQlKSJY9xjPKtmdPi7ip1Mf5Zwy0q6/vrmsAtn0vnVS9crAU=
x-served-by: cache-ams21033-AMS
last-modified: Mon, 04 Sep 2023 09:32:49 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693831953.715210,VS0,VE0
etag: "46f499f064ff5a9f7782e676543de9a9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 85
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 147

GET
H2 200 distance-from-article.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 189ms
185ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7306593c4758a9cf5682ca5e78c6a9d87e299f2a817e5284fb210432c8b95659

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7lwJenyAG0zlor2J11dMUUJyfw8RQmrw
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 12:52:32 GMT
x-amz-request-id: R3XA4V2TAGRSCX93
age: 12014
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1132
x-amz-id-2: oOuoknQ3adzeNeAjGKTMY68iYPylUY2ENuV8R60CiTqFYUyqdI7R96HcxID3B19SNtDVN7w2Rhg=
x-served-by: cache-ams21033-AMS
last-modified: Mon, 04 Sep 2023 09:32:19 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693831953.715181,VS0,VE0
etag: "bfd82560a91c854e27ec86e0771d84fc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 5
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 2569

GET
H2 200 article-detection.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 187ms
183ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c33e4bdc3308820980d94536d79f4101b9b1783bd7968c314b4239164fd024f9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: OewEHNnDTLGFe2Jl5TrooRKtS8Y8buos
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 12:52:32 GMT
x-amz-request-id: 2J9ZB55MJYZFSZEW
age: 12021
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1291
x-amz-id-2: PxuDcCVSU6yuXrvnIIEc8y/z9d5+rQ5V0cYCeTXrWJ08BtSSHnPfkdn9JRFawqtKLKVzLdGyuZA=
x-served-by: cache-ams21033-AMS
last-modified: Mon, 04 Sep 2023 09:32:11 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693831953.715166,VS0,VE0
etag: "9060b2072f239e7b7af5c9cb48935d04"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 2559

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.2.8/ 127 KB
36 KB 421ms
120ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3aae61f075cc64d2d2a1918694af9db5df06c7a638c6162f5840c5618f59bd03

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 8e8e0fdfe938f4dbcfa8bb4284454f5a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: AMS1-P3
age: 186338
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 36490
x-served-by: cache-ams21053-AMS
last-modified: Sat, 02 Sep 2023 09:06:04 GMT
server: AmazonS3
x-timer: S1693831953.015409,VS0,VE0
etag: "fd7ae01836d3569c79370b947186fc34"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: fy5aLyx50CVKMRzEcY1z0WGaW1iYEflAD47PRg-WeTa5GavZnW0bfA==
x-cache-hits: 3181

GET
H2 200 feed-card-placeholder.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 181ms
177ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56a6716bb64bde5c15bdac3991adb587a4234cad6312d35a7fa39ac52a8de7a3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: YCkVTYkCLJbAD3z6fVFaiJZah9js_igZ
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 12:52:32 GMT
x-amz-request-id: TH8WDNCM1S0XEDSR
age: 12009
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: nqfx6GIPxcd1ndcYqdRVPrhZ5dcf4cE+hoesyN0O2z1p3+C0gvPLoBdixHVmuobR94qnuvVckrE=
x-served-by: cache-ams21033-AMS
last-modified: Mon, 04 Sep 2023 09:32:24 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693831953.715148,VS0,VE0
etag: "847de7c338e5a23faf7d522e4013c99d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 6
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1875

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 117ms
117ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 12:52:32 GMT
x-amz-request-id: TZRV815EMAFY1JBF
age: 5
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: v5SDmim5AHD1xUYx+tpwQ3ehER8nJJjDtZKSR7zLZUfaHgPhMWhJVk4BNKiXJLg3LG/QSQSHEMY=
x-served-by: cache-ams21033-AMS
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693831952.481957,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 29
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 4

GET
H2 200 userx.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 188ms
184ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b7c29abdfb5a7ab3c95922a9be76c1d6e276d13c0d24d06731b6d4908f0fdad

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: AJx0wfUpfnBYVeYg6JPf9Otni0NzHkLB
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 12:52:32 GMT
x-amz-request-id: 1Q2R5VW99YWNAM88
age: 11980
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: Qmv+aG7HFV4qLz2HcjB3kHh8DUzu8jIjeTV9UEu8FqWO/XDs1Iw+9A36pNR/gQFAndAgfFqYcrE=
x-served-by: cache-ams21033-AMS
last-modified: Mon, 04 Sep 2023 09:32:53 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693831953.715146,VS0,VE0
etag: "38fff9c527380be4515b408d659361fa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 49
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 896

GET
H2 200 explore-more.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 189ms
185ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99e55638caa101f99a3bc20334cc9f3a2c122c93c87929857f883df2451edd2b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Rlsa8qtFsTv2OnpWTw6UuST7REz_N05x
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 12:52:32 GMT
x-amz-request-id: DQ6BHPSAF1MPTB99
age: 12011
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8803
x-amz-id-2: +lEY3EKzeN2oMt1YJVEn0dfKhzsJoVvZUH5GRPh8EYCsyzgYCWMbCrR8UyWUKx/HBnc/tSdNwzo=
x-served-by: cache-ams21033-AMS
last-modified: Mon, 04 Sep 2023 09:32:22 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693831953.715119,VS0,VE0
etag: "1678c7a2b5486ea355721b5fcd32dd6a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 3
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 731

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 512ms
151ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10638&tvi50=12238&lti=deflated&ri=cb3ad53c630f752923412f633361a47a&sd=v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831951_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1693831951831&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=14%3A52%3A32.410&id=454&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 512ms
152ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10638&tvi50=12238&lti=deflated&ri=cb3ad53c630f752923412f633361a47a&sd=v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831951_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1693831951831&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1693831952410%7D&tim=14%3A52%3A32.410&id=3561&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 538ms
177ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10638&tvi50=12238&lti=deflated&ri=cb3ad53c630f752923412f633361a47a&sd=v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831951_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1693831951831&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1693831952416%7D&tim=14%3A52%3A32.416&id=5123&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 512ms
152ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10638&tvi50=12238&lti=deflated&ri=cb3ad53c630f752923412f633361a47a&sd=v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831951_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1693831951831&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A52%3A32.439&id=5363&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 510ms
150ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A52%3A32.441&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=8321&cv=20230903-6-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 102631

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 511ms
151ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A52%3A32.442&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=297&cv=20230903-6-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 102631

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 241ms
241ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A52%3A32.452&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=4748&cv=20230903-6-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 102631

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 242ms
241ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A52%3A32.453&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=3722&cv=20230903-6-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 102631

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 242ms
242ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A52%3A32.458&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=9934&cv=20230903-6-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 102631

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 18 KB
6 KB 550ms
549ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=14%3A52%3A32.466&route=AM:IL:V&tvi48=10638&tvi50=12238&lti=deflated&data=%7B%22id%22%3A834%2C%22ii%22%3A%22%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831951_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA%22%2C%22ui%22%3A%22e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f%22%2C%22uifp%22%3A%22e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f%22%2C%22lbt%22%3A1693820150756%2C%22vi%22%3A1693831951831%2C%22cv%22%3A%2220230903-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%22%2C%22vpi%22%3A%22%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3641%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A612%2C%22mw%22%3A760%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7161defefc5ca9a329192b3d47416879f7d9801cfcd7904cf0c2480a2cc32655

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 399
date: Mon, 04 Sep 2023 12:52:32 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 64873
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-ams21033-AMS
x-log-content-encoding: gzip
server: nginx
x-timer: S1693831953.544309,VS0,VE399
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_675%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 35 KB
36 KB 185ms
184ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_675%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 06cc100d762a6514b0dc5e5c9476cff5c49dd4b7f6cdc499ff36431d94609f56

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 5
date: Mon, 04 Sep 2023 12:52:32 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_675%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age: 434171
edge-cache-tag: 413171760462916128786953021986728628513,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 413171760462916128786953021986728628513,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 349
expiration: expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://nigeriaworld.com/
content-length: 35714
x-backend-name: CH_nlb803
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kjyo7100061-IAD, cache-iad-kcgs7200138-IAD, cache-ams21033-AMS
last-modified: Tue, 01 Aug 2023 07:50:36 GMT
server: nginx
x-timer: S1693831953.762093,VS0,VE5
etag: "bd3c9118152a191dbc5be6ad3e7a6028"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 1

GET
H2 200 f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 29 KB
30 KB 226ms
226ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c0de8d914cf413918e4f780b2c92d4ca961c20d87ab023c55b5b6b2cc1438af

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age: 2960725
edge-cache-tag: 413171760462916128786953021986728628513,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 413171760462916128786953021986728628513,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 305
expiration: expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sport1.de/
content-length: 29512
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100071-IAD, cache-iad-kjyo7100071-IAD, cache-sna10723-LGB, cache-iad-kcgs7200082-IAD, cache-ams21033-AMS
last-modified: Sat, 15 Jul 2023 14:43:31 GMT
server: nginx
x-timer: S1693831953.014067,VS0,VE0
etag: "6cbb6d3f5c4a9ef4c1d57377b9b82231"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 3, 56

GET
H2 200 6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 28 KB
29 KB 183ms
182ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 57d726902e7e61bdd77159edc80d18774870eadd91c277653646d3374aba27af

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age: 1991058
edge-cache-tag: 356686445197087509435470419559440289029,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356686445197087509435470419559440289029,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 560
req-referer: https://www.cosmopolitan.de/
content-length: 28970
x-request-id: 5f5e5c466c20a9dda1696b973f7bf976
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200171-IAD, cache-iad-kiad7000106-IAD, cache-chi-kigq8000086-CHI, cache-iad-kjyo7100156-IAD, cache-ams21033-AMS
last-modified: Thu, 10 Aug 2023 11:47:17 GMT
server: nginx
x-timer: S1693831953.148259,VS0,VE1
etag: "5eeb390e640ddfaeffbf8000fc7a0145"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 11, 1

GET
H2 200 eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 222ms
222ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e03662baae2a170203c136b546c40cd0503823becb15ab80629e544af9efe19

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age: 3425895
edge-cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 308
expiration: expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.express.de/
content-length: 18500
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kiad7000064-IAD, cache-sna10723-LGB, cache-iad-kcgs7200024-IAD, cache-ams21033-AMS
last-modified: Mon, 17 Jul 2023 06:04:36 GMT
server: nginx
x-timer: S1693831953.260022,VS0,VE0
etag: "0a2c75440724365af393e298015be867"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 312, 2

GET
H2 200 2019c936c024fa6fda3c941fa067ea81.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 80 KB
81 KB 223ms
222ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 42f8ae66f11ceee89fdec4228ca475da670b1ed34bce190683462d59f504a046

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
age: 2332216
edge-cache-tag: 495917111911929012461748354836139372250,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 495917111911929012461748354836139372250,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 217
expiration: expiry-date="Wed, 16 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.theweathernetwork.com/
content-length: 82400
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200173-IAD, cache-iad-kcgs7200138-IAD, cache-lax10635-LGB, cache-iad-kcgs7200105-IAD, cache-ams21033-AMS
last-modified: Sun, 16 Jul 2023 03:19:54 GMT
server: nginx
x-timer: S1693831953.300339,VS0,VE1
etag: "3c6f0086470990a7bfb6299cf93f1cdb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 48, 1

GET
H2 200 Fliesen.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tippsundtricks.co/2017/03/ 35 KB
36 KB 222ms
221ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tippsundtricks.co/2017/03/Fliesen.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bebf430a53a5b352683e20c662ae7b25c8b58be5bb9a66d492dc2976e650c5be

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tippsundtricks.co/2017/03/Fliesen.png
age: 4662898
edge-cache-tag: 624237704448984462090471028767463012506,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 624237704448984462090471028767463012506,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 139
expiration: expiry-date="Thu, 13 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.saturdaydownsouth.com/
content-length: 35958
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000047-IAD, cache-iad-kiad7000052-IAD, cache-lga21953-LGA, cache-iad-kcgs7200046-IAD, cache-ams21033-AMS
last-modified: Mon, 12 Jun 2023 10:32:46 GMT
server: nginx
x-timer: S1693831953.300308,VS0,VE1
etag: "15d2d30ac846b0d983934867e30f5f26"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 552, 1

GET
H2 200 0745103d-d21c-4636-9dd6-f77e4206fb46__JkAEDuZz.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 32 KB
33 KB 203ms
202ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/0745103d-d21c-4636-9dd6-f77e4206fb46__JkAEDuZz.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0eca2b7d045c0224d2f7009323907f26d1d2ac4b14dec48d20b738c28eecdb39

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/0745103d-d21c-4636-9dd6-f77e4206fb46__JkAEDuZz.jpg
age: 1077198
edge-cache-tag: 517411907453676751847238028324206952058,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 517411907453676751847238028324206952058,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1018
req-referer: https://flytant.com/
content-length: 33156
x-request-id: 962bc1b1de14820de434fa2a7ee5a87e
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100028-IAD, cache-iad-kcgs7200163-IAD, cache-sna10721-LGB, cache-iad-kiad7000146-IAD, cache-ams21033-AMS
last-modified: Wed, 23 Aug 2023 01:33:00 GMT
server: nginx
x-timer: S1693831953.300281,VS0,VE1
etag: "f10915271f1115d8382c0103e4c6e87e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 27, 1

GET
H2 200 f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 31 KB
32 KB 298ms
297ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ddae47187a17644dbe7e02cdf7089521d014d35e172c5c068b16213702bd5c5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age: 1199317
edge-cache-tag: 413171760462916128786953021986728628513,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 413171760462916128786953021986728628513,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 283
req-referer: https://www.sueddeutsche.de/
content-length: 31858
x-request-id: 02d9d35fe2116c7e0c23a2eff56315e1
x-backend-name: CH_nlb803
x-served-by: cache-iad-kiad7000057-IAD, cache-iad-kjyo7100163-IAD, cache-iad-kiad7000139-IAD, cache-ams21033-AMS
last-modified: Fri, 28 Jul 2023 15:42:18 GMT
server: nginx
x-timer: S1693831953.300242,VS0,VE8
etag: "98191e2eef5b9be911ac38d0d3a74348"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 5, 1

GET
H2 200 2019c936c024fa6fda3c941fa067ea81.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 92 KB
93 KB 197ms
197ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b1f092f6197eacc2363e809fd2dc07638f8a9859883130d144ca74903027b870

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
age: 3345418
edge-cache-tag: 495917111911929012461748354836139372250,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 495917111911929012461748354836139372250,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 435
expiration: expiry-date="Wed, 16 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://d-26223547671233016175.ampproject.net/
content-length: 93950
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100071-IAD, cache-iad-kcgs7200092-IAD, cache-lga21974-LGA, cache-iad-kjyo7100020-IAD, cache-ams21033-AMS
last-modified: Sun, 16 Jul 2023 11:09:14 GMT
server: nginx
x-timer: S1693831953.369182,VS0,VE2
etag: "fd2cfe471f8e594719367f0536a90b0a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 431, 1

GET
H2 200 6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 92 KB
93 KB 156ms
156ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 223b0d1f5fe9805e59af9f9b4eca70ba74d52431790f365d72f6c4c761d1c961

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age: 1798718
edge-cache-tag: 356686445197087509435470419559440289029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356686445197087509435470419559440289029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 387
req-referer: https://www.sueddeutsche.de/
content-length: 94302
x-request-id: c7d4a079e800f2cfac01ffed59a7e79b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100133-IAD, cache-iad-kjyo7100128-IAD, cache-sna10744-LGB, cache-iad-kjyo7100132-IAD, cache-ams21033-AMS
last-modified: Thu, 10 Aug 2023 11:47:17 GMT
server: nginx
x-timer: S1693831953.391304,VS0,VE2
etag: "78af0e2d92f1d0853f93e08bf0474e82"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 18, 1

GET
H2 200 eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 42 KB
43 KB 181ms
181ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ca8807fbc1da6011747cf687c91060ced3e90e0e6ff78da4813186f5fc09e54e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age: 5944465
edge-cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 219
expiration: expiry-date="Sun, 16 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sueddeutsche.de/
content-length: 42778
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kiad7000064-IAD, cache-lga21950-LGA, cache-iad-kjyo7100053-IAD, cache-ams21033-AMS
last-modified: Thu, 15 Jun 2023 08:18:42 GMT
server: nginx
x-timer: S1693831953.462472,VS0,VE1
etag: "0a2c75440724365af393e298015be867"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 10, 1

GET
H2 200 bg3.json Show response
cdn.unibotscdn.com/clientdata/ 19 KB
2 KB 789ms
202ms Fetch
application/json 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/bg3.json
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: 3f18968d0dacf1850dfce645f211ad6244443b9af0415f380ea27f0e835cb58f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
content-encoding: gzip
cdn-edgestorageid: 1078
cdn-storageserver: DE-383
cdn-cachedat: 09/03/2023 07:31:15
cdn-pullzone: 873945
last-modified: Sun, 03 Sep 2023 07:30:40 GMT
server: BunnyCDN-DE1-722
cdn-fileserver: 652
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 08b2e1075cef2cea013cb7611ae6d1ff
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012308181609000/v0/ 40 KB
11 KB 668ms
114ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

923690f3c0feaf6346a2755af20e2b8580a048126501966a8ccd0fd31c6b53e3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 20:32:08 GMT
age: 490825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10348
x-xss-protection: 0
server: sffe
etag: "279670ab552e383b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 20:32:08 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
613 B 289ms
289ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9594
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AR3elcyoHmoYfoaTod7u25whEeZIwE3uIWWExOEHvqZhBr6kSBzALethpzVt2AcBVPdlf7pPKSrGbdoM0QR8qxYG4xBjKVu7Vq702O3dHRDOinFnM8Z%2B8RYCWNqBpfPWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 80165ec92b53d5ac-CDG

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 1069ms
266ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 2eceb9c30b814240d7b0ba3b8bfb4350bada862a8881a0eac9b1d97326d02cfc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 12:52:33 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 1058ms
266ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 2eceb9c30b814240d7b0ba3b8bfb4350bada862a8881a0eac9b1d97326d02cfc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 12:52:33 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 957ms
450ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.13348529472118909&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 12:52:33 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 885ms
361ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.4927325849612876&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 12:52:33 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H2 200 next-up-widget.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 178ms
178ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7f780cbdb0965c8492f77a85891708f7e8c987b5b1863992ef3a19fb3a1bf23

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: i8nWRc717aYTPBcM.I3gJkWUZlZApSYv
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 12:52:32 GMT
x-amz-request-id: 33K1HGG4MX0D5SES
age: 12000
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: tdeA7b1r7twdO1KNFSUTwnnFoPP2mLLkuPw3lH3Vn6yemYGXuEgRCoWxwbGDFqc1oH+RBVShn/A=
x-served-by: cache-ams21033-AMS
last-modified: Mon, 04 Sep 2023 09:32:33 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693831953.948675,VS0,VE0
etag: "610116c7b158be00fffa2607a3bc5a01"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 24
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 210

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 207ms
206ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10638&tvi50=12238&lti=deflated&ri=cb3ad53c630f752923412f633361a47a&sd=v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831951_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1693831951831&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1761%7D%22%2C%22eventTime%22%3A1693831952848%7D&tim=14%3A52%3A32.848&id=7531&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 208ms
207ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10638&tvi50=12238&lti=deflated&ri=cb3ad53c630f752923412f633361a47a&sd=v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831951_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1693831951831&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2218%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A52%3A32.860&id=433&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 208ms
207ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A52%3A32.866&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6656&cv=20230903-6-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 107184

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 738ms
197ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Sep 2023 12:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 12:00:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Sep 2023 12:52:33 GMT

GET
H2 200 spa-detector.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 201ms
200ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dabe40043cf1d77cd46fe459fef8ee265b629092db8f8fbf53d5bc8bd0d1dc90

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6h_Mt.SBcnYHoO2sldMLOn.OohQSJVDD
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 12:52:33 GMT
x-amz-request-id: SE3TDFC7XCTVYK43
age: 11993
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 779
x-amz-id-2: PaokPGlBDGqmuR1ash9F7BU/LZ/ihXUFa1nxmY9WUqn/Gg/dwYwp1Q/i9cbX5r1ktJyyjrjQ+sE=
x-served-by: cache-ams21033-AMS
last-modified: Mon, 04 Sep 2023 09:32:40 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693831953.014111,VS0,VE0
etag: "044d245b632ada427c290e71627dd688"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 89
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 842

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 208ms
207ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10638&tvi50=12238&lti=deflated&ri=cb3ad53c630f752923412f633361a47a&sd=v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831951_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1693831951831&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A52%3A32.867&id=133&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 209ms
208ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10638&tvi50=12238&lti=deflated&ri=cb3ad53c630f752923412f633361a47a&sd=v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831951_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1693831951831&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1693831952869%7D&tim=14%3A52%3A32.869&id=5310&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 208ms
208ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10638&tvi50=12238&lti=deflated&ri=cb3ad53c630f752923412f633361a47a&sd=v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831951_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1693831951831&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A52%3A32.871&id=9501&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 209ms
208ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10638&tvi50=12238&lti=deflated&ri=cb3ad53c630f752923412f633361a47a&sd=v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831951_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1693831951831&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1693831952873%7D&tim=14%3A52%3A32.873&id=2649&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 202ms
202ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A52%3A33.050&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-c-delta&llvl=2&id=5480&cv=20230903-6-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 102631

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 179ms
179ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&tvi48=10638&tvi50=12238&lti=deflated&ri=2024665bc31d48dbd2da5f1ac13ccfea&sd=v2_63fce5cc0c97c662c5c3f3051b778732_e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f_1693831951_1693831952_CNawjgYQ2YJdGNfrgYKmMSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&pi=/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&wi=-3280187073140251862&pt=text&vi=1693831951831&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1693831953086%7D&tim=14%3A52%3A33.086&id=101&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 d3f43649854d6addae9f6f56f29dca0d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 57 KB
58 KB 167ms
166ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d3f43649854d6addae9f6f56f29dca0d.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d0bf4901966bdeb7ed201502fa80ea458d5d156d0c559227686bd5cd8e5b8868

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d3f43649854d6addae9f6f56f29dca0d.jpg
age: 3550601
edge-cache-tag: 538866984511226002241295778630189611367,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 538866984511226002241295778630189611367,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 352
expiration: expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.fcinter1908.it/
content-length: 58392
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200084-IAD, cache-iad-kcgs7200073-IAD, cache-lax10631-LGB, cache-iad-kcgs7200090-IAD, cache-ams21033-AMS
last-modified: Mon, 17 Jul 2023 11:54:27 GMT
server: nginx
x-timer: S1693831954.556010,VS0,VE1
etag: "1e0cf15bb70422eaee02b7ed1889bcb8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 4, 1

GET
H2 200 2f223401b0d3b8926fb3f1d5be6e6df6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 175ms
174ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f223401b0d3b8926fb3f1d5be6e6df6.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f3f053193e9aadcc91e16c821dd041f5c033ca534b5c2d9dbff361158c675095

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f223401b0d3b8926fb3f1d5be6e6df6.jpg
age: 1461860
edge-cache-tag: 369961428507677448760348173263946042960,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 369961428507677448760348173263946042960,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 472
req-referer: https://flytant.com/
content-length: 11310
x-request-id: 4d8b077a587e554d5cd5beb5c6a9dbd6
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000059-IAD, cache-iad-kjyo7100076-IAD, cache-lax10675-LGB, cache-iad-kcgs7200143-IAD, cache-ams21033-AMS
last-modified: Fri, 11 Aug 2023 22:02:33 GMT
server: nginx
x-timer: S1693831954.555983,VS0,VE1
etag: "37c1ff1d762036b1f339b2ca27724e9c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 16, 1

GET
H2 200 c463621448b754f72cde3a24bce6a684.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 165ms
165ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c463621448b754f72cde3a24bce6a684.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d11c3a5ae154175fe16cfb336794f3b9dd4de7cdf3bffba507ba7f4218d4c1e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c463621448b754f72cde3a24bce6a684.jpeg
age: 3754173
edge-cache-tag: 572986981612921457322863674271668491606,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 572986981612921457322863674271668491606,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 207
expiration: expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.express.de/
content-length: 14526
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100080-IAD, cache-iad-kcgs7200061-IAD, cache-lax10675-LGB, cache-iad-kiad7000148-IAD, cache-ams21033-AMS
last-modified: Mon, 17 Jul 2023 23:41:48 GMT
server: nginx
x-timer: S1693831954.555987,VS0,VE1
etag: "8d4bf42e02fbfe15a95c837722a4ed41"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 627, 1

GET
H2 200 4a3e074f7f879ff2c57035d9a5f5b14b.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 53 KB
54 KB 248ms
247ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4a3e074f7f879ff2c57035d9a5f5b14b.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 14bbf5cd7d5cd3ff8bdbc9540959ef43d229c8a90d1e3f34a1b721950e66a70a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4a3e074f7f879ff2c57035d9a5f5b14b.jpeg
age: 3053142
edge-cache-tag: 548927372391360882470213089307956759229,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 548927372391360882470213089307956759229,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 201
req-referer: https://www.gazzetta.it/
content-length: 54438
x-request-id: 099502554c78831e94c7267f27ea6618
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000177-IAD, cache-iad-kcgs7200027-IAD, cache-lax10622-LGB, cache-iad-kiad7000158-IAD, cache-ams21033-AMS
last-modified: Thu, 20 Jul 2023 15:22:37 GMT
server: nginx
x-timer: S1693831954.628461,VS0,VE2
etag: "24f4ddfdcb222f13323130f54aa913f7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 9, 1

GET
H2 200 2b055e1ee062dc44b044236faa993798.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 59 KB
60 KB 228ms
228ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b055e1ee062dc44b044236faa993798.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bce930f79828901cc7ef73caf4491b380ef9d3e059eab2665906d069dae8a2a1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b055e1ee062dc44b044236faa993798.png
age: 3207750
edge-cache-tag: 582150484640792665894963372733789094020,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 582150484640792665894963372733789094020,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 210
expiration: expiry-date="Sun, 20 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.rallye-sport.fr/
content-length: 60876
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100150-IAD, cache-iad-kjyo7100069-IAD, cache-sna10744-LGB, cache-iad-kjyo7100162-IAD, cache-ams21033-AMS
last-modified: Thu, 20 Jul 2023 06:00:22 GMT
server: nginx
x-timer: S1693831954.628435,VS0,VE1
etag: "ac2e9e0fc3c46327e0b39322f2ad6870"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 5, 1

GET
H2 200 37504672fe63a7dc8cf15988a9d8168a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 226ms
226ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37504672fe63a7dc8cf15988a9d8168a.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f6eaef6b940da31d10df7134ab8d89cf0f8ed953b45782580b090fbf56da8d6c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 86
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37504672fe63a7dc8cf15988a9d8168a.jpg
age: 448831
edge-cache-tag: 629686520374277985801979535369461736196,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629686520374277985801979535369461736196,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 54
expiration: expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://tuzzy.com/
content-length: 5932
x-backend-name: LA_nlb202
x-served-by: cache-iad-kiad7000131-IAD, cache-iad-kcgs7200116-IAD, cache-sna10744-LGB, cache-iad-kiad7000134-IAD, cache-ams21033-AMS
last-modified: Tue, 01 Aug 2023 06:51:28 GMT
server: nginx
x-timer: S1693831954.633455,VS0,VE86
etag: "08e87d6a70241e4cb015a2e8e6254d81"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 0

GET
H2 200 brautkleider-royals-2%2Cid%3D2efdba79%2Cb%3Dliebenswert%2Cw%3D1600%2Cca%3D0.00%2C0.00%2C100.00%2C100.00%2Crm%3Dsk.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.liebenswert-magazin.de/ 24 KB
24 KB 178ms
178ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.liebenswert-magazin.de/brautkleider-royals-2%2Cid%3D2efdba79%2Cb%3Dliebenswert%2Cw%3D1600%2Cca%3D0.00%2C0.00%2C100.00%2C100.00%2Crm%3Dsk.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2262d81f8de5000f71386d2acfba6de063fd488cdaa6055f2bf4a637daa3c9aa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 12
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.liebenswert-magazin.de/brautkleider-royals-2%2Cid%3D2efdba79%2Cb%3Dliebenswert%2Cw%3D1600%2Cca%3D0.00%2C0.00%2C100.00%2C100.00%2Crm%3Dsk.jpeg
age: 2317142
edge-cache-tag: 366871436072726444483376463122342600673,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 366871436072726444483376463122342600673,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 793
req-referer: https://www.hoerzu.de/
content-length: 24308
x-request-id: f34d3f45a7f4316aa13163f9c0d4790a
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100128-IAD, cache-iad-kcgs7200070-IAD, cache-sna10750-LGB, cache-iad-kjyo7100097-IAD, cache-ams21033-AMS
last-modified: Tue, 25 Jul 2023 23:21:37 GMT
server: nginx
x-timer: S1693831954.729440,VS0,VE12
etag: "76b1f03a8312ca00e6c2fdd553dad13b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 58, 1

GET
H2 200 ec56a6b7e967adbd0bbda39bf08de49f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 50 KB
50 KB 146ms
145ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ec56a6b7e967adbd0bbda39bf08de49f.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7826775232dc71a357983959a33c284e7db109cce3fbfd300c894817b7e255c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ec56a6b7e967adbd0bbda39bf08de49f.png
age: 1690110
edge-cache-tag: 299618346517878216583844685452845665420,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 299618346517878216583844685452845665420,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 370
req-referer: https://www.gazzetta.it/Calcio/Estero/20-08-2023/guardiola-con-la-maglietta-di-mazzone-era-leggenda.shtml
content-length: 50788
x-request-id: 48a65e0a9a5107848b17e2db2e57d9cf
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000033-IAD, cache-iad-kcgs7200055-IAD, cache-sna10740-LGB, cache-iad-kiad7000151-IAD, cache-ams21033-AMS
last-modified: Wed, 09 Aug 2023 10:28:31 GMT
server: nginx
x-timer: S1693831954.729416,VS0,VE1
etag: "db048a90131783a73ed7ae30ef0320d6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 3, 1

GET
H2 200 e0730e1a72cea41161f52eb5184b0420.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 79 KB
80 KB 159ms
159ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e0730e1a72cea41161f52eb5184b0420.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 99199ccd423fd9e7ce494dcb08d4c5ab4c699a7ab6d11dd69dc7939cd60c04d0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e0730e1a72cea41161f52eb5184b0420.jpg
age: 3214717
edge-cache-tag: 331698633940257662538203428489257450726,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 331698633940257662538203428489257450726,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 293
expiration: expiry-date="Mon, 14 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://wordsa.com/
content-length: 80722
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000138-IAD, cache-iad-kiad7000095-IAD, cache-chi-kigq8000115-CHI, cache-iad-kjyo7100176-IAD, cache-ams21033-AMS
last-modified: Fri, 14 Jul 2023 14:40:30 GMT
server: nginx
x-timer: S1693831954.729425,VS0,VE2
etag: "bef653333853796c5de81a959a1ad31d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 7, 1

GET
H2 200 f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 109ms
108ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b6f86771624c80556823d18c77850c02dc5265fba52e3f1459b5de3d0519f79f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age: 2503850
edge-cache-tag: 413171760462916128786953021986728628513,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 413171760462916128786953021986728628513,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 75
req-referer: https://ziarulunirea.ro/burse-pentru-elevii-cu-media-10-la-bacalaurea-si-evaluarea-nationala-cati-bani-vor-putea-primi-elevii-cu-coronita-844864/
content-length: 4882
x-request-id: 1c3feebb02d1c47c4b9f5b558eb4d1fa
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000099-IAD, cache-iad-kjyo7100049-IAD, cache-chi-klot8100137-CHI, cache-iad-kcgs7200157-IAD, cache-ams21033-AMS
last-modified: Fri, 28 Jul 2023 15:42:18 GMT
server: nginx
x-timer: S1693831954.787185,VS0,VE1
etag: "99f28a0677ecaf7b097db6c8ed4612ca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 5, 1

GET
H2 200 2019c936c024fa6fda3c941fa067ea81.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 118ms
117ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f81e307dd3880d9af250c4b63d17391beb0dcf32b33a665019945efee087ae21

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
age: 3793774
edge-cache-tag: 495917111911929012461748354836139372250,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 495917111911929012461748354836139372250,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 58
req-referer: https://bestrated.co.nz/
content-length: 5324
x-request-id: 08df7fde17561117ce83bba0ae87ddc6
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100120-IAD, cache-iad-kjyo7100033-IAD, cache-chi-kigq8000143-CHI, cache-iad-kjyo7100112-IAD, cache-ams21033-AMS
last-modified: Sat, 24 Jun 2023 00:38:22 GMT
server: nginx
x-timer: S1693831954.792769,VS0,VE1
etag: "baf6759a169ac17b06948f44bbb78a81"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 52, 1

GET
H2 200 6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 112ms
112ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 50fb084e53a8aeffaefffbe1612b995ff22ec168455280aae50f40187263fbeb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age: 1468572
edge-cache-tag: 356686445197087509435470419559440289029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356686445197087509435470419559440289029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 556
req-referer: https://kalendrier.ouest-france.fr/
content-length: 8250
x-request-id: a9345f3c6a017abfd5fd26145d40a354
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200023-IAD, cache-iad-kjyo7100108-IAD, cache-lga21945-LGA, cache-iad-kiad7000124-IAD, cache-ams21033-AMS
last-modified: Thu, 10 Aug 2023 11:47:17 GMT
server: nginx
x-timer: S1693831954.826122,VS0,VE1
etag: "0f290e0e1bf2b6824ad4b0ee1e205321"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 8, 1

GET
H2 200 bg3.js Show response
cdn.unibotscdn.com/clientdata/js/ 1 KB
1 KB 113ms
112ms Script
application/javascript 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/js/bg3.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: 85644dd43bd4cd844ab209f5eb91ee8d46e01b891214145ff2e89a5a3ef5a00d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
content-encoding: br
cdn-edgestorageid: 874
cdn-storageserver: DE-168
cdn-cachedat: 08/26/2023 12:01:21
cdn-pullzone: 873945
last-modified: Sat, 26 Aug 2023 12:00:46 GMT
server: BunnyCDN-DE1-722
cdn-fileserver: 660
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64e9e96e-57f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: a1422bd556b9c4641fe91c9c00aded25
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 975 B
1 KB 173ms
172ms Stylesheet
text/css 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: 7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
content-encoding: br
cdn-edgestorageid: 874
cdn-storageserver: DE-588
cdn-cachedat: 08/09/2023 17:49:28
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:13 GMT
server: BunnyCDN-DE1-722
cdn-fileserver: 569
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf61d-3cf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: d0f75c9a301e00a76ea0975c5676f64a
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 4 KB
2 KB 174ms
172ms Stylesheet
text/css 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
content-encoding: br
cdn-edgestorageid: 1055
cdn-storageserver: DE-164
cdn-cachedat: 08/28/2023 14:43:30
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:13 GMT
server: BunnyCDN-DE1-722
cdn-fileserver: 576
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf61d-eda"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: b80ec9948f2558b49d46b31bad40166b
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 39 KB
11 KB 166ms
165ms Stylesheet
text/css 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
content-encoding: br
cdn-edgestorageid: 755
cdn-storageserver: DE-680
cdn-cachedat: 08/29/2023 14:59:51
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:08 GMT
server: BunnyCDN-DE1-722
cdn-fileserver: 296
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf618-9cdf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 1ab46b9a4b6266e1046fde5f7653bad7
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bg3.css
cdn.unibotscdn.com/clientdata/css/ 1 KB
1 KB 174ms
173ms Stylesheet
text/css 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/css/bg3.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: c6dedbf49578df8b1ec598034daa1324e417fbeef3602a7b7ab570390fb46fd3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
content-encoding: br
cdn-edgestorageid: 863
cdn-storageserver: DE-167
cdn-cachedat: 08/09/2023 22:25:50
cdn-pullzone: 873945
last-modified: Tue, 01 Aug 2023 11:45:19 GMT
server: BunnyCDN-DE1-722
cdn-fileserver: 569
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64c8f04f-534"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 37dc50a28dbaa46d90ba7d36a9c06254
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ub-player.css
cdn.unibotscdn.com/ubplayer/css/ 7 KB
2 KB 172ms
171ms Stylesheet
text/css 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/css/ub-player.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: 1e229e795661d9b3f0e7534df3b8af346ca934a563664581f9b978133c48e281

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
content-encoding: br
cdn-edgestorageid: 1054
cdn-storageserver: DE-599
cdn-cachedat: 09/03/2023 13:09:27
cdn-pullzone: 873945
last-modified: Fri, 25 Aug 2023 08:08:48 GMT
server: BunnyCDN-DE1-722
cdn-fileserver: 647
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64e86190-1b06"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 58f1f47a0a9152a0c74665772329b6af
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 356 KB
123 KB 719ms
184ms Script
text/javascript 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125515
x-xss-protection: 0
expires: Mon, 04 Sep 2023 12:52:33 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 9FCE 577 B
477 B 159ms
133ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&cmcv=&pix=undefined&cb=1693831953408&uv=3332&tms=1693831953408&abt=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=bd4c5c57-2d64-4229-bc62-cd3e0f0fe039&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 408baf13937df6c39d23e9e7742220e89f69f9d79c1d1c28094c587693ef6d65

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Sep 2023 12:52:33 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-ams21033-AMS
x-timer: S1693831954.505301,VS0,VE3

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 86B4 439 B
534 B 432ms
103ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e211efd092c6bae3c6878699808fdd369528998c6b80ecd4dae3937d838160d1

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Sep 2023 12:52:33 GMT
machineid: 3407
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 5 KB
3 KB 671ms
654ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693831953415&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1546&pt=-1053474370&tz=120&viewable=true&ddast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3bc18d4154d15522daedf68fd93e54105c33e9ff69715d411540dd0138f25376

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1429
x-cache: MISS
x-served-by: cache-ams21033-AMS
pragma: no-cache
server: nginx
x-timer: S1693831954.505100,VS0,VE512
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://ioms.bfmio.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 418ms
124ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&cmcv=&pix=31589837&cb=1693831953407&uv=3332&tms=1693831953407&abt=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1693831948515.6!ts:1693831953407&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:33 GMT
content-length: 0
server: nginx

GET
H2 200 il95o8vjrn Show response
www.clarity.ms/tag/ 650 B
1013 B 814ms
220ms Script
application/x-javascript 13.107.246.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/il95o8vjrn
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.107.246.60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 757f5896d49fbc4c32bece662ae02cafd5b9840ea942f8cd33ce8b6428252c57

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: -1
date: Mon, 04 Sep 2023 12:52:34 GMT
x-azure-ref: 20230904T125234Z-gy6m89qthh26p7at356bpap7dn00000006tg00000001nama
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012308181609000/v0/ 213 KB
56 KB 140ms
140ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af0d502a9a7d67163adf186df31255bc15e9f08004dd1ef115c3145c3657da04

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 20:35:15 GMT
age: 490638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57645
x-xss-protection: 0
server: sffe
etag: "2fe8959ce43a8d1d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 20:35:15 GMT

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
320 B 289ms
285ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=10638&tvi50=12238&route=AM%3AIL%3AV&lti=deflated&bulkSize=20
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 146
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 64785
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-ams21033-AMS
pragma: no-cache
server: nginx
x-timer: S1693831954.563536,VS0,VE146
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
857 B 126ms
126ms Image
image/jpeg 2.16.238.159
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1693831953507
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.159 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-159.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Mon, 04 Sep 2023 12:52:33 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Mon, 04 Sep 2023 13:52:33 GMT

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 737ms
162ms Script
application/javascript 95.101.54.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.104 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-104.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: nginx/1.18.0
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=8, origin; dur=0, ak_p; desc="1693831954004_1600468580_126603568_857_1213_91_0_146";dur=1
content-length: 122286
expires: Tue, 03 Sep 2024 12:52:34 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
564 B 790ms
259ms Script
application/javascript 95.101.54.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.104 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-104.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=15, ak_p; desc="1693831954198_1600468580_126603569_1548_1198_91_137_146";dur=1
content-length: 211
expires: Tue, 03 Sep 2024 12:52:34 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 790ms
260ms Script
application/javascript 95.101.54.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.104 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-104.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=32, origin; dur=0, ak_p; desc="1693831954198_1600468580_126603570_3300_1188_91_137_146";dur=1
content-length: 18371
expires: Mon, 04 Sep 2023 13:52:34 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 906ms
333ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69782e0fa87fa2069e006ee213a2b546c3dff74c54e0895a4fc1615e1578608b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29313
x-xss-protection: 0
server: cafe
etag: 978 / 19604 / m202308290101 / config-hash: 15830000896466728742
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:34 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
309 B 433ms
117ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTM4MzE5NTM1ODAsInBhY2tldElkIjoiMDAwMEE3MDEtOWEyNDc4MTgtNDdjNC00NTBiLWI1MGEtN2VhODQzMGMwM2Q2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZhLWh1aS1qaW4tcm9uZy1jaHVhbmcteGluLXlvdS1zaGktemhlbmcteWluLWRhbi14aWFuLXNoYW5nLXBpLWxpYW5nLXJvbmctemktZGFuLWJhby1oZS16dW8tbW8tc2hpLXR1aS1jaHUuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=5065.700000762939
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:34 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
308 B 418ms
118ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:34 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9FCE 70 B
264 B 375ms
134ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&cmcv=&pix=undefined&cb=1693831953408&uv=3332&tms=1693831953408&abt=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=bd4c5c57-2d64-4229-bc62-cd3e0f0fe039&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 9FCE 43 B
425 B 1047ms
137ms Image
image/gif 34.255.44.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&cmcv=&pix=undefined&cb=1693831953408&uv=3332&tms=1693831953408&abt=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=bd4c5c57-2d64-4229-bc62-cd3e0f0fe039&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.44.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 3EBB 18 KB
8 KB 731ms
197ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a46615990585224ef8ee8eb33b754ffa3931641abfa785be776842efa0dc686b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7909
x-xss-protection: 0
server: cafe
etag: 15012155748407120938
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:34 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 8269 18 KB
8 KB 754ms
233ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3253247b5f38c1b97cb8e9a19f4edd809f9d5ea5562e03daeef44e979e067a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7903
x-xss-protection: 0
server: cafe
etag: 3038811135600627139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:34 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F82A 281 B
554 B 391ms
152ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&cmcv=&pix=undefined&cb=1693831953408&uv=3332&tms=1693831953408&abt=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=bd4c5c57-2d64-4229-bc62-cd3e0f0fe039&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Sep 2023 12:52:34 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 feedback
feedback.adrecover.com/ARWebService/ 70 B
309 B 1092ms
176ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://feedback.adrecover.com/ARWebService/feedback?ts=1693831953686&adBlockedAA=false&packetId=00000001-1ac1b788-02e9-41da-84a7-c3159573a333&siteId=43519&pageGroup=POST_ADRECOVER&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&country=CH&platform=DESKTOP
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:34 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
308 B 397ms
118ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTM4MzE5NTM2OTMsInBhY2tldElkIjoiMDAwMEE3MDEtOWEyNDc4MTgtNDdjNC00NTBiLWI1MGEtN2VhODQzMGMwM2Q2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZhLWh1aS1qaW4tcm9uZy1jaHVhbmcteGluLXlvdS1zaGktemhlbmcteWluLWRhbi14aWFuLXNoYW5nLXBpLWxpYW5nLXJvbmctemktZGFuLWJhby1oZS16dW8tbW8tc2hpLXR1aS1jaHUuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=5177.900001525879
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:34 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
308 B 390ms
119ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTM4MzE5NTM2OTgsInBhY2tldElkIjoiMDAwMEE3MDEtOWEyNDc4MTgtNDdjNC00NTBiLWI1MGEtN2VhODQzMGMwM2Q2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZhLWh1aS1qaW4tcm9uZy1jaHVhbmcteGluLXlvdS1zaGktemhlbmcteWluLWRhbi14aWFuLXNoYW5nLXBpLWxpYW5nLXJvbmctemktZGFuLWJhby1oZS16dW8tbW8tc2hpLXR1aS1jaHUuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=5183.200000762939
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:34 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
308 B 380ms
119ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTM4MzE5NTM2OTksInBhY2tldElkIjoiMDAwMEE3MDEtOWEyNDc4MTgtNDdjNC00NTBiLWI1MGEtN2VhODQzMGMwM2Q2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZhLWh1aS1qaW4tcm9uZy1jaHVhbmcteGluLXlvdS1zaGktemhlbmcteWluLWRhbi14aWFuLXNoYW5nLXBpLWxpYW5nLXJvbmctemktZGFuLWJhby1oZS16dW8tbW8tc2hpLXR1aS1jaHUuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF8zMzZYMjgwXzg2MWUwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M18zMzZYMjgwXzg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlcnZpY2VzIjpbNV0sImFkVW5pdFR5cGUiOjh9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=5184.600002288818
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:34 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012308181609000/v0/ 110 KB
32 KB 91ms
91ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53202a3c73552b3385ff4cc5598c6cdabfa4d37acc87cd2fd8c0577494143285

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 20:32:03 GMT
age: 490830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32193
x-xss-protection: 0
server: sffe
etag: "473971c650298c2f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 20:32:03 GMT

GET
H2 200 nameframe.html
d-23297745793498261207.ampproject.net/2308181609000/ 0
0 772ms
140ms Other
text/html 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-23297745793498261207.ampproject.net/2308181609000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
308 B 334ms
119ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTM4MzE5NTM2OTMsInBhY2tldElkIjoiMDAwMEE3MDEtOWEyNDc4MTgtNDdjNC00NTBiLWI1MGEtN2VhODQzMGMwM2Q2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZhLWh1aS1qaW4tcm9uZy1jaHVhbmcteGluLXlvdS1zaGktemhlbmcteWluLWRhbi14aWFuLXNoYW5nLXBpLWxpYW5nLXJvbmctemktZGFuLWJhby1oZS16dW8tbW8tc2hpLXR1aS1jaHUuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=5200.600002288818
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:34 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame F482 714 B
617 B 116ms
115ms Document
text/html 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 4226
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 80165ecf290bd5ac-CDG
content-encoding: br
content-type: text/html
date: Mon, 04 Sep 2023 12:52:33 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvEzIhw88tkp9ro8bjG9DSBsFGjJCMo3EhxATD%2B%2FGNdGRLN9DbI1pcU0dNLbM10y%2By6kZ%2BaGUmNybTQa2XEu204YWlaTfH49dw3BXBiNV5DYpV63PYbyXsTFyl4%2FVUfFTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame AB7A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

408ms
130ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Sep 2023 12:52:34 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 04 Sep 2023 12:52:34 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/18f405ba-cc50-38f9-be07-6f29314e4dbf?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-rzcoiUhE2oXaowPJc4PIW5EtcpFPkjPaUb3llgE-~A&redirect=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
264 B

129ms
113ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date: Mon, 04 Sep 2023 12:52:35 GMT
Connection: close
Content-Length: 111
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H2 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 29B1 714 B
556 B 160ms
159ms Document
text/html 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 4226
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 80165ecf895cd5ac-CDG
content-encoding: br
content-type: text/html
date: Mon, 04 Sep 2023 12:52:33 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzJRN2DmNGNAUpvhFULH0uUD%2BM0J0nin%2F6sYQWD6V6q4kph9DdcEkLauFvOEqFPhNkAb0Ot60VlUtxRGBPf3ULnnYUg64vkNBpsmPIFqwcwmru%2Fjo3uDSx9ZKKZct6SVQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5511
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

277ms
165ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Sep 2023 12:52:34 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 04 Sep 2023 12:52:34 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4a3e074f7f879ff2c57035d9a5f5b14b.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 14bbf5cd7d5cd3ff8bdbc9540959ef43d229c8a90d1e3f34a1b721950e66a70a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Sep 2023 12:52:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4a3e074f7f879ff2c57035d9a5f5b14b.jpeg
age: 3053143
edge-cache-tag: 548927372391360882470213089307956759229,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 548927372391360882470213089307956759229,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 201
req-referer: https://www.gazzetta.it/
content-length: 54438
x-request-id: 099502554c78831e94c7267f27ea6618
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000177-IAD, cache-iad-kcgs7200027-IAD, cache-lax10622-LGB, cache-iad-kiad7000158-IAD, cache-ams21033-AMS
last-modified: Thu, 20 Jul 2023 15:22:37 GMT
server: nginx
x-timer: S1693831954.292749,VS0,VE0
etag: "24f4ddfdcb222f13323130f54aa913f7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 9, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b055e1ee062dc44b044236faa993798.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bce930f79828901cc7ef73caf4491b380ef9d3e059eab2665906d069dae8a2a1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Sep 2023 12:52:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b055e1ee062dc44b044236faa993798.png
age: 3207751
edge-cache-tag: 582150484640792665894963372733789094020,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 582150484640792665894963372733789094020,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 210
expiration: expiry-date="Sun, 20 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.rallye-sport.fr/
content-length: 60876
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100150-IAD, cache-iad-kjyo7100069-IAD, cache-sna10744-LGB, cache-iad-kjyo7100162-IAD, cache-ams21033-AMS
last-modified: Thu, 20 Jul 2023 06:00:22 GMT
server: nginx
x-timer: S1693831954.292735,VS0,VE0
etag: "ac2e9e0fc3c46327e0b39322f2ad6870"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 5, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37504672fe63a7dc8cf15988a9d8168a.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f6eaef6b940da31d10df7134ab8d89cf0f8ed953b45782580b090fbf56da8d6c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Sep 2023 12:52:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37504672fe63a7dc8cf15988a9d8168a.jpg
age: 448832
edge-cache-tag: 629686520374277985801979535369461736196,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629686520374277985801979535369461736196,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 54
expiration: expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://tuzzy.com/
content-length: 5932
x-backend-name: LA_nlb202
x-served-by: cache-iad-kiad7000131-IAD, cache-iad-kcgs7200116-IAD, cache-sna10744-LGB, cache-iad-kiad7000134-IAD, cache-ams21033-AMS
last-modified: Tue, 01 Aug 2023 06:51:28 GMT
server: nginx
x-timer: S1693831954.292713,VS0,VE0
etag: "08e87d6a70241e4cb015a2e8e6254d81"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ec56a6b7e967adbd0bbda39bf08de49f.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7826775232dc71a357983959a33c284e7db109cce3fbfd300c894817b7e255c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Sep 2023 12:52:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ec56a6b7e967adbd0bbda39bf08de49f.png
age: 1690111
edge-cache-tag: 299618346517878216583844685452845665420,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 299618346517878216583844685452845665420,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 370
req-referer: https://www.gazzetta.it/Calcio/Estero/20-08-2023/guardiola-con-la-maglietta-di-mazzone-era-leggenda.shtml
content-length: 50788
x-request-id: 48a65e0a9a5107848b17e2db2e57d9cf
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000033-IAD, cache-iad-kcgs7200055-IAD, cache-sna10740-LGB, cache-iad-kiad7000151-IAD, cache-ams21033-AMS
last-modified: Wed, 09 Aug 2023 10:28:31 GMT
server: nginx
x-timer: S1693831954.292688,VS0,VE0
etag: "db048a90131783a73ed7ae30ef0320d6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 3, 2

GET
H2 200 brautkleider-royals-2%2Cid%3D2efdba79%2Cb%3Dliebenswert%2Cw%3D1600%2Cca%3D0.00%2C0.00%2C100.00%2C100.00%2Crm%3Dsk.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.liebenswert-magazin.de/ 24 KB
25 KB 144ms
143ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.liebenswert-magazin.de/brautkleider-royals-2%2Cid%3D2efdba79%2Cb%3Dliebenswert%2Cw%3D1600%2Cca%3D0.00%2C0.00%2C100.00%2C100.00%2Crm%3Dsk.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2262d81f8de5000f71386d2acfba6de063fd488cdaa6055f2bf4a637daa3c9aa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Sep 2023 12:52:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.liebenswert-magazin.de/brautkleider-royals-2%2Cid%3D2efdba79%2Cb%3Dliebenswert%2Cw%3D1600%2Cca%3D0.00%2C0.00%2C100.00%2C100.00%2Crm%3Dsk.jpeg
age: 2317143
edge-cache-tag: 366871436072726444483376463122342600673,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 366871436072726444483376463122342600673,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 793
req-referer: https://www.hoerzu.de/
content-length: 24308
x-request-id: f34d3f45a7f4316aa13163f9c0d4790a
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100128-IAD, cache-iad-kcgs7200070-IAD, cache-sna10750-LGB, cache-iad-kjyo7100097-IAD, cache-ams21033-AMS
last-modified: Tue, 25 Jul 2023 23:21:37 GMT
server: nginx
x-timer: S1693831954.292687,VS0,VE0
etag: "76b1f03a8312ca00e6c2fdd553dad13b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 58, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e0730e1a72cea41161f52eb5184b0420.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 99199ccd423fd9e7ce494dcb08d4c5ab4c699a7ab6d11dd69dc7939cd60c04d0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Sep 2023 12:52:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e0730e1a72cea41161f52eb5184b0420.jpg
age: 3214718
edge-cache-tag: 331698633940257662538203428489257450726,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 331698633940257662538203428489257450726,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 293
expiration: expiry-date="Mon, 14 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://wordsa.com/
content-length: 80722
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000138-IAD, cache-iad-kiad7000095-IAD, cache-chi-kigq8000115-CHI, cache-iad-kjyo7100176-IAD, cache-ams21033-AMS
last-modified: Fri, 14 Jul 2023 14:40:30 GMT
server: nginx
x-timer: S1693831954.292655,VS0,VE0
etag: "bef653333853796c5de81a959a1ad31d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 7, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b6f86771624c80556823d18c77850c02dc5265fba52e3f1459b5de3d0519f79f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age: 2503850
edge-cache-tag: 413171760462916128786953021986728628513,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 413171760462916128786953021986728628513,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 75
req-referer: https://ziarulunirea.ro/burse-pentru-elevii-cu-media-10-la-bacalaurea-si-evaluarea-nationala-cati-bani-vor-putea-primi-elevii-cu-coronita-844864/
content-length: 4882
x-request-id: 1c3feebb02d1c47c4b9f5b558eb4d1fa
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000099-IAD, cache-iad-kjyo7100049-IAD, cache-chi-klot8100137-CHI, cache-iad-kcgs7200157-IAD, cache-ams21033-AMS
last-modified: Fri, 28 Jul 2023 15:42:18 GMT
server: nginx
x-timer: S1693831954.897531,VS0,VE0
etag: "99f28a0677ecaf7b097db6c8ed4612ca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 5, 2

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 86B4 70 B
265 B 186ms
133ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 86B4 43 B
426 B 859ms
137ms Image
image/gif 34.255.44.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.44.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 86B4 0
125 B 487ms
147ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/ 2 KB
951 B 157ms
156ms Fetch
application/json 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 20:32:09 GMT
age: 490824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "0fc0eb4a65ca6481"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 20:32:09 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 709ms
130ms Fetch
application/json 172.64.102.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.102.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6810
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 04 Sep 2023 10:59:04 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWP%2BfzoliwYkf8fIKFg%2F2z7fgfrJSyy1KIQJiJ41aPhTj5S73ATCTnRBNxO5vcs1EDKa69iiKQVDubt8yluxvnjoy%2BkTHfY1ijtA7r2oYDh1knXH9eNcY7j9LTBHQbva6cQh%2Bph0OKL6%2Fr3E9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 80165ed38e851c20-FRA

GET
H2 200 gtag.json Show response
cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/ 3 KB
1 KB 158ms
158ms Fetch
application/json 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 20:32:10 GMT
age: 490823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "d9a6653d564716b0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 20:32:10 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F482 98 KB
29 KB 568ms
276ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac1ba542a9fa7eb7bfdc1f7c8144db30e39cf2083710f2043b73dc30c117b296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28958
x-xss-protection: 0
server: cafe
etag: 552 / 19604 / 31077537 / config-hash: 15830000896466728742
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:34 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f81e307dd3880d9af250c4b63d17391beb0dcf32b33a665019945efee087ae21

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
age: 3793774
edge-cache-tag: 495917111911929012461748354836139372250,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 495917111911929012461748354836139372250,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 58
req-referer: https://bestrated.co.nz/
content-length: 5324
x-request-id: 08df7fde17561117ce83bba0ae87ddc6
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100120-IAD, cache-iad-kjyo7100033-IAD, cache-chi-kigq8000143-CHI, cache-iad-kjyo7100112-IAD, cache-ams21033-AMS
last-modified: Sat, 24 Jun 2023 00:38:22 GMT
server: nginx
x-timer: S1693831954.942168,VS0,VE0
etag: "baf6759a169ac17b06948f44bbb78a81"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 52, 2

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
786 B 142ms
142ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Mon, 04 Sep 2023 12:52:33 GMT
via: 1.1 varnish
x-amz-request-id: ZFRPC3PFTHSKWAJC
age: 5447
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: I3ik5JowKcfEGbtrriHouz1flL96hfvN+S8YuupPMlmly2fde9Exqqba1OwCj7qV+igbuNUsCvE=
x-served-by: cache-ams21033-AMS
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693831954.942151,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 67
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 917

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 29B1 98 KB
28 KB 534ms
279ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-65-106-156.eu-central-1.compute.amazonaws.com

Software

cafe /

Resource Hash

a6dc6effeba88c1d6e249f63c1d4d3be4be9a9ce773e1dd77fba7c3b1eaa0183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28953
x-xss-protection: 0
server: cafe
etag: 53 / 19604 / m202308290101 / config-hash: 15830000896466728742
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:34 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 50fb084e53a8aeffaefffbe1612b995ff22ec168455280aae50f40187263fbeb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Sep 2023 12:52:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age: 1468572
edge-cache-tag: 356686445197087509435470419559440289029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356686445197087509435470419559440289029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 556
req-referer: https://kalendrier.ouest-france.fr/
content-length: 8250
x-request-id: a9345f3c6a017abfd5fd26145d40a354
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200023-IAD, cache-iad-kjyo7100108-IAD, cache-lga21945-LGA, cache-iad-kiad7000124-IAD, cache-ams21033-AMS
last-modified: Thu, 10 Aug 2023 11:47:17 GMT
server: nginx
x-timer: S1693831954.006550,VS0,VE0
etag: "0f290e0e1bf2b6824ad4b0ee1e205321"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 8, 2

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 727ms
140ms Fetch
application/json 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_3_2/infra/ 880 KB
144 KB 156ms
151ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_3_2/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: abbe23532c29388ff9cf24a221de12ef373ce0906a072e5c8959c5d0c61bb948

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1693814993
date: Mon, 04 Sep 2023 12:52:34 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: N9GAPSE9JQDK4WX2
age: 16844
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1693814993
x-amz-meta-mode: 33188
content-length: 147069
x-amz-id-2: /nlueWCqqDUOWr6efpFmrBOeaAHUKA3eYGL+EzU6p51rywYs6t2JQy5TawbZLedD5QpXZS+8fxg=
x-served-by: cache-ams21053-AMS
last-modified: Mon, 04 Sep 2023 08:09:54 GMT
server: AmazonS3-br
x-timer: S1693831954.186334,VS0,VE0
etag: "79e3f0f314dc0035b3163a87c6b0ddec"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 6054

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_3_2/assets/css/ 60 KB
8 KB 156ms
152ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_3_2/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1693815011
date: Mon, 04 Sep 2023 12:52:34 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: N9GB599XBNTJ0QFY
age: 16844
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1693815011
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: ZPTM2oJTwcER7hQp91xechNLgFh4cJo+iQqgPxgA/7OLqyHIcI7MQZINmAurac/pznrxIh5pfy4=
x-served-by: cache-ams21033-AMS
last-modified: Mon, 04 Sep 2023 08:10:12 GMT
server: AmazonS3-br
x-timer: S1693831954.186091,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 8076

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F82A 34 KB
10 KB 155ms
151ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 645c990f39dbf24c282b2e62297b3cf0f8a06f732309c682843f019d4df02eba

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 12:52:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Sep 2023 01:29:29 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=45364
Connection: keep-alive
Content-Length: 10123
Expires: Tue, 05 Sep 2023 01:28:38 GMT

GET
H2 200 video.min.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 524 KB
161 KB 107ms
106ms Script
application/javascript 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: 36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
cdn-edgestorageid: 860
cdn-storageserver: DE-570
cdn-cachedat: 07/06/2023 22:30:42
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:19 GMT
server: BunnyCDN-DE1-722
cdn-fileserver: 340
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"642bf623-830a3"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 8110d74bdb16aa4005afb6cde41eba8f
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame F82A 284 B
536 B 619ms
147ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
24 KB 181ms
181ms Script
application/javascript 13.107.246.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/il95o8vjrn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.107.246.60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
last-modified: Sat, 02 Sep 2023 00:02:24 GMT
etag: W/"0x8DBAB47E2F74991"
vary: Accept-Encoding
x-azure-ref: 20230904T125234Z-gy6m89qthh26p7at356bpap7dn00000006tg00000001namz
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 5c465173-301e-0072-5759-dd2994000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 857ms
201ms Script
application/javascript 91.228.74.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.206 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:35 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Sep 2023 12:52:35 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 782ms
145ms XHR
application/json 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230904

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44ea66fbddd5116848cc54810efdbf4c6bed99fc108e3c625e7c2f186dd1db27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 12:52:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 31904
x-jsd-version: 1.0.1802
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4520-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"63d-DO7zOt78ne9DP33fqjNCE7N3iZA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nDEhkaID4eQmdshEb8FU2O2bFX6Qy8edCcgP0mxPUHTAvX7GqzpeMSHRngs6zFeBqbSqnUqlF5xWtPPaK9ZImTZfgK5M%2FqR6hxNeC5SaNYv4qh1K5SDVJ6EnXpKJqWBF0k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 80165ed75f454c76-MXP

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
700 B 421ms
182ms XHR
application/json 3.65.106.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&tmax=3000

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.65.106.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:34 GMT
accept-ch: sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile
x-auction-status: 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
493 B 737ms
401ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:35 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Mon, 04 Sep 2023 12:52:35 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
189 B 887ms
279ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=68046093361&lsavail=0

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 04 Sep 2023 12:52:35 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
306 B 681ms
265ms XHR
text/plain 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 80165ed639020375-CDG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 681ms
266ms XHR
text/plain 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 80165ed639040375-CDG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 13 KB
7 KB 599ms
326ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7db752f1b4a98b7d08f939baa2bfc0f8ffb649ca5f9fe7bc6f64172728e938c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anDdi%2FV9dgNLhL2G%2FpOh6UPoCLEyjMXYF2M8QGvTDscmdPuzYAL64hhT7eznVXLr70D8eytrD9aAXM0Ej5BjS33UZidoXvlC0%2BKFX%2F61WN4iy8p25qaul1exg3AD67xeTxjJ95b%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 80165ed53f9d0221-ZRH
alt-svc: h3=":443"; ma=86400
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
317 B 511ms
239ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b71acbc4b45884ce995a18c13f69e3f4e7f9703380b0b11f76dcdcf0ab2e8947

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Hm69GCLB6WxbY%2FiuV%2FvHJEg1nPanWJGOdJN44P5aPYrjMuAlu%2BWlP21qCSkJ%2F1JGwB%2BPczcl%2BTnE%2FV8JmonO2O%2BIlQtCozpI7jxWqtI4LwuXlgw1kN4IGhhNFw7ZVgOiHBB7fyD"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 80165ed53f9f0221-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
543 B 511ms
238ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b71acbc4b45884ce995a18c13f69e3f4e7f9703380b0b11f76dcdcf0ab2e8947

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6YGuzwv4TeTB4TZV2iJVo9VJm1OQx0UalXf9pRee%2F%2BVpgqiyYcFzGZG7Ohb4uNLewpIMT%2BJsCZDPJMLPmzSltN3FYe2slRs91HUyLYPU0XERaHOULGR1nQ3Kz1vgAVCeAIoe8yP"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 80165ed53fa00221-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 adreq Show response
ads.servenobid.com/ 981 B
771 B 467ms
187ms XHR
application/json 52.30.209.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=8916
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 37 KB
29 KB 904ms
502ms XHR
application/json 3.124.41.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.41.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-41-155.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ff749ba3a3c1676ded244d503e0648ed061e2bbc847cd2917c7fd6770b0332bd

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 04 Sep 2023 12:52:35 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 29770

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
498 B 440ms
167ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
153 B 506ms
236ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: a1cd1e07b1bec351cc70929428a8cf2550c0e1d468a401f2cf5fa6745ab0d61b

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
145 B 431ms
161ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 04 Sep 2023 12:52:34 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
41 B 432ms
162ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 04 Sep 2023 12:52:34 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
468 B 509ms
113ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 14a039a0f8690dd14eccc464545cd5082065124e6b5a3bab3e4b2996b23e5d77

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/1.127.0
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 5 KB
4 KB 974ms
236ms XHR
application/json 213.19.162.21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=4c35241b-ae23-4eec-9a70-8d7c729e0e7b%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E7%99%BC%E6%8F%AE%E9%87%91%E8%9E%8D%E5%89%B5%E6%96%B0%E5%84%AA%E5%8B%A2%E2%80%9C%E6%94%BF%E9%8A%80%E6%93%94%E2%80%9D%E7%B7%9A%E4%B8%8A%E6%89%B9%E9%87%8F%E8%9E%8D%E8%B3%87%E6%93%94%E4%BF%9D%E5%90%88%E4%BD%9C%E6%A8%A1%E5%BC%8F%E6%8E%A8%E5%87%BA&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=2686d252-ac0f-4319-accf-b1e8844aaacd%3B914118bc-0a57-4a44-be83-7e9e28047115&l_pb_bid_id=58fccec14f01c3f%3B59d4ffe173f5e7c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=2686d252-ac0f-4319-accf-b1e8844aaacd%3B914118bc-0a57-4a44-be83-7e9e28047115&rp_maxbids=1&slots=2&rand=0.5280107141481531
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6161e018203223578b0db3be8e1791db5e14fd17d7565e9d48ec87dff0f76a77

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:35 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
273 B 461ms
146ms XHR
text/plain 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 04 Sep 2023 12:52:34 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 248 B
811 B 435ms
171ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

236dd2858c8c61fed5f9da03cecaa009990d88724abfb5c581e158461647439e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:34 GMT
an-x-request-uuid: 965b042b-8c83-4d30-83e4-a8ee06979135
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 194.230.146.186; 194.230.146.186; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 248
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST v1
hb-api.omnitagjs.com/hb-api/prebid/ 0
0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 681ms
420ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7c067a4c0cdfb8c9e0a09ea50424f026661396e3f839ba43c142bf8986e59c96

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:35 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Mon, 04 Sep 2023 12:52:34 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5511 34 KB
10 KB 147ms
147ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 645c990f39dbf24c282b2e62297b3cf0f8a06f732309c682843f019d4df02eba

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 12:52:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Sep 2023 01:29:29 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=45364
Connection: keep-alive
Content-Length: 10123
Expires: Tue, 05 Sep 2023 01:28:38 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 142ms
142ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 12:52:34 GMT
x-amz-request-id: QGKR13PZZQJQBXVH
age: 511
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: 1qtQVxWi/DHISGBHIO99deg4ePVGlY/71vCcXWbIc/jfDAWUGJ4XlnjrYRO633VuuJhSs6lOt9I=
x-served-by: cache-ams21033-AMS
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1693831955.536513,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 7
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 932

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 140ms
140ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 12:52:34 GMT
x-amz-request-id: VQM60MBKQFQCY8SS
age: 5006
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: c0fAurhn9vBgbP8wnJn2qGbHXMl5w9VV2jDxhusPnM555o+lMkYVqeqQaj6/ZFBDYNqAhNcfUlc=
x-served-by: cache-ams21033-AMS
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693831955.536493,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 14
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1630

GET
H2 200 videojs.ads.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 91 KB
25 KB 125ms
121ms Script
application/javascript 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: 93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
cdn-edgestorageid: 1076
cdn-storageserver: DE-677
cdn-cachedat: 08/09/2023 21:21:30
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:21 GMT
server: BunnyCDN-DE1-722
cdn-fileserver: 577
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf625-16c3c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: cc53ff4955c151797851ee0466e947dd
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ima.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 84 KB
19 KB 131ms
127ms Script
application/javascript 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: 02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
cdn-edgestorageid: 1077
cdn-storageserver: DE-165
cdn-cachedat: 07/07/2023 01:07:44
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:22 GMT
server: BunnyCDN-DE1-722
cdn-fileserver: 339
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"642bf626-14fe2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: df872de549f169b5eede5074ddf3a617
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 can-autoplay.min.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 11 KB
4 KB 130ms
126ms Script
application/javascript 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: 432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
cdn-edgestorageid: 1049
cdn-storageserver: DE-164
cdn-cachedat: 08/28/2023 19:09:21
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:16 GMT
server: BunnyCDN-DE1-722
cdn-fileserver: 565
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf620-2ae4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 68eea0067ad3a3e8db56a23311511f53
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs-playlist.min.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 5 KB
2 KB 130ms
126ms Script
application/javascript 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: 2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
cdn-edgestorageid: 1055
cdn-storageserver: DE-167
cdn-cachedat: 08/29/2023 17:57:29
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:20 GMT
server: BunnyCDN-DE1-722
cdn-fileserver: 573
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf624-13b1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 0cbfa8beb0179ad7023b3c6ae643658b
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 116ms
114ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
via: 1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: AMS1-C1
age: 2425479
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-ams21033-AMS
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1693831955.604215,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: A6eSXa8mzm8pvy_g4qU43SWxHhg7-JxFo9dy2qx0Z0FOI9MVcvzpjQ==
x-cache-hits: 97305

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.6/ 448 KB
85 KB 143ms
140ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.6/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 0f8884fee7d4247cfe627abf2375a956214341f386dbbb15abdc0e9a5acc2ca6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1693808920
date: Mon, 04 Sep 2023 12:52:34 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: XMBBXT91TWNJPSPE
age: 22967
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1693808935
x-amz-meta-mode: 33188
content-length: 86175
x-amz-id-2: RClkcb3FmTDNpUgbudCQJo945jCgUll9JWWZp22Xbk1j3XGRWRatc4wQh+WOGU45+Py+zePDyrQ=
x-served-by: cache-ams21033-AMS
last-modified: Mon, 04 Sep 2023 06:28:56 GMT
server: AmazonS3-br
x-timer: S1693831955.655956,VS0,VE0
etag: "6145b571e0d42db95f9f5ba3b3bdb5ba"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 8777

GET
H2 200 sync Show response
am-match.taboola.com/ Frame E7C2 422 B
507 B 114ms
114ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 08288823c98f09146a62e60bd357fa1ef27e0aa6d7709f5fb5212d9055c10b01

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Sep 2023 12:52:34 GMT
machineid: 3407
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 114ms
113ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&cmcv=&pix=31579697&cb=1693831954573&uv=3332&tms=1693831954573&su=3&abt=nonrv_vA!ufm_vG!ufwfrtb_vA!unf_vA&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-length: 0
server: nginx

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3EBB 145 KB
50 KB 157ms
156ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b752803483d38ba6a21af7ec2b86fc9be8d5a588c6459902c0102efd3e54cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51025
x-xss-protection: 0
server: cafe
etag: 16148601455789493500
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:34 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8269 145 KB
50 KB 255ms
254ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d477a6b59cb79c3901b966468d196deb5fea452219f0b2b49b7bd3b4a5b045d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51026
x-xss-protection: 0
server: cafe
etag: 7706586338294548885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:34 GMT

GET
BLOB 200
OK d2ff624a-4572-45c0-a5d3-e6fecebfb655
https://www.bg3.co/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/d2ff624a-4572-45c0-a5d3-e6fecebfb655
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 149ms
141ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Mon, 04 Sep 2023 12:52:34 GMT
via: 1.1 6750d77433312fa1bf305e9ae7af80ae.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: AMS1-P1
age: 2845741
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-ams21033-AMS
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1693831955.706233,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: aMbbnOmg1VE3Pr2yFaiHpIZhHxo3sETSuv1N7hdOiyVEbEUpcsOAdA==
x-cache-hits: 317512

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AB7A 34 KB
10 KB 196ms
195ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 645c990f39dbf24c282b2e62297b3cf0f8a06f732309c682843f019d4df02eba

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 12:52:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Sep 2023 01:29:29 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=45364
Connection: keep-alive
Content-Length: 10123
Expires: Tue, 05 Sep 2023 01:28:38 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/ Frame F482 403 KB
127 KB 98ms
97ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:52:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18010
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129682
x-xss-protection: 0
server: cafe
etag: 12917394590533080382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 03 Sep 2024 07:52:24 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/ Frame 29B1 403 KB
127 KB 177ms
177ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:04:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2884
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129682
x-xss-protection: 0
server: cafe
etag: 12917394590533080382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 03 Sep 2024 12:04:30 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/ 403 KB
127 KB 186ms
186ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:04:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2884
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129682
x-xss-protection: 0
server: cafe
etag: 12917394590533080382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 03 Sep 2024 12:04:30 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5511 284 B
919 B 304ms
125ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 / Show response
pips.taboola.com/ 4 B
96 B 174ms
173ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-ams21053-AMS
date: Mon, 04 Sep 2023 12:52:34 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E7C2 70 B
264 B 172ms
171ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame E7C2 43 B
425 B 201ms
200ms Image
image/gif 34.255.44.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.44.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-224-236-0.compute-1.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame E7C2 43 B
146 B 477ms
120ms Image
image/gif 18.196.96.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.96.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-96-246.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK ubpvideos Show response
newsbot.unibots.in/get_videos/ 521 B
693 B 857ms
234ms Fetch
application/json 172.105.43.230
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbot.unibots.in/get_videos/ubpvideos
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.105.43.230 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-105-43-230.ip.linodeusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2f7fd1d6651e37c961b69957f5037d3237ea523fd55d5d3a60ddc3fc2b61ecaf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 04 Sep 2023 12:52:35 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Length: 521
Content-Type: application/json

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 695ms
133ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=7279&cid=amp-8egML7Ct6COpbVD1sVxY9A&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dr=&dt=%E7%99%BC%E6%8F%AE%E9%87%91%E8%9E%8D%E5%89%B5%E6%96%B0%E5%84%AA%E5%8B%A2%C2%A0%E2%80%9C%E6%94%BF%E9%8A%80%E6%93%94%E2%80%9D%E7%B7%9A%E4%B8%8A%E6%89%B9%E9%87%8F%E8%9E%8D%E8%B3%87%E6%93%94%E4%BF%9D%E5%90%88%E4%BD%9C%E6%A8%A1%E5%BC%8F%E6%8E%A8%E5%87%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1693831955&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308181609000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 691ms
116ms Ping
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-8egML7Ct6COpbVD1sVxY9A&aip=1&sid=1693831955&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308181609000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
290 B 718ms
216ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bg3.co
Date: Mon, 04 Sep 2023 12:52:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 getmu Show response
ioms.bfmio.com/ 49 B
486 B 791ms
248ms XHR
application/xml 34.224.236.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ioms.bfmio.com/getmu?aid=bce3140f-08da-4881-e9f1-5dd3e036a4ca&output=html5&width=700&height=393&v=1&pageurl=https%3A%2F%2Fwww.bg3.co&i_type=out&stream=out&playback=2&cb=R0.1693831954832&us_privacy=1---

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.6/OvaMediaPlayer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.224.236.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: location
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
303 B 700ms
147ms Image
image/gif 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E7%99%BC%E6%8F%AE%E9%87%91%E8%9E%8D%E5%89%B5%E6%96%B0%E5%84%AA%E5%8B%A2%C2%A0%E2%80%9C%E6%94%BF%E9%8A%80%E6%93%94%E2%80%9D%E7%B7%9A%E4%B8%8A%E6%89%B9%E9%87%8F%E8%9E%8D%E8%B3%87%E6%93%94%E4%BF%9D%E5%90%88%E4%BD%9C%E6%A8%A1%E5%BC%8F%E6%8E%A8%E5%87%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-8egML7Ct6COpbVD1sVxY9A&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.11991900348770135&gjid=0.5413088129189612&_r=1&a=7279&z=0.7371164749271593&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/ Frame 3EBB 384 KB
130 KB 294ms
294ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44cd2f8703c302d10771603f68d326e8ee7e1a9c34613f919ca80cc15d8a4148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133294
x-xss-protection: 0
server: cafe
etag: 371196574848499704
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/ Frame 582B 10 KB
5 KB 215ms
213ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 72116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 16:50:39 GMT
etag: 9878862242593084568
expires: Sun, 17 Sep 2023 16:50:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame AB7A 284 B
919 B 271ms
135ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F482 492 B
606 B 217ms
217ms Fetch
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1731831362702570&correlator=3778552443595364&eid=31077537%2C31075594&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1693831954930&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=nu4zoxnzj29p&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=657102368.1693831955&ga_sid=1693831955&ga_hid=1846031840&ga_fc=false&dlt=1693831953865&idt=1040&adks=64515409&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6a69279431808d18da81551fb3685b3abc332ebfab1607c8b839edd415d5571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0c33b04db4424ce0bb7bab225a5901ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2003 6 KB
3 KB 781ms
154ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0c33b04db4424ce0bb7bab225a5901ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:35 GMT
expires: Tue, 03 Sep 2024 12:52:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 71EF 603 B
222 B 477ms
477ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-26748998483218367488&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2474&oid=2&is_amp=5&amp_v=2308181609000&d_imp=1&c=87619007279&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&ga_hid=7279&dt=1693831954057&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&bdt=2968&dtd=16&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308181609000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:35 GMT
expires: Mon, 04 Sep 2023 12:52:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 1280ms
743ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=e50866f9-e03a-471d-8392-7b62cf333a31-tuctbef588f&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 12:52:35 GMT
cache-control: no-store
server: nginx

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame F82A 0
239 B 1260ms
530ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 19ea072139d67f7022c6e463249c998e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 29B1 492 B
409 B 172ms
171ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2222117741474032&correlator=2409274542800646&eid=31076475%2C31077366%2C20222282&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1693831955003&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=3kpbv445u22w&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=Infinity&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1644358315.1693831955&ga_sid=1693831955&ga_hid=1784747983&ga_fc=false&dlt=1693831953903&idt=1083&adks=64515409&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

474a213974289dbf16eebf5399c281fd748e97c68a1c4e0af4a27462a6a224a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 232
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b768eb9b7bd6cefc75e71c3250b8c71d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BC4C 6 KB
3 KB 760ms
189ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b768eb9b7bd6cefc75e71c3250b8c71d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:35 GMT
expires: Tue, 03 Sep 2024 12:52:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/ Frame 8269 384 KB
130 KB 232ms
232ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cf90bd623cabc08c705750e08af89d619b1cb3571eede0bf4566d68732dd6b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133304
x-xss-protection: 0
server: cafe
etag: 4158570297431293974
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:35 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 1157ms
516ms Script
text/javascript 18.154.67.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.67.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-67-195.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
Date: Mon, 04 Sep 2023 05:08:19 GMT
Via: 1.1 2ce5a9ba754326069390699371a502ce.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-P4
Age: 27857
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: lkvemvbHiYAdCnG50wqRmMtsdGlvihcH9-EqRiOA88bFn8gVjYen9Q==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 119 KB
26 KB 1507ms
312ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 10:48:56 GMT
server: cloudflare
x-amz-request-id: X1MRCJZZKFQ5R160
age: 603
etag: W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 80165edfc919f0db-CDG
x-amz-id-2: 2xddkZ7O0yuaIVEwLSvoZXxpdQWqcCitQMraPMfzaVsb/ennk3LHG4Fe2/Gu5S1lT7PuXm3Us08nSLfp70oXIg==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 715ms
136ms Script
application/javascript 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 516
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XjcvsQxsOgRcp%2BxUJY0%2Bgg5BLciFUbAieCoboPE3ehhpD93eNrzLhvb1e12bVGQQiITKz5p9mqI3jqA1C2teZGJOpz3Vst7zQIU%2FlkTMMV3VS%2FJGCTPTZoQqE1PYncKdcM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 80165edb38315278-MXP

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 720ms
140ms Script
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 02 Jan 1970 00:00:00 GMT
server: nginx
etag: W/"15180-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Sep 2023 12:52:35 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 384ms
113ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 04:27:21 GMT
content-encoding: gzip
age: 635114
x-guploader-uploadid: ADPycdvO63Bs2hpfvrq4P31AF9LvzTxHSA_jJUqYOnbEjFh1BfJWVElI9jTga5pYHwO5mvT4IwwwIh1cSCracbb_xVSxAQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 27 Aug 2024 04:27:21 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 175 KB
50 KB 1158ms
1157ms Fetch
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1345933802354856&correlator=1965070006222643&eid=31076399&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1693831955081&lmt=1693824755&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=268073163.1693831955&ga_sid=1693831955&ga_hid=7279&ga_fc=false&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&dlt=1693831951089&idt=3972&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_5_0_pv%26cluster_reporting%3Dchrome_DESKTOP_5_1_active_0_pv%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c%26faid%3Dfalse&adks=3412779558&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc71ed1ca7fdb58486474775841d445d9de8849dd8c409fe965c39c6bee412eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50826
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 45C1 6 KB
3 KB 1156ms
528ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:35 GMT
expires: Tue, 03 Sep 2024 12:52:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/ 38 KB
13 KB 152ms
151ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7f7b4d4ef31836eb7a95af9e7c212ee1ad1ee0cd20f75d298ee708fb7eb0a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 19:22:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63002
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13569
x-xss-protection: 0
server: cafe
etag: 6174382377942399123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 02 Sep 2024 19:22:33 GMT

GET
H/1.1

200
OK

idsync
sync.aralego.com/ Frame 5511
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM4VT927-Z-6W5P
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM4VT927-Z-6W5P

35 B
155 B

1068ms
427ms

Image
image/gif

192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM4VT927-Z-6W5P
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 12:52:36 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM4VT927-Z-6W5P
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F82A
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzdmZjdhYzNiNDYzMTczMzVkN2QzYTE1ODYyMzE0ZDk5ODVhZmYwNQ&gdpr=1&us_privacy=1---

170 B
317 B

186ms
170ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzdmZjdhYzNiNDYzMTczMzVkN2QzYTE1ODYyMzE0ZDk5ODVhZmYwNQ&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzdmZjdhYzNiNDYzMTczMzVkN2QzYTE1ODYyMzE0ZDk5ODVhZmYwNQ&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame F82A
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

500ms
500ms

Image
image/gif

52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

HTTP/1.1

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 12:52:35 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JGWSAMNBNH2NYXDG1ZP7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 12:52:35 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: A2ECY4X98EA8FARY46GP
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F82A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

255ms
254ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 12:52:36 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2A6F4BAN3T348EYE3WKW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 12:52:36 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0THMW6H6G714EJZXRWVS
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame F82A
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM4VT927-Z-6W5P&gdpr=1&us_privacy=1---

0
649 B

1226ms
242ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM4VT927-Z-6W5P&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:36 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 70F7F559A20844928FFA5F0D9807709A Ref B: ZRHEDGE1712 Ref C: 2023-09-04T12:52:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYEh/wSGMlFfA2d7t2/QA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM4VT927-Z-6W5P&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F82A
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ebd2ff4c-835b-469a-ac8e-403850d10723&expires=30&gdpr=1&us_privacy=1---

0
239 B

120ms
120ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ebd2ff4c-835b-469a-ac8e-403850d10723&expires=30&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ebd2ff4c-835b-469a-ac8e-403850d10723&expires=30&gdpr=1&us_privacy=1---
Date: Mon, 04 Sep 2023 12:52:36 GMT
Connection: keep-alive
X-CI-RTID: 99b63ab3-dd60-4cba-9dd5-ce1ed0ddb2c8
Content-Length: 175
Content-Type: text/html; charset=utf-8

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F82A
Redirect Chain

https://token.rubiconproject.com/token?pid=2046&pt=n&a=1&gdpr=1&us_privacy=1---
https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=Zly4CSt1NzL436cpr1t3VA&gdpr=1&us_privacy=1---
https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=5b8c4ced3338182f&is_secure=true&networkId=12783&version=1&nuid=Zly4CSt1NzL436cpr1t3VA&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAH7sG5zQizGwNYwArOAAAAAAA&expiration=1693918356&nuid=Zly4CSt1NzL436cpr1t3VA&is_secure=true&us_privacy=1---&gdpr=1

0
239 B

116ms
116ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAH7sG5zQizGwNYwArOAAAAAAA&expiration=1693918356&nuid=Zly4CSt1NzL436cpr1t3VA&is_secure=true&us_privacy=1---&gdpr=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAH7sG5zQizGwNYwArOAAAAAAA&expiration=1693918356&nuid=Zly4CSt1NzL436cpr1t3VA&is_secure=true&us_privacy=1---&gdpr=1
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F82A
Redirect Chain

https://rbp.mxptint.net/sn.ashx?gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R35CA9_1087A841E_1224B765&expires=60

42 B
676 B

129ms
120ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R35CA9_1087A841E_1224B765&expires=60
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R35CA9_1087A841E_1224B765&expires=60
Date: Mon, 04 Sep 2023 12:52:35 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-376836755; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 227
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F82A
Redirect Chain

https://dmp.brand-display.com/cm/api/rubicon?gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=7eba365a-5808-83ce-f41c4a55

42 B
676 B

139ms
138ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=7eba365a-5808-83ce-f41c4a55
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 04 Sep 2023 12:52:35 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=7eba365a-5808-83ce-f41c4a55
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121

GET
H/1.1

200
OK

idsync
sync.aralego.com/ Frame AB7A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM4VT95I-J-BAHL
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM4VT95I-J-BAHL

35 B
155 B

967ms
414ms

Image
image/gif

192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM4VT95I-J-BAHL
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 12:52:36 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM4VT95I-J-BAHL
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Expires: 0

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
634 B 1224ms
183ms Script
application/javascript 18.239.50.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-110.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:17:17 GMT
via: 1.1 704c8a207b209dd3861e2faa8d55cc08.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 2120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: X_RlC_AGfio8d2_kx-zOsJv3A1BvUwJIwtdj_ODYixJXWEwC2lDjuw==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 3EBB 379 B
600 B 1132ms
173ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

7943a427f16be7df9762f0316942febb541253ff99c7c7ee8d8c19781eb8ae65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1ED7 26 KB
12 KB 928ms
927ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954597&bpp=277&bdt=1921&idt=721&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=2&ga_vid=1433181647.1693831955&ga_sid=1693831955&ga_hid=1027435732&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1554&biw=1600&bih=1200&isw=336&ish=280&ifk=4260656508&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077443%2C31077560%2C31077588&oid=2&pvsid=402901672500272&tmod=1292911160&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0wnu3cqf74e&btvi=1&fsb=1&dtd=735

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c40279293c2910d7a55010c070c735a0f68c14ceeeb3392d2b96e44b87c02864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12322
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:36 GMT
expires: Mon, 04 Sep 2023 12:52:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
290 B 892ms
727ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bg3.co
Date: Mon, 04 Sep 2023 12:52:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 8269 379 B
316 B 990ms
174ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

89542ec20dae6a71a71ec1cacbc59f73becfd04c1e67788df5d96b61a67a579f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3950 29 KB
13 KB 831ms
830ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

cafe /

Resource Hash

6a5601630a0ba1c29d355e34149e8709252951e902961552ccc0a1b34944d793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12806
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:35 GMT
expires: Mon, 04 Sep 2023 12:52:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&rid=esp&cc=1

85 B
202 B

265ms
248ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&rid=esp&cc=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 231dc50d536692bc50ac0a691af06e9905d397a2297cb9e0aa146ac06cec3d1a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:36 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-FuOQnjReCJPicPAcF5RsdXuMw24"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 04 Sep 2023 12:52:35 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.bg3.co
location: /esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 404 L2EvZmEtaHVpLWppbi1yb25nLWNodWFuZy14aW4teW91LXNoaS16aGVuZy15aW4tZGFuLXhpYW4tc2hhbmctcGktbGlhbmctcm9uZy16aS1kYW4tYmFvLWhlLXp1by1tby1zaGktdHVpLWNodS5odG1s.json Show response
cdn.adpushup.com/42753/ 555 B
875 B 206ms
206ms XHR
text/html 95.101.54.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvZmEtaHVpLWppbi1yb25nLWNodWFuZy14aW4teW91LXNoaS16aGVuZy15aW4tZGFuLXhpYW4tc2hhbmctcGktbGlhbmctcm9uZy16aS1kYW4tYmFvLWhlLXp1by1tby1zaGktdHVpLWNodS5odG1s.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.104 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-104.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Mon, 04 Sep 2023 12:52:35 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=8, origin; dur=89, ak_p; desc="1693831955581_1600468580_126604226_9734_1424_61_0_219";dur=1
content-length: 555
expires: Mon, 04 Sep 2023 13:52:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
89 KB 159ms
158ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

680eb8db1a1d9f885920bac6c25e798484a3eeaf728e96bbe7c1e99af3fed11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90553
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Sep 2023 12:52:35 GMT

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
BLOB 206
Partial Content 4f7ca6ec-41c0-4b38-a952-fd1a7550f8b3
https://www.bg3.co/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/4f7ca6ec-41c0-4b38-a952-fd1a7550f8b3
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content f4b8fb9b-5c40-46ce-bc8f-cf1df644c1e5
https://www.bg3.co/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/f4b8fb9b-5c40-46ce-bc8f-cf1df644c1e5
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 2 KB
1 KB 539ms
538ms Image
image/svg+xml 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:35 GMT
content-encoding: gzip
cdn-edgestorageid: 860
cdn-storageserver: DE-677
cdn-cachedat: 08/17/2023 06:30:53
cdn-pullzone: 873945
last-modified: Thu, 17 Aug 2023 06:20:20 GMT
server: BunnyCDN-DE1-722
cdn-fileserver: 655
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=2592000
cdn-requestid: 867fac8dbd8f22ba56cbfa474e673ce0
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bridge3.587.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4F6F 720 KB
231 KB 528ms
526ms Document
text/html 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 580253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236429
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:41:42 GMT
expires: Tue, 27 Aug 2024 19:41:42 GMT
last-modified: Mon, 28 Aug 2023 19:39:24 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 944ms
136ms Script
text/javascript 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Sep 2023 12:52:36 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A63B 40 KB
14 KB 517ms
517ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 11:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 04 Sep 2023 12:52:50 GMT

GET
H2 200 playlist.m3u8 Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/ 171 B
822 B 921ms
138ms XHR
application/vnd.apple.mpegurl 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/playlist.m3u8
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 09db039251766d76dd3ec8b446813be70778c66e060c306b63ceb96aa200b4af

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:36 GMT
content-encoding: gzip
cdn-edgestorageid: 1055
cdn-storageserver: DE-661
cdn-cachedat: 08/18/2023 10:37:57
cdn-pullzone: 829957
last-modified: Fri, 18 Aug 2023 08:18:43 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 637
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
cdn-requestid: 3b150fa9d50bf242dfe383ec6183ed95
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
BLOB 200
OK af065a7c-56b2-493a-bab8-22cc0e967c7c
https://www.bg3.co/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/af065a7c-56b2-493a-bab8-22cc0e967c7c
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 4896
Content-Type: application/javascript

GET
BLOB 200
OK 0f49e197-5182-43f0-a834-e3c29d6f7434
https://www.bg3.co/ 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/0f49e197-5182-43f0-a834-e3c29d6f7434
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
BLOB 200
OK b834dde6-0e50-4338-8191-613410098cc8
https://www.bg3.co/ 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/b834dde6-0e50-4338-8191-613410098cc8
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F482 15 KB
12 KB 502ms
501ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38b312d6c39216bc7b1fc4cff53a7c53cc74fa924a2677da99943f9359b3920b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11727
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 29B1 15 KB
11 KB 468ms
468ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

218e972f2efd82f2a40a1f2e5ca8eaafcb4c2e5e11e8ee03ac4719035fb24e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11618
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1670 15 KB
6 KB 515ms
515ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 296576
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
855 B 419ms
419ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693831956092&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1546&pt=1650706199&tz=120&viewable=true&ddast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cdcc265fd7005481023a7b8dffe3e48f82067a7f12f2f920b0330b7c7654e3a5

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 04 Sep 2023 12:52:36 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1467
x-cache: MISS
x-served-by: cache-ams21033-AMS
pragma: no-cache
server: nginx
x-timer: S1693831956.310313,VS0,VE131
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F482 17 KB
6 KB 796ms
233ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 12:52:36 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 29B1 17 KB
6 KB 793ms
231ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 12:52:36 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1ED7 42 B
110 B 227ms
226ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BEIEH3anXxETeOWZ2mcT-cWNYuJ0c7OXwFGog6q3Cy8DCzxm-SjvcBsemaWCFuqU5c1kJxENqNGmCkrAjjW5gaV7ob0cL6EXiMgCgwmtWdF_uxEc8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954597&bpp=277&bdt=1921&idt=721&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=2&ga_vid=1433181647.1693831955&ga_sid=1693831955&ga_hid=1027435732&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1554&biw=1600&bih=1200&isw=336&ish=280&ifk=4260656508&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077443%2C31077560%2C31077588&oid=2&pvsid=402901672500272&tmod=1292911160&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0wnu3cqf74e&btvi=1&fsb=1&dtd=735

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1ED7 0
66 B 226ms
225ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=166581595500971531&x=1&ct=77

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1ED7 86 KB
30 KB 306ms
304ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 1ED7 3 KB
1 KB 700ms
215ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 07:44:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 1ED7 20 KB
8 KB 660ms
174ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 13:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Sep 2023 13:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1ED7 0
0 660ms
112ms Image
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmLKsdA1i8ID6IR6YzXDLLEkoXCyYz7KMaJ8PLc9p7l3lj-UrqjC0vXfmFjlXm0c05GfGfFbN3sAjKQi366aTkNEYOCA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954597&bpp=277&bdt=1921&idt=721&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=2&ga_vid=1433181647.1693831955&ga_sid=1693831955&ga_hid=1027435732&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1554&biw=1600&bih=1200&isw=336&ish=280&ifk=4260656508&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077443%2C31077560%2C31077588&oid=2&pvsid=402901672500272&tmod=1292911160&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0wnu3cqf74e&btvi=1&fsb=1&dtd=735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1ED7 181 KB
57 KB 998ms
450ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:37 GMT

GET
H2 200 container.html Show response
e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AD93 6 KB
3 KB 141ms
140ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:35 GMT
expires: Tue, 03 Sep 2024 12:52:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5909 478 B
242 B 165ms
163ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNXADNDHNRHB6dq51emi2nspdPVeSFPEKMLy2e1FOCvUy0gf-mEbX2eUIwvsOclD8fNH_iokU9on_t3cK-4v61isx6gdMA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 55DF 86 KB
30 KB 225ms
222ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:36 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 55DF 32 KB
8 KB 434ms
147ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:36 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad4.adfarm1.adition.com/ Frame 55DF 3 KB
3 KB 437ms
150ms Script
application/x-javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/js?wp_id=4787111&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CvLkyE9P1ZKXIIrzB_tMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr-zAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk_D9wcKWNS7jQ_Dv8nBcTY1M7uUBSnLmxyABJ_SRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1_0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc_MD9MfKJ9CZRTeL8_7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM_Tn5UnyIlb8hGXWO8y-cu24_RZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv_ABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB_DrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE&ae=1&gclid=EAIaIQobChMI5Z2V4P-QgQMVvKB_BB0s8A6DEAEYASAAEgLWzfD_BwE&num=1&cid=CAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE&sig=AOD64_00zkwiba-YgSFDEC-POhSonSKVSA&client=ca-pub-4485239425924787&dbm_c=AKAmf-DbZ8i_MmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw-j8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj-6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD_GqKv9Q-fEVdw&cry=1&dbm_d=AKAmf-BL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b_fe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk_SvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn_Ik_pJ595P_erZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn_3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe-uV-wNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX_7IbFogbAUPbeWKynKO835Ns_voclPxQacYRH9yAUU3FHdpPZI_S2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh_LvP_anCa7Ofbkw5mBAUD_dBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5_xfWKfF_huS9khTKT7jLLPHHwEYAv84AcG81_t6poKSDrUAax&adurl=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: d075e5495ba7ca6fbe28e78db89b4ce20f2760cecd58e44f48ccd3fd09ef6a61

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Mon, 04 Sep 2023 14:52:36 +0200
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 55DF 3 KB
1 KB 722ms
229ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 07:44:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 55DF 20 KB
8 KB 661ms
169ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 13:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Sep 2023 13:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 55DF 0
0 666ms
111ms Image
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRX0JrfgzV9SxTZXVif9UC2XD1-K3SBJ2U_nZVFhptwDpurr8geZDDka3L6t7Uhka-y1qjZWkpWj3fR2jYHMcPGXN36EQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55DF 181 KB
57 KB 798ms
243ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:37 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55DF 42 B
108 B 235ms
233ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bs9DdUm-LqmZPSmscqiKgbPFFHoElg2XdDPKlMfBe1l3xO9fejDVtwf73QuYgM4vKTp4Y45hYocdMYTlimQckoaRYt-087COWHUbtAOsUQggfQJ7M

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55DF 0
57 B 234ms
232ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10029601596841733859&x=1&ct=77

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9C2F 478 B
238 B 167ms
167ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNVwVyzfBrDadGysYUU6fiRIRUBuqG1HG8La54fzXOd9NzHPnf35DQ25oDQcCEqONczhMNFWK-IA5uf2q3bZvgNgmrqXBQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954597&bpp=277&bdt=1921&idt=721&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=2&ga_vid=1433181647.1693831955&ga_sid=1693831955&ga_hid=1027435732&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1554&biw=1600&bih=1200&isw=336&ish=280&ifk=4260656508&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077443%2C31077560%2C31077588&oid=2&pvsid=402901672500272&tmod=1292911160&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0wnu3cqf74e&btvi=1&fsb=1&dtd=735
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 1670 457 B
583 B 114ms
114ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5b1a0830a21d5def768d5b9b5f2073f6270d6d3f9129b26368a8a9770125f483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1246999
expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 150ms
150ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je38u0&_p=7279&cid=268073163.1693831955&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1693831956&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dt=%E7%99%BC%E6%8F%AE%E9%87%91%E8%9E%8D%E5%89%B5%E6%96%B0%E5%84%AA%E5%8B%A2%C2%A0%E2%80%9C%E6%94%BF%E9%8A%80%E6%93%94%E2%80%9D%E7%B7%9A%E4%B8%8A%E6%89%B9%E9%87%8F%E8%9E%8D%E8%B3%87%E6%93%94%E4%BF%9D%E5%90%88%E4%BD%9C%E6%A8%A1%E5%BC%8F%E6%8E%A8%E5%87%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
87 KB 151ms
151ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

74d222954cb539c1553015e3e0664f866bf75dcb2f39a8e0f2dfb654cc111967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89345
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Sep 2023 12:52:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame AD93 4 KB
767 B 119ms
119ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Sep 2023 12:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 11:00:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Sep 2023 12:52:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2F66 14 KB
1 KB 162ms
162ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Sep 2023 12:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 12:35:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Sep 2023 12:52:36 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 2F66 2 KB
945 B 503ms
216ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 13:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Sep 2023 13:54:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame 2F66 23 KB
9 KB 462ms
176ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 13:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Sep 2023 13:54:19 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6FC7 143 B
208 B 150ms
150ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 2662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 2F66 3 KB
1 KB 500ms
216ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 07:44:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 2F66 20 KB
8 KB 454ms
170ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 13:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Sep 2023 13:54:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F66 181 KB
57 KB 520ms
172ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:37 GMT

GET
H2 200 7d39c738c1a956dba5e1a5c3da047626.js Show response
www.gstatic.com/mysidia/ Frame 2F66 36 KB
15 KB 824ms
301ms Script
text/javascript 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7d39c738c1a956dba5e1a5c3da047626.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

026aa97cebacae37d9b26c50ac620a294a155efe0a4cdb6298697b748348fb73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 03:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15113
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 02:30:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 03:33:42 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/elements/html/ Frame AD93 20 KB
8 KB 509ms
230ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 13:58:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Sep 2023 13:58:59 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AD93 205 B
650 B 816ms
300ms Image
image/png 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 02:25:52 GMT
x-content-type-options: nosniff
age: 37605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Sep 2024 02:25:52 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AD93 604 B
696 B 816ms
301ms Image
image/png 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 21:04:39 GMT
x-content-type-options: nosniff
age: 402478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 29 Aug 2024 21:04:39 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 5909 170 B
233 B 147ms
146ms Image
image/png 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNXADNDHNRHB6dq51emi2nspdPVeSFPEKMLy2e1FOCvUy0gf-mEbX2eUIwvsOclD8fNH_iokU9on_t3cK-4v61isx6gdMA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 5909
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGKlpVKFl7Kr-gPI7gyu9k&google_cver=1

43 B
481 B

248ms
247ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGKlpVKFl7Kr-gPI7gyu9k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNXADNDHNRHB6dq51emi2nspdPVeSFPEKMLy2e1FOCvUy0gf-mEbX2eUIwvsOclD8fNH_iokU9on_t3cK-4v61isx6gdMA
Protocol: H2
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzE52l9J3oo70HLnGl5ZkuCMk1jMBwbpBUiEPdf%2FJNrS1l5rPVzrC6mHUTvQNrbn0XpsdQs8a1P0%2FdY3Nz%2B4NdGNwANZDpIJlQMZygdypD%2Fmg%2FtZ8r3h2nEgtZMtL1poLZnYxUSJCGq%2BSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80165ee28f4d0221-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGKlpVKFl7Kr-gPI7gyu9k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5909
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPXTFAENtD8.Dp7n6Q8SjAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGKlpVKFl7Kr-gPI7gyu9k&google_cver=1&google_hm=2

43 B
732 B

291ms
290ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGKlpVKFl7Kr-gPI7gyu9k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNXADNDHNRHB6dq51emi2nspdPVeSFPEKMLy2e1FOCvUy0gf-mEbX2eUIwvsOclD8fNH_iokU9on_t3cK-4v61isx6gdMA
Protocol: H3
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbTg56BKTq1kWeZWtwhALklN4pHveJ3VtgLI6Wwbqzbw65G44JQMeuQvItWFgJgkA3Q8luMInTwwEFaPvVNLp0VKyz4NMOu0%2BqhsA%2F4JDoupfHFK7Fx2JRFrbp5A8NrQ9TWfUZ2OafLknw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80165ee42b6301db-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGKlpVKFl7Kr-gPI7gyu9k&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 9C2F 170 B
233 B 144ms
143ms Image
image/png 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNVwVyzfBrDadGysYUU6fiRIRUBuqG1HG8La54fzXOd9NzHPnf35DQ25oDQcCEqONczhMNFWK-IA5uf2q3bZvgNgmrqXBQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 9C2F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGKlpVKFl7Kr-gPI7gyu9k&google_cver=1

43 B
331 B

245ms
244ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGKlpVKFl7Kr-gPI7gyu9k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNVwVyzfBrDadGysYUU6fiRIRUBuqG1HG8La54fzXOd9NzHPnf35DQ25oDQcCEqONczhMNFWK-IA5uf2q3bZvgNgmrqXBQ
Protocol: H2
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IaFMpdDMSZdI3obH7L8T6xTRtF4J3UCjfliLrCd%2FzdhV9NhTE4V%2BNy%2FgRPT0QJT6AdFWfdz%2FCUr5%2FPBS5lZnTDOnZaNhSrdYMdzZgvXpLc6SxwwHLLU2jAVD9VIOg36YthJGT9XFLK0Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80165ee28f4f0221-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGKlpVKFl7Kr-gPI7gyu9k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9C2F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPXTFAENtD8.Dp7n6Q8SjAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGKlpVKFl7Kr-gPI7gyu9k&google_cver=1&google_hm=2

43 B
768 B

287ms
287ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGKlpVKFl7Kr-gPI7gyu9k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNVwVyzfBrDadGysYUU6fiRIRUBuqG1HG8La54fzXOd9NzHPnf35DQ25oDQcCEqONczhMNFWK-IA5uf2q3bZvgNgmrqXBQ
Protocol: H3
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70jf8Jqf55ouul5mu1y2Gx3Fs8MThiLaiCBqDLNBeDCJiEXmjHQqdiom5lv7V7kPOgqc%2BXunc8jjLP1XUNo5%2FbKFA1Vj01MPNFHn1xe5MF2%2BiJrwGrB9bQKQc4SzkkiyjIpSdN2dT8WLJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80165ee42b6401db-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGKlpVKFl7Kr-gPI7gyu9k&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=978095433;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html;uh=e51ed6...
pixel.quantserve.com/ 35 B
372 B 135ms
134ms Image
image/gif 91.228.74.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=978095433;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1219714553-1693831955242;pbc=4c35241b-ae23-4eec-9a70-8d7c729e0e7b;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1693831956586;tzo=-120;ogl=;ses=6baee852-e23c-4b8c-a8f0-d5c4900a7271;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.206 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 94A2 572 B
799 B 377ms
137ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 1870cdf73f8ff6df722c23029bbaa16d501736b3656293816d47ab0b86d15e0a

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 372
content-type: text/html
date: Mon, 04 Sep 2023 12:52:36 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55DF 0
59 B 224ms
223ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=715039294320&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55DF 0
59 B 220ms
220ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=715039294320&version=m202307240101&ct=77&x=1&cor=10029601596841734000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 55DF 29 KB
17 KB 172ms
171ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bq3ZWIEsKMM_lIOZ4eHXNZUTxHOhmTusQ8AjXy_df11CbqfVP3UQ8CvD-gHbVisTdsPLYj5hstuaI4RRoY1R0QOuHyhevwbCCXdsJnWNh8xCGzwA3l_8RlSHtAXvydg3kGh2OWJmPLsTVSHm7qOxErE5W8hbVplEI8rErS0eKnvuBwTf4&cry=1&dbm_d=AKAmf-CAbNynhWVJ5uWimV83mMl6BA1SHdeW2RWAhPc1qH2tdryHwTdmfpojtjrjWDYizSe37s70Z4OmD39G0mkLhPti-VWy_jCF28rjtUg8NZlzgzgYlWAgWBMTgXRbaMckLvicwVf3WIjge9SGiBHGHZthawgGXIG1vzczJkRRU_VlslNFCMuN1hSI8RUvnBzBlPBHl9i1ck5bCZZwRh2npSXuOwXYC2Ad80iu9-O9C2NwDk7Zv8x5GgjZyXAMnJB4CpEMZBTNp23R1KAW9bZHlIbqgCuhc7dsATThLLoqV0aP1MSjKjXLYbqjTDrS2v4bIRBec6T69koJv--FOn3pFYKFiRD44-rTP6fphBc-Y5ZMH22A794nJVFNcO5DpWCrXl6OkYebZc1GnilJbnNhx4ljWvGqT4U9sbxoh_EizKjg9ZULs-6i4tGXoxVFuYjae3cHIlrxtrTAgPOi28MtiNplnoD8jxquO5CEAbOM5_RTU6xx74_TE-Av9tYZNCWmzEluyy1Q7jk2ciIqIxemaA6ue2RpvwSv29TLjHYo2aHfNP_qEmGnrOvyJQWa4YprS4YZHeOaB3htzfq4EZASi9JEeP9W69CCC4S1XOpvpd5Al47SrHMwroNWMJ-mSXDg-BU6W7tNhMfmT16YDie-z14j-WF_6b_Ho8gHlG4qAIFhImHunGw72IDa2XXcMdwM3ikAbHaJy_0mYdbap_hxRVBNNykLGeNbzyqkt15CllclxKBpBqWMTTvXWwTTsZ8qf4Igf6INJarqMKjd5JsyFAcPKBHxiR0xoaFTm9cCsj8PqJiJAQ0cJBw_dFb9CO0Ys6R1onkttYb7ayjIXiPvYhWKNvFWy4klzc3_9P88OZQoXHm6U99egbTgar-Exp1MeyUPkfJRybhUXRqxhcD09x8zBE06xO7gIAm5m6xJZnWpRfhF66D3R-1tsm32JFebc51zwjKx9XQ_Q7xV3RZyLjMi2hzue9CYXCt5SGshpChXXA4iKT76SzIeA52SIaBRcte1vxVvUXh32N1E4jR9aM4drD6-5g7SAUnzsabXLzU5heCm4mcQKXOzwUqxLd-uhrEoCbUQs5oa0kWavs9MrNNCNtW1nmhpLib2dZ6Ij6INhreJ9rMgLIFhcAuJRSpaH0OL0-VtxsvUZ5BPm7Ibui5vS79pXHiadH1WdOh3gsDhbEd9Mth50SUgGppAEQiaSDlzTGgwLSHqq3BXilY1euSpTTTUPuMydPijnma1dyAGFXHNkmua3qD263qMNfyv_fyOwcKqTSkXHaH5OXdrmm17eCC4Llx473gCIO5X9fSYDvaOKc-3NSTyzQTt6GZ8JLDT0cKccFHFomj_tlrl5KdHCi0HXns1STDaAGGSDIh_3L1fztdwCttfRn792CBd3y_5ddQ1p6raLZEZ4ykMBu5Z2FWLTR_g54XAb0Z-XMxM4C_E0ZFzWuG-kmiL6N70Wjp2bR-Q3zaZZuruieTcugj9GvEJm8YKyJvkPDP90Tr_T0CM8-8tkn9iWLEAxzojWTFzOtxrnkHlRvJm7qO-CSDA4Iv0JTozp49cpQwxU3hWkyVfjVrYGFxFJRBbI5BknNWd80o4cXi0mqqRsbQGZWJn2VaOY-_nMDcOBq2rH6WQdXJgrxIYOd2fCrZh4z5w8Sdx-KCJTwhzW730fW4N7ZBARHXl7GvvFoEt8c_hSTtdy4Ev4ycmDuGoXOwYKaAeAUl7yA3-fo1_fkyNQVciKJg5dUVFhxfQrVlV1104ObmCSsRpOFkpuudGzagGCLQPbZ5Bt9Q3ya5NYTFoca8OJNpg0Ddx_88EKXqZQ_V5l-bgQfaizsA7lB-j7dMz2PK9kA2GXtSGEMWG_rKtHbStkO08Lg-FNgnMLMG6PeTkTYc5P3oDAuVvL7Xlg3hqqKO2RcyBAdGdkiUl6_Q-hiHao3gNYZYTj5Lu9O0zymxalEx2eujohQU7GqcLtDpxnYOaafo61juEkwAAC2jWdr-6Wd_EMmLKNLX9qJ-ZxDE_xzyF5X2PAHs5DpNwk6xntn6ZS-gFzsNSKsmSSMQrV41lh9TDfhEDVDV30-mP-QPitCTN6MjX9hTpQxJpMNlt5FegkLzIfFEYyX0SNo9Lsy56m8jy9Pehv0DbPSBp9NC83UbzedltHpfOAzQP6b_caCzT5H9cVJfERqhYzAGoMENyk_0AnBn8HxldZnnXvs_LDrnU7ImdmvdL_gXZERoyYJ4K1fUgXWso5rhGDPlGbHHSzvsf0vVMqVRXe1LO0oPMHoRxNE-UEi-UUkSkL32iIZenKqvSEecIfSZLul5CIynfwGb5H2g-M174fuv1Rmk_2ubZfUhOhb9sGm578qrL25BchHLcgBJzOiMgDAvzSiyEJ6jacRQt3DgG87E66gsXNHL7q7UJ9osYrKSxZS03FMdrooGLL_o3pn59qhLfNi5dHVO5r1MqRydcyGaQgnUQQxYrLNA9jBfQRZIdQhW3X2R1hnxyiUL0sds0f1QvDCGgO3h-3eOf-MKkm9T8gY65TtfVp0Sxj-apB1oE8cqsP4rV2xXNjDBbOOsialklo0Sn2AaiGoAH1IYXM39anv1iqXNAortrelOR6s_gkqcgUTlq71XOKLKwkjjH2QsjbwCarQ6ZCV656RRF-7gM5X4Ocb20ynIHKLppxZX2-B6u-ptQkp9ZYNHnLisk7WpejXO17DAl_TO004URQRffif5lN0UeUolmGhLG8wxhLqQGMHd3AtwDan5bgdiMrcaYys8kKbrkz6WqIRydh49zY1ERg0DiGVLxuOgbpA7bEC35vrWJsl7mi0SKZoVqBc-Fc688OuFCIFzF0C-BhCa627InI54RlK7o-3vA4_8nxjbPD8xN4Syv8lrtOv3V9u8-YTMfl6pq4zRMpEh6zWuHJw1QnTXvwIDqqLvc5ahzFWXwegyyprPZ0zgAXNpQlwDCxqTgQyt5Suq_J_XiVoqAAFiU4-fIOpZQ4LrpIf685cG8mzgC12dBa-9fi-EtrVC_igySpJZW5A-9zm4-NH93ZYgolCC2u8YhzEgYY_L0lZqjCnwNms2WY24P2Ac4kar9avziDH7CnyMTq5--29jH4u6rTZju9FKEmWfOgyV4AUbiv4ZzCE65q6-9cDg_O4Z3MWaRBZjXm9h6lSVwx42jz9QTynu8ebULX4JuwaOS2GeBzo2yshu3uI3nmXkkz9EQ3ktdTzoVGUw-7_wq3rZnkN4igw-jNeuN7-i5JMHs8J58r8F44_dUvBI4FSGjRlnB3wZbaAvAb9tx2M1fqMfM4K1RdjGVfWVr20682W6mR93WOE3r8t1e6sStRajh-lzFB2ZsPjdj1HFy2LqUPmHryLuFjemlosiJ8u9GMYDSfXQS-vjTfK4rS1O-aMu9Xz6CmBnHaZ4gt8qV6SytMvQXkFAJDreT27Zx2PchBLgj_DBOJ8u2cHwqo-xsN_zQX_HlCQhid7gmn85V_FRQseysfL1fa5TpKmaHY9GUe99UrIYSp-AMj-6DGmwIZP6f64gsdNT1hGueajuKVtnS6ckQzKrlp2bdO4xPmSD5knVovbcjQvQp8MrGP6Czr0K-OOtC4_qAHt6TQsg6FDcOZVRpG0OhfoGFgkp9Ui_SfN2PvT7MIzGuNMwCkI_t&cid=CAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=10029601596841734000&adk=1779837782&idt=235&cac=0&dtd=48

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1982bb3654b07c301142fba4cbaf3c162c003f93669502debaf32cb9d12763f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17452
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4F6F 156 B
676 B 1182ms
397ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=100823775715075&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=E4E5ED9A-8C8A-4F9D-82BC-8A5220C53399&a3p=EhkKCnB1YmNpZC5vcmcYh4WCgqYxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIeFgoKmMUgAUgIIZBIZCgp1aWRhcGkuY29tGIeFgoKmMUgAUgIIZBIUCgVvcGVueBiHhYKCpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGIeFgoKmMUgAUgIIZA..&nel=0&eid=420706098%2C44750823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dt=1693831956666&cookie_enabled=1&scor=349965879961582&ged=ve4_td6_er0.0.0.0_vi0.0.1200.1600_vp0_eb16488

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video.m3u8 Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 5 KB
1 KB 164ms
164ms XHR
application/vnd.apple.mpegurl 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video.m3u8
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: e4612453ee1173a62d2c517be3b9a8f79de7f91e219909cc72b4f165bf2e1e96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:36 GMT
content-encoding: gzip
cdn-edgestorageid: 1055
cdn-storageserver: DE-664
cdn-cachedat: 08/18/2023 10:37:58
cdn-pullzone: 829957
last-modified: Fri, 18 Aug 2023 08:17:58 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 646
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
cdn-requestid: a5eda24c0f60bde5b65080868f5d6ad6
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
319 B 436ms
173ms XHR
text/plain 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 04 Sep 2023 12:52:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1ED7 0
59 B 229ms
228ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8965952001134&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1ED7 0
59 B 228ms
228ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8965952001134&version=m202307240101&ct=77&x=1&cor=166581595500971520

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1ED7 16 KB
12 KB 177ms
177ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfStrgBkxdXhvHGIGfOTWFLczRBXOYyUccIsZgpWm2FcXkarDOblB59I8KafQ_p3Lgg9jY3zcoIpTdB9z3Tt8a-uspEALLfHHFpMIHRsyVW69138Jt7nI3NgpJjNFjSfn8IJYXgU9j97IRsnAwy2sZwdHBJJnz237TtAqxP6EPVKjdd6c&cry=1&dbm_d=AKAmf-BK9x3vZm966esMkI6MPHn4QRjGU2u-9tzodFWIaibxGu8zsNGGP4O85ryirhRolTlItMPI8De3qP1ie7m3G4TLZ1fBQ-5aOrLplOmu0he5cnpzOzt9GwHT7k_hK7TmT6fNQahWqbd59chU-zTwVboO6lMCqSyZJfml7RjDCTHLha1ccpAAofDqK9sRIa2h3GSkO8BUGQ1jbrI7s3gJQbFpkuGTaO2AmToumoRj3lUteLKxr0_9ULT1bcLpBCOB9zFcxF5mZUvTt-rdFzzRs1EC3Lsj3SmUYdDnlU6YbHT030Z9lMrcaKrEFIOLwQ6eVBVH7QghQxxQ0uuL2i8vR22_xFU13cL14_Njm2pE6GyzOoeLs6b1tM000eBjyNZ6PSxNmS6aiThGjd2g4xDSGwLhnxTg3_w7sk2hQFtEMutWp27x_clYcAxiXDSmpPBFfovslbwllcM0qid1l7CcpuJGFv74LHhPMDybQHrzHQyx8ULaGAiFDeOv-iJZQzM7Zr4f1e8e0hvZ9xyyedBTJroxm48BHmMwcMJ1-c0pw5ZNhFG42N6RscLIdrs7Y2WKtek0Nwr3tuqzCitg2EFPVXpy1gkRovdfSgn4TIdFJ5Ar_SL9q07IT9GfpL7PJI7zw5N6VSIOmVuuEWv0ur8PFIKYLUXSkjtXU-sQqqynth2eJdpQ_tM79FyVuk9BQeCqL9U9kx3sXWJUluJJIpDW6afL3dHcn0vQwtt-ojNrDGp_tRH2eSZ7_zRQpHvApYxbgJ9miGEjUhelcem0N4qSuwnfFnhBgQrQ1IxoByrj8x3BjvqO5B9ya29AG6MxzpneCTYr_BYk0Of0IH_FRHbYYluUYmO1fqRSMmBQ8ET7-pdaaxFkwiSjx1BDanKkALMfyNN0TXsOvR6XOeHl0sBwMMwxObmrBMUj3r-gVJpbd6a8ltCnWn9UiV2w8P3v_w6Gr6F039_1ZwoF11v79OeJ3MSlJ-G7eDGZtDDXLF7qjeKq-HhOrIN-G_CHFOBYZar0MTQVHct57kIfjr8DiFHpYKbnwEKPr0x3LH-pSC3H9r2VyT5HG8cxTdF8DnCqOxARW3I2AE4b92XnjQ4xo4KIcfKaAxwjD3rKcS8sv3fz4OGSwIA4k4yzswcJ6Orj941ZMxBS2ElWJDKjk0JVdMDnFJrq7f5NkyPhEiGhXzaURjmYugRg8n-amHauhbthmAt-KrzP6RzZLc-TAuZ9aK2hFuFLLETxZLdGGfg_h0JbuP_SYYZSvd_kEsAR82ixMz2-hZD91gq5eb6WRjYCmpjQhTJUQuoeL1JxLPcmJ9K9BfSHe_v7v5rjoJqc0_licLKdcdSjsAXkxkpwq7LkVE7WpzDE5vvhUN9p4Hx2xlQppk3aHUQRzUrPGIJUTIBhJesytOC3l5NM1HRrJ3u-gMGNt96nPYAcovlFH10MHHknMPRI5YYRpevRFeRpD3K3AY0B-UWMPMz1hygR9wBsMXrmfjD-cwP8F9UkobjvElU4SwfGVy5bT-D_3dDFBZCUWm_jNTGqH-Gkja75rv-nkup-SRD7Pjs_P4CvbwN5IA1llMIr8veGxxshSzkMfT3A5q86sjIFKcnjmmDeDsmCRB0oLKXLQBye2AI1ycRyBeeqmWLTmr4ZqeXfYUiRbthLDKk5GsJ3UWzqk-QeoXuExWRZCiUlnScVUOERvxzWDXOY_i8c3i0nhlDPAWOyJIGMyFkF6oCE7NsYzzxjRhyw-bvAIBpYt9kbxjT7tzwWWp7fRcEFRTX-ls1Z0KZ-OmHAUfUY4s4B3QZbYYIKglSggFzQkUR3idA-LUplKBXgr-NHOEyF22x-e-HpnJreljHY_Uq6ABsDF079NRo0aogUDfeqiCppsGNE7-VHHnezEqUTmZKRw0c3zw9Im24j9bOFuxPLQB_jG3fw4fKZIiE7LH841Z_ENpO9_SQ0roAofkGXpOatrkyb1pshat5qu-aNzc3hob9p5ZZOpTMQ6H9X7FGFuE74tkFN-HV10DBFxkktN5PWDkLu3jDgDZDIG6voibYxdLXNd7frKS7g7dZUhsB4YIts1Ff4NI63zztrQpBC2qEsoJwvmgdZ2loDEdVfOwYGlZweR-HWs8vxwJqiSqglnReApHuCb0YWKthMMuNV_cn2Dukv8767fvZGbcgar_4X9WQfTL8crfMb0e402YchQ47HkFmEbfsFQRvYl-IcV9oBG5NG5X8iRhP7Pm-GEcychpSyRvgbGY6ULrtYA9eJmP9Ue4UlNXhFzBHhwo_W833KWJnrow35jLJaIZgpqMDwqHOz86rPMSX0kLQJuyLbWB7hZJFkbuqJ5BaqaH1jonYUOejI89A7shXEkBhqwsiW9DToYoYBqhvw4hrVg3b5w-JysSW1Qnr-95X3mlbh12yWrU1BOHjJ8bq4lmYzZGZ4VrKjcPKG48PgSuneBsBrRqUgXUS4uPUsigwjv61U52qoLQA_wEoICRkjJPTkKFqo0s_51GRG3OUolFVgVNTIYywOd3yw59APTYr98xehcqwzODSvi8nIHPWLckb4I5sLfKyl54TRUFmiN6FAaFLd-miGoM4wjn2fYwP9YxOa5VddTVeUpMQnvrXDIiBKKOW1aOB6craKr3g9Ruxkm9rG4mYpCfHE1eQhT9UEgphTNkpUZfTlv_LI7j951QHM5bMJeFvW_qwDp9W4FXgCUt0__e4OhblXperA8cJn4xeOMwh6YlcO2TGY_N3JBDNZSEfhTJhDyGQb250cucOd2VJf-lV7IF_WXP-TqjDjzm4cBoqPt78Oemz2McE1_hJMyCVnlJrRTKjMzvcCArk8MfjdiUfuOLY49z7RzOxQr8ySzCqvedDnvnLSIx-B41yxqMnC6GYnO9n8GnBkMeoUDxPfmtudy7NUIId0bEZZlZF7pclFHaLNp5ZGsYaqc7fbyaR2cN3lOdLaebkShcXf-K4hI3kwLfbEG-dUak-HgiLCbnJ2EgiIQAmg0pTIuzfjYzPbVf5sPR65unAnlHp37QCBji9eillY2MJ2NxHIqDKx730dmLXAMElfsaVs3QFfXnNLkLXirdfb2rPLZEw2z5BStUTTwxd1AbgFpDqQdHMcSm7VlVDDxVx85vUPMSjmMEEDeWYYDLc3w93MO-IIEry1e0Bh6poL2zehKmkHMKuxR8aG3Ez-IEyfMKrn0P4B9vJuz9DW0AXOXPnyqaQx_GaDSNeS76OP6g8e9J5_q-0-qA-Czg4aKsBfF8PhRHHqmDbdq48pQWKipN_y1u7spJ5ScKVREB0RoiewQ8RA47HyoyJWbE_5FdK2Uxkhcbrcq-W1ydDMtU0-Kh_Ja38HOxTuGYCDG8DX749PHBzkeGEnvsU6ZWJ9EHZFBIiJYtM5V_7kEoYL-EsK3IVSyNlOwP-8XCVJ4Wkj5oMhbDLV01gW0y6gN_d6wpF440DEWQyQDDdX0rMcKZUO4iINaCVOHRr9LmWb-_HaSDgVZoxGQADeacKQWl999EUuZRGbGIaQknJQS-W8An7L_-bKFJOJ5Mb2k9mS_OOyCMs1satwVczZDXTUJaWW8RjX6kcZ2U-DoEvfv5LEfhoe5Y8ELPA5hfArA9kNZz-jIQI0dN5bFMJfrtDSQV_WVz8vbZZ8eF4suFhnC8PUo-YaYv03PM3iBIGuki8tjGtCrZvrQZfGKrhlfThVRRotmbkVW5wfjGoNB12Gi_bE-GcQ2Fpe0AFLimRv7pttyFL8LMS7wZ-A6FFvkMsOTXcYX6jYR-BhMKe-qCd6C2OxF9gy6HNefIR8yhECjIiB0zy5yJSeqGHDuxrpMuP1wfTn2ik5iA2hB9bG47yBdLM8U6M1VW6wuXRQ-JyfLCNWKIw7rSN5dpToDkCwl82Nj3m1LIzokJmiL41XVrY2ZcqDAttY&cid=CAQSKQBpAlJWisWF2FLtkaug4rUzJBFWw93JCm_SyK4FpXwVJvoSUhlHTbweGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=166581595500971520&adk=627576174&idt=425&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f4e3ad6d86428803b8e439c8aba15e235dda3b22c903a70bf6eb8f1d45647b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954597&bpp=277&bdt=1921&idt=721&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=2&ga_vid=1433181647.1693831955&ga_sid=1693831955&ga_hid=1027435732&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1554&biw=1600&bih=1200&isw=336&ish=280&ifk=4260656508&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077443%2C31077560%2C31077588&oid=2&pvsid=402901672500272&tmod=1292911160&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0wnu3cqf74e&btvi=1&fsb=1&dtd=735
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11826
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6FC7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
170 B

110ms
110ms

Document
text/html

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:37 GMT
expires: Mon, 04 Sep 2023 12:52:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 136ms
136ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38u0&_p=7279&cid=268073163.1693831955&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693831956&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dt=%E7%99%BC%E6%8F%AE%E9%87%91%E8%9E%8D%E5%89%B5%E6%96%B0%E5%84%AA%E5%8B%A2%C2%A0%E2%80%9C%E6%94%BF%E9%8A%80%E6%93%94%E2%80%9D%E7%B7%9A%E4%B8%8A%E6%89%B9%E9%87%8F%E8%9E%8D%E8%B3%87%E6%93%94%E4%BF%9D%E5%90%88%E4%BD%9C%E6%A8%A1%E5%BC%8F%E6%8E%A8%E5%87%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame 55DF 30 KB
11 KB 118ms
118ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bq3ZWIEsKMM_lIOZ4eHXNZUTxHOhmTusQ8AjXy_df11CbqfVP3UQ8CvD-gHbVisTdsPLYj5hstuaI4RRoY1R0QOuHyhevwbCCXdsJnWNh8xCGzwA3l_8RlSHtAXvydg3kGh2OWJmPLsTVSHm7qOxErE5W8hbVplEI8rErS0eKnvuBwTf4&cry=1&dbm_d=AKAmf-CAbNynhWVJ5uWimV83mMl6BA1SHdeW2RWAhPc1qH2tdryHwTdmfpojtjrjWDYizSe37s70Z4OmD39G0mkLhPti-VWy_jCF28rjtUg8NZlzgzgYlWAgWBMTgXRbaMckLvicwVf3WIjge9SGiBHGHZthawgGXIG1vzczJkRRU_VlslNFCMuN1hSI8RUvnBzBlPBHl9i1ck5bCZZwRh2npSXuOwXYC2Ad80iu9-O9C2NwDk7Zv8x5GgjZyXAMnJB4CpEMZBTNp23R1KAW9bZHlIbqgCuhc7dsATThLLoqV0aP1MSjKjXLYbqjTDrS2v4bIRBec6T69koJv--FOn3pFYKFiRD44-rTP6fphBc-Y5ZMH22A794nJVFNcO5DpWCrXl6OkYebZc1GnilJbnNhx4ljWvGqT4U9sbxoh_EizKjg9ZULs-6i4tGXoxVFuYjae3cHIlrxtrTAgPOi28MtiNplnoD8jxquO5CEAbOM5_RTU6xx74_TE-Av9tYZNCWmzEluyy1Q7jk2ciIqIxemaA6ue2RpvwSv29TLjHYo2aHfNP_qEmGnrOvyJQWa4YprS4YZHeOaB3htzfq4EZASi9JEeP9W69CCC4S1XOpvpd5Al47SrHMwroNWMJ-mSXDg-BU6W7tNhMfmT16YDie-z14j-WF_6b_Ho8gHlG4qAIFhImHunGw72IDa2XXcMdwM3ikAbHaJy_0mYdbap_hxRVBNNykLGeNbzyqkt15CllclxKBpBqWMTTvXWwTTsZ8qf4Igf6INJarqMKjd5JsyFAcPKBHxiR0xoaFTm9cCsj8PqJiJAQ0cJBw_dFb9CO0Ys6R1onkttYb7ayjIXiPvYhWKNvFWy4klzc3_9P88OZQoXHm6U99egbTgar-Exp1MeyUPkfJRybhUXRqxhcD09x8zBE06xO7gIAm5m6xJZnWpRfhF66D3R-1tsm32JFebc51zwjKx9XQ_Q7xV3RZyLjMi2hzue9CYXCt5SGshpChXXA4iKT76SzIeA52SIaBRcte1vxVvUXh32N1E4jR9aM4drD6-5g7SAUnzsabXLzU5heCm4mcQKXOzwUqxLd-uhrEoCbUQs5oa0kWavs9MrNNCNtW1nmhpLib2dZ6Ij6INhreJ9rMgLIFhcAuJRSpaH0OL0-VtxsvUZ5BPm7Ibui5vS79pXHiadH1WdOh3gsDhbEd9Mth50SUgGppAEQiaSDlzTGgwLSHqq3BXilY1euSpTTTUPuMydPijnma1dyAGFXHNkmua3qD263qMNfyv_fyOwcKqTSkXHaH5OXdrmm17eCC4Llx473gCIO5X9fSYDvaOKc-3NSTyzQTt6GZ8JLDT0cKccFHFomj_tlrl5KdHCi0HXns1STDaAGGSDIh_3L1fztdwCttfRn792CBd3y_5ddQ1p6raLZEZ4ykMBu5Z2FWLTR_g54XAb0Z-XMxM4C_E0ZFzWuG-kmiL6N70Wjp2bR-Q3zaZZuruieTcugj9GvEJm8YKyJvkPDP90Tr_T0CM8-8tkn9iWLEAxzojWTFzOtxrnkHlRvJm7qO-CSDA4Iv0JTozp49cpQwxU3hWkyVfjVrYGFxFJRBbI5BknNWd80o4cXi0mqqRsbQGZWJn2VaOY-_nMDcOBq2rH6WQdXJgrxIYOd2fCrZh4z5w8Sdx-KCJTwhzW730fW4N7ZBARHXl7GvvFoEt8c_hSTtdy4Ev4ycmDuGoXOwYKaAeAUl7yA3-fo1_fkyNQVciKJg5dUVFhxfQrVlV1104ObmCSsRpOFkpuudGzagGCLQPbZ5Bt9Q3ya5NYTFoca8OJNpg0Ddx_88EKXqZQ_V5l-bgQfaizsA7lB-j7dMz2PK9kA2GXtSGEMWG_rKtHbStkO08Lg-FNgnMLMG6PeTkTYc5P3oDAuVvL7Xlg3hqqKO2RcyBAdGdkiUl6_Q-hiHao3gNYZYTj5Lu9O0zymxalEx2eujohQU7GqcLtDpxnYOaafo61juEkwAAC2jWdr-6Wd_EMmLKNLX9qJ-ZxDE_xzyF5X2PAHs5DpNwk6xntn6ZS-gFzsNSKsmSSMQrV41lh9TDfhEDVDV30-mP-QPitCTN6MjX9hTpQxJpMNlt5FegkLzIfFEYyX0SNo9Lsy56m8jy9Pehv0DbPSBp9NC83UbzedltHpfOAzQP6b_caCzT5H9cVJfERqhYzAGoMENyk_0AnBn8HxldZnnXvs_LDrnU7ImdmvdL_gXZERoyYJ4K1fUgXWso5rhGDPlGbHHSzvsf0vVMqVRXe1LO0oPMHoRxNE-UEi-UUkSkL32iIZenKqvSEecIfSZLul5CIynfwGb5H2g-M174fuv1Rmk_2ubZfUhOhb9sGm578qrL25BchHLcgBJzOiMgDAvzSiyEJ6jacRQt3DgG87E66gsXNHL7q7UJ9osYrKSxZS03FMdrooGLL_o3pn59qhLfNi5dHVO5r1MqRydcyGaQgnUQQxYrLNA9jBfQRZIdQhW3X2R1hnxyiUL0sds0f1QvDCGgO3h-3eOf-MKkm9T8gY65TtfVp0Sxj-apB1oE8cqsP4rV2xXNjDBbOOsialklo0Sn2AaiGoAH1IYXM39anv1iqXNAortrelOR6s_gkqcgUTlq71XOKLKwkjjH2QsjbwCarQ6ZCV656RRF-7gM5X4Ocb20ynIHKLppxZX2-B6u-ptQkp9ZYNHnLisk7WpejXO17DAl_TO004URQRffif5lN0UeUolmGhLG8wxhLqQGMHd3AtwDan5bgdiMrcaYys8kKbrkz6WqIRydh49zY1ERg0DiGVLxuOgbpA7bEC35vrWJsl7mi0SKZoVqBc-Fc688OuFCIFzF0C-BhCa627InI54RlK7o-3vA4_8nxjbPD8xN4Syv8lrtOv3V9u8-YTMfl6pq4zRMpEh6zWuHJw1QnTXvwIDqqLvc5ahzFWXwegyyprPZ0zgAXNpQlwDCxqTgQyt5Suq_J_XiVoqAAFiU4-fIOpZQ4LrpIf685cG8mzgC12dBa-9fi-EtrVC_igySpJZW5A-9zm4-NH93ZYgolCC2u8YhzEgYY_L0lZqjCnwNms2WY24P2Ac4kar9avziDH7CnyMTq5--29jH4u6rTZju9FKEmWfOgyV4AUbiv4ZzCE65q6-9cDg_O4Z3MWaRBZjXm9h6lSVwx42jz9QTynu8ebULX4JuwaOS2GeBzo2yshu3uI3nmXkkz9EQ3ktdTzoVGUw-7_wq3rZnkN4igw-jNeuN7-i5JMHs8J58r8F44_dUvBI4FSGjRlnB3wZbaAvAb9tx2M1fqMfM4K1RdjGVfWVr20682W6mR93WOE3r8t1e6sStRajh-lzFB2ZsPjdj1HFy2LqUPmHryLuFjemlosiJ8u9GMYDSfXQS-vjTfK4rS1O-aMu9Xz6CmBnHaZ4gt8qV6SytMvQXkFAJDreT27Zx2PchBLgj_DBOJ8u2cHwqo-xsN_zQX_HlCQhid7gmn85V_FRQseysfL1fa5TpKmaHY9GUe99UrIYSp-AMj-6DGmwIZP6f64gsdNT1hGueajuKVtnS6ckQzKrlp2bdO4xPmSD5knVovbcjQvQp8MrGP6Czr0K-OOtC4_qAHt6TQsg6FDcOZVRpG0OhfoGFgkp9Ui_SfN2PvT7MIzGuNMwCkI_t&cid=CAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=10029601596841734000&adk=1779837782&idt=235&cac=0&dtd=48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:01:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Sep 2023 14:01:07 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 55DF 41 KB
14 KB 226ms
216ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 04:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117008
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Sep 2024 04:22:28 GMT

GET
H2 200 banner Show response
ad4.adfarm1.adition.com/ Frame 55DF 6 KB
3 KB 176ms
176ms Script
text/javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/banner?sid=4787111&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14893_2023%26adk%3D1587687671%26adf%3D2452301110%26pi%3Dt.ma%7Eas.3006%252F14893_2023%26w%3D336%26lmt%3D1693824755%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1693831954601%26bpp%3D424%26bdt%3D1936%26idt%3D789%26shv%3Dr20230830%26mjsv%3Dm202308290101%26ptt%3D5%26saldr%3Dsd%26correlator%3D7481342093613%26frm%3D23%26ife%3D1%26pv%3D1%26ga_vid%3D2028617141.1693831955%26ga_sid%3D1693831955%26ga_hid%3D186727165%26ga_fc%3D0%26ga_cid%3Damp-8egML7Ct6COpbVD1sVxY9A%26nhd%3D1%26u_tz%3D120%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D432%26ady%3D320%26biw%3D1600%26bih%3D1200%26isw%3D336%26ish%3D280%26ifk%3D1000899801%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31077328%252C31077372%252C31077443%252C31077522%252C31077559%252C31077550%26oid%3D2%26pvsid%3D3390865890185771%26tmod%3D610610474%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CoE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.mbnd5fxsfzy2%26fsb%3D1%26dtd%3D804&ro=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14893_2023%26adk%3D1587687671%26adf%3D2452301110%26pi%3Dt.ma%7Eas.3006%252F14893_2023%26w%3D336%26lmt%3D1693824755%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1693831954601%26bpp%3D424%26bdt%3D1936%26idt%3D789%26shv%3Dr20230830%26mjsv%3Dm202308290101%26ptt%3D5%26saldr%3Dsd%26correlator%3D7481342093613%26frm%3D23%26ife%3D1%26pv%3D1%26ga_vid%3D2028617141.1693831955%26ga_sid%3D1693831955%26ga_hid%3D186727165%26ga_fc%3D0%26ga_cid%3Damp-8egML7Ct6COpbVD1sVxY9A%26nhd%3D1%26u_tz%3D120%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D432%26ady%3D320%26biw%3D1600%26bih%3D1200%26isw%3D336%26ish%3D280%26ifk%3D1000899801%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31077328%252C31077372%252C31077443%252C31077522%252C31077559%252C31077550%26oid%3D2%26pvsid%3D3390865890185771%26tmod%3D610610474%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CoE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.mbnd5fxsfzy2%26fsb%3D1%26dtd%3D804&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=621230338&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvLkyE9P1ZKXIIrzB%5FtMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr%2DzAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk%5FD9wcKWNS7jQ%5FDv8nBcTY1M7uUBSnLmxyABJ%5FSRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1%5F0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc%5FMD9MfKJ9CZRTeL8%5F7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM%5FTn5UnyIlb8hGXWO8y%2Dcu24%5FRZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv%5FABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGF0yAooCOgKAQEi9%5FcE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE%26sig%3DAOD64%5F00zkwiba%2DYgSFDEC%2DPOhSonSKVSA%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DDbZ8i%5FMmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw%2Dj8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj%2D6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD%5FGqKv9Q%2DfEVdw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b%5Ffe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk%5FSvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn%5FIk%5FpJ595P%5FerZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn%5F3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe%2DuV%2DwNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX%5F7IbFogbAUPbeWKynKO835Ns%5FvoclPxQacYRH9yAUU3FHdpPZI%5FS2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh%5FLvP%5FanCa7Ofbkw5mBAUD%5FdBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5%5FxfWKfF%5FhuS9khTKT7jLLPHHwEYAv84AcG81%5Ft6poKSDrUAax%26adurl%3D&gclid=EAIaIQobChMI5Z2V4P%2DQgQMVvKB%5FBB0s8A6DEAEYASAAEgLWzfD%5FBwE
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4787111&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CvLkyE9P1ZKXIIrzB_tMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr-zAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk_D9wcKWNS7jQ_Dv8nBcTY1M7uUBSnLmxyABJ_SRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1_0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc_MD9MfKJ9CZRTeL8_7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM_Tn5UnyIlb8hGXWO8y-cu24_RZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv_ABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB_DrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE&ae=1&gclid=EAIaIQobChMI5Z2V4P-QgQMVvKB_BB0s8A6DEAEYASAAEgLWzfD_BwE&num=1&cid=CAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE&sig=AOD64_00zkwiba-YgSFDEC-POhSonSKVSA&client=ca-pub-4485239425924787&dbm_c=AKAmf-DbZ8i_MmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw-j8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj-6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD_GqKv9Q-fEVdw&cry=1&dbm_d=AKAmf-BL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b_fe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk_SvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn_Ik_pJ595P_erZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn_3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe-uV-wNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX_7IbFogbAUPbeWKynKO835Ns_voclPxQacYRH9yAUU3FHdpPZI_S2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh_LvP_anCa7Ofbkw5mBAUD_dBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5_xfWKfF_huS9khTKT7jLLPHHwEYAv84AcG81_t6poKSDrUAax&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 2f6bfad260ef2aad4f3e58181fdf2e6fd5c4c55ed4f05e5c00eecfab57fe5f86

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 14:52:36 +0200
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 video0.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 310 KB
311 KB 159ms
159ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video0.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: bd09c8a7b93803aa5920748a2f7b9dbfeac2c74bcff72e52f72c7c9abfab7534

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:36 GMT
cdn-edgestorageid: 1076
cdn-storageserver: DE-677
cdn-cachedat: 08/18/2023 10:37:58
cdn-pullzone: 829957
content-length: 317720
last-modified: Fri, 18 Aug 2023 08:17:58 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 636
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: fa986166eeb8b4d149fc3ec00b95863f
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1ED7 41 KB
13 KB 171ms
170ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfStrgBkxdXhvHGIGfOTWFLczRBXOYyUccIsZgpWm2FcXkarDOblB59I8KafQ_p3Lgg9jY3zcoIpTdB9z3Tt8a-uspEALLfHHFpMIHRsyVW69138Jt7nI3NgpJjNFjSfn8IJYXgU9j97IRsnAwy2sZwdHBJJnz237TtAqxP6EPVKjdd6c&cry=1&dbm_d=AKAmf-BK9x3vZm966esMkI6MPHn4QRjGU2u-9tzodFWIaibxGu8zsNGGP4O85ryirhRolTlItMPI8De3qP1ie7m3G4TLZ1fBQ-5aOrLplOmu0he5cnpzOzt9GwHT7k_hK7TmT6fNQahWqbd59chU-zTwVboO6lMCqSyZJfml7RjDCTHLha1ccpAAofDqK9sRIa2h3GSkO8BUGQ1jbrI7s3gJQbFpkuGTaO2AmToumoRj3lUteLKxr0_9ULT1bcLpBCOB9zFcxF5mZUvTt-rdFzzRs1EC3Lsj3SmUYdDnlU6YbHT030Z9lMrcaKrEFIOLwQ6eVBVH7QghQxxQ0uuL2i8vR22_xFU13cL14_Njm2pE6GyzOoeLs6b1tM000eBjyNZ6PSxNmS6aiThGjd2g4xDSGwLhnxTg3_w7sk2hQFtEMutWp27x_clYcAxiXDSmpPBFfovslbwllcM0qid1l7CcpuJGFv74LHhPMDybQHrzHQyx8ULaGAiFDeOv-iJZQzM7Zr4f1e8e0hvZ9xyyedBTJroxm48BHmMwcMJ1-c0pw5ZNhFG42N6RscLIdrs7Y2WKtek0Nwr3tuqzCitg2EFPVXpy1gkRovdfSgn4TIdFJ5Ar_SL9q07IT9GfpL7PJI7zw5N6VSIOmVuuEWv0ur8PFIKYLUXSkjtXU-sQqqynth2eJdpQ_tM79FyVuk9BQeCqL9U9kx3sXWJUluJJIpDW6afL3dHcn0vQwtt-ojNrDGp_tRH2eSZ7_zRQpHvApYxbgJ9miGEjUhelcem0N4qSuwnfFnhBgQrQ1IxoByrj8x3BjvqO5B9ya29AG6MxzpneCTYr_BYk0Of0IH_FRHbYYluUYmO1fqRSMmBQ8ET7-pdaaxFkwiSjx1BDanKkALMfyNN0TXsOvR6XOeHl0sBwMMwxObmrBMUj3r-gVJpbd6a8ltCnWn9UiV2w8P3v_w6Gr6F039_1ZwoF11v79OeJ3MSlJ-G7eDGZtDDXLF7qjeKq-HhOrIN-G_CHFOBYZar0MTQVHct57kIfjr8DiFHpYKbnwEKPr0x3LH-pSC3H9r2VyT5HG8cxTdF8DnCqOxARW3I2AE4b92XnjQ4xo4KIcfKaAxwjD3rKcS8sv3fz4OGSwIA4k4yzswcJ6Orj941ZMxBS2ElWJDKjk0JVdMDnFJrq7f5NkyPhEiGhXzaURjmYugRg8n-amHauhbthmAt-KrzP6RzZLc-TAuZ9aK2hFuFLLETxZLdGGfg_h0JbuP_SYYZSvd_kEsAR82ixMz2-hZD91gq5eb6WRjYCmpjQhTJUQuoeL1JxLPcmJ9K9BfSHe_v7v5rjoJqc0_licLKdcdSjsAXkxkpwq7LkVE7WpzDE5vvhUN9p4Hx2xlQppk3aHUQRzUrPGIJUTIBhJesytOC3l5NM1HRrJ3u-gMGNt96nPYAcovlFH10MHHknMPRI5YYRpevRFeRpD3K3AY0B-UWMPMz1hygR9wBsMXrmfjD-cwP8F9UkobjvElU4SwfGVy5bT-D_3dDFBZCUWm_jNTGqH-Gkja75rv-nkup-SRD7Pjs_P4CvbwN5IA1llMIr8veGxxshSzkMfT3A5q86sjIFKcnjmmDeDsmCRB0oLKXLQBye2AI1ycRyBeeqmWLTmr4ZqeXfYUiRbthLDKk5GsJ3UWzqk-QeoXuExWRZCiUlnScVUOERvxzWDXOY_i8c3i0nhlDPAWOyJIGMyFkF6oCE7NsYzzxjRhyw-bvAIBpYt9kbxjT7tzwWWp7fRcEFRTX-ls1Z0KZ-OmHAUfUY4s4B3QZbYYIKglSggFzQkUR3idA-LUplKBXgr-NHOEyF22x-e-HpnJreljHY_Uq6ABsDF079NRo0aogUDfeqiCppsGNE7-VHHnezEqUTmZKRw0c3zw9Im24j9bOFuxPLQB_jG3fw4fKZIiE7LH841Z_ENpO9_SQ0roAofkGXpOatrkyb1pshat5qu-aNzc3hob9p5ZZOpTMQ6H9X7FGFuE74tkFN-HV10DBFxkktN5PWDkLu3jDgDZDIG6voibYxdLXNd7frKS7g7dZUhsB4YIts1Ff4NI63zztrQpBC2qEsoJwvmgdZ2loDEdVfOwYGlZweR-HWs8vxwJqiSqglnReApHuCb0YWKthMMuNV_cn2Dukv8767fvZGbcgar_4X9WQfTL8crfMb0e402YchQ47HkFmEbfsFQRvYl-IcV9oBG5NG5X8iRhP7Pm-GEcychpSyRvgbGY6ULrtYA9eJmP9Ue4UlNXhFzBHhwo_W833KWJnrow35jLJaIZgpqMDwqHOz86rPMSX0kLQJuyLbWB7hZJFkbuqJ5BaqaH1jonYUOejI89A7shXEkBhqwsiW9DToYoYBqhvw4hrVg3b5w-JysSW1Qnr-95X3mlbh12yWrU1BOHjJ8bq4lmYzZGZ4VrKjcPKG48PgSuneBsBrRqUgXUS4uPUsigwjv61U52qoLQA_wEoICRkjJPTkKFqo0s_51GRG3OUolFVgVNTIYywOd3yw59APTYr98xehcqwzODSvi8nIHPWLckb4I5sLfKyl54TRUFmiN6FAaFLd-miGoM4wjn2fYwP9YxOa5VddTVeUpMQnvrXDIiBKKOW1aOB6craKr3g9Ruxkm9rG4mYpCfHE1eQhT9UEgphTNkpUZfTlv_LI7j951QHM5bMJeFvW_qwDp9W4FXgCUt0__e4OhblXperA8cJn4xeOMwh6YlcO2TGY_N3JBDNZSEfhTJhDyGQb250cucOd2VJf-lV7IF_WXP-TqjDjzm4cBoqPt78Oemz2McE1_hJMyCVnlJrRTKjMzvcCArk8MfjdiUfuOLY49z7RzOxQr8ySzCqvedDnvnLSIx-B41yxqMnC6GYnO9n8GnBkMeoUDxPfmtudy7NUIId0bEZZlZF7pclFHaLNp5ZGsYaqc7fbyaR2cN3lOdLaebkShcXf-K4hI3kwLfbEG-dUak-HgiLCbnJ2EgiIQAmg0pTIuzfjYzPbVf5sPR65unAnlHp37QCBji9eillY2MJ2NxHIqDKx730dmLXAMElfsaVs3QFfXnNLkLXirdfb2rPLZEw2z5BStUTTwxd1AbgFpDqQdHMcSm7VlVDDxVx85vUPMSjmMEEDeWYYDLc3w93MO-IIEry1e0Bh6poL2zehKmkHMKuxR8aG3Ez-IEyfMKrn0P4B9vJuz9DW0AXOXPnyqaQx_GaDSNeS76OP6g8e9J5_q-0-qA-Czg4aKsBfF8PhRHHqmDbdq48pQWKipN_y1u7spJ5ScKVREB0RoiewQ8RA47HyoyJWbE_5FdK2Uxkhcbrcq-W1ydDMtU0-Kh_Ja38HOxTuGYCDG8DX749PHBzkeGEnvsU6ZWJ9EHZFBIiJYtM5V_7kEoYL-EsK3IVSyNlOwP-8XCVJ4Wkj5oMhbDLV01gW0y6gN_d6wpF440DEWQyQDDdX0rMcKZUO4iINaCVOHRr9LmWb-_HaSDgVZoxGQADeacKQWl999EUuZRGbGIaQknJQS-W8An7L_-bKFJOJ5Mb2k9mS_OOyCMs1satwVczZDXTUJaWW8RjX6kcZ2U-DoEvfv5LEfhoe5Y8ELPA5hfArA9kNZz-jIQI0dN5bFMJfrtDSQV_WVz8vbZZ8eF4suFhnC8PUo-YaYv03PM3iBIGuki8tjGtCrZvrQZfGKrhlfThVRRotmbkVW5wfjGoNB12Gi_bE-GcQ2Fpe0AFLimRv7pttyFL8LMS7wZ-A6FFvkMsOTXcYX6jYR-BhMKe-qCd6C2OxF9gy6HNefIR8yhECjIiB0zy5yJSeqGHDuxrpMuP1wfTn2ik5iA2hB9bG47yBdLM8U6M1VW6wuXRQ-JyfLCNWKIw7rSN5dpToDkCwl82Nj3m1LIzokJmiL41XVrY2ZcqDAttY&cid=CAQSKQBpAlJWisWF2FLtkaug4rUzJBFWw93JCm_SyK4FpXwVJvoSUhlHTbweGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=166581595500971520&adk=627576174&idt=425&cac=0&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 04:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117008
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Sep 2024 04:22:28 GMT

GET
H/1.1 200
OK 8w7qrx09r0fs Show response
hal9000.redintelligence.net/zone/ Frame 1ED7 12 KB
4 KB 542ms
198ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCv1OsE9P1ZOeaHsuAngWi7rqQC5HB0Jtp-_CDktwP8C4QASDSzIEaYPWNu4GYBMgBCakCe7uNKzEdsj6oAwHIA5uEgIAEqgT-AU_QYQUOqU_S7V36hhrAY6dwdA7hak0Gs1RS32meqS2hZYxnF75W6W7v9DNTBXJIIqDt6EfO1Kb_Tasf6GhxvZbZ07N7MNKXbyFKkXp9y8SU_3maCIMlVp2hbq6g9LgmKYSWS5TIbQFzrdOcn6e3-on9uXFN9DbxJWQn8NvPPPIn_rr0qkksB7hWjbkQqnSQprpnnJsF0QEIM1J9OzgRFP8f5G89qhI9NPZn14QajPuYx6GKGPwMY3zDPmRcQcPvAhX-Ij2clQdd5pJ4aCySgtDw5AAmG2hB-wyYzFndC8xo0_4P0JfQSgKKfqwfiXWcnjafl2L18xZCuAPfygUcwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARhdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkNIyA0BsBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIp_CQ4P-QgQMVS4CnCh0itw6yEAEYASAAEgItuPD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWisWF2FLtkaug4rUzJBFWw93JCm_SyK4FpXwVJvoSUhlHTbweGAE%26sig%3DAOD64_2bbxIgfYMcL8uiZ-aNsIz6pcc4uQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-D7E7TcDGpvehZGx-icQY2YTtJwlZPTZ96rZFhDSKIwe9fagOTsI0fK6SdFvVquCmj4_odWsseNrXmsuVIBgX_gMpHThIYgXy49uVXvZa4rI7YDzkyQDfoBik2qLPjHlrNTHofuKp3hZtF0qPme8gR29WP-Sh6D7ZchTdpf8JY38iDWdAo%26cry%3D1%26dbm_d%3DAKAmf-D2qoFfAitG2Drgf05oYxaBrfzj0QjcE9bgu4CYhyenx9WEKMSSJNBogmYShNfo0bxBMyPkG-lofDLnyjHSyYVDYotDjAiuNlZ8vQpklycbt5r3G7mzplzVTXlL8S-Wi-1nCkT4-ma1exNWVf3qo8sGdYt-vuZ0Ut6baNsOrfD_jiHtkouoXa6TfYS3T4W_hYx-rtmSSsxMVkQc0nfS_o9PtnWxcbVUBFIcAcS2c7eD3xG2na7eAcfjkhc6TCVTZ6I2KZhr7OjPK4CWdgFEtnJsDACMi1eSkEVjCjMFajJujZ04XxagWiyK7yo-19WI5_aEpwSBvPZdyDAXU2qv2FenYXMu_syZNLgHk1GV4ADZcelXFDo4RzQ6c1czPtOwiLe5AXBD_rMUvDvl605SsIUEswfxqAFAktCAKySxeMEKvuzpJtsdTbg1pddoGufQQDZaI1Hhu7YlKyzbF6kRvhJ1jrV8clWeIDBJBx2ysfcqGgKo6JetCNUYQB-q2D4H2Xv6fL_kXqyopCOZRDRlCr7oOT0pmXZnd25h5Bs3F2t1EVRUtc1xQB0lN_--mSJUuxs41aPvO-Xb-JMqGCgPMZNdmFfebNnrkAgWIjhXSQ_NY15xgvBvV7oNbOPwQ8c3XHW7mWBlW5IeCL3m8MvhYwPsQedCdJDx0xVwQSHHhUUE51KRAhrc2g3-UC99L5LO3hf0V0s1%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954597&bpp=277&bdt=1921&idt=721&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=2&ga_vid=1433181647.1693831955&ga_sid=1693831955&ga_hid=1027435732&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1554&biw=1600&bih=1200&isw=336&ish=280&ifk=4260656508&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077443%2C31077560%2C31077588&oid=2&pvsid=402901672500272&tmod=1292911160&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0wnu3cqf74e&btvi=1&fsb=1&dtd=735
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 0283b98cb051d31accd4bbdbfb2959d1609458ac44ef6ceda1b6900d7b99021f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 12:52:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4279
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 94A2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5405736498204780663

43 B
106 B

126ms
118ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5405736498204780663
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:37 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5405736498204780663
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 94A2
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b6382f7b-0c73-ce5b-2a90-f090a1117f38
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b6382f7b-0c73-ce5b-2a90-f090a1117f38&dcc=t

43 B
855 B

358ms
357ms

Image
image/gif

52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b6382f7b-0c73-ce5b-2a90-f090a1117f38&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

HTTP/1.1

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 12:52:37 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9PE154K21GXHDGH44YHM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 12:52:37 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 05FQ8VKE937CWEADDM1Q
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b6382f7b-0c73-ce5b-2a90-f090a1117f38&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 94A2 70 B
264 B 96ms
95ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=eeee5306-10d9-75a1-ea9e-7207c922b4d8&gdpr=0
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 94A2 170 B
188 B 95ms
95ms Image
image/png 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzI4MTgwY2MtZDlhZS0yYjA1LWZmN2UtMjhiZTAzYzA3YWI4

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 94A2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENZP7G5tu_y5OmD0Jo15ew0&google_cver=1

43 B
180 B

284ms
278ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENZP7G5tu_y5OmD0Jo15ew0&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:37 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENZP7G5tu_y5OmD0Jo15ew0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
ad2.adfarm1.adition.com/ Frame 55DF 4 KB
3 KB 588ms
150ms Script
application/x-javascript 217.79.188.21
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.adfarm1.adition.com/js?wp_id=4389193&gdpr=0&gdpr_consent=&ts=7274952855957212170&kid=5609187&keyword=PACS_4787111_17068013&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvLkyE9P1ZKXIIrzB%5FtMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr%2DzAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk%5FD9wcKWNS7jQ%5FDv8nBcTY1M7uUBSnLmxyABJ%5FSRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1%5F0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc%5FMD9MfKJ9CZRTeL8%5F7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM%5FTn5UnyIlb8hGXWO8y%2Dcu24%5FRZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv%5FABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGF0yAooCOgKAQEi9%5FcE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE%26sig%3DAOD64%5F00zkwiba%2DYgSFDEC%2DPOhSonSKVSA%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DDbZ8i%5FMmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw%2Dj8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj%2D6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD%5FGqKv9Q%2DfEVdw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b%5Ffe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk%5FSvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn%5FIk%5FpJ595P%5FerZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn%5F3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe%2DuV%2DwNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX%5F7IbFogbAUPbeWKynKO835Ns%5FvoclPxQacYRH9yAUU3FHdpPZI%5FS2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh%5FLvP%5FanCa7Ofbkw5mBAUD%5FdBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5%5FxfWKfF%5FhuS9khTKT7jLLPHHwEYAv84AcG81%5Ft6poKSDrUAax%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952855957212170%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D63869%2526keyword%253D%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMI5Z2V4P%2DQgQMVvKB%5FBB0s8A6DEAEYASAAEgLWzfD%5FBwE
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4787111&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14893_2023%26adk%3D1587687671%26adf%3D2452301110%26pi%3Dt.ma%7Eas.3006%252F14893_2023%26w%3D336%26lmt%3D1693824755%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1693831954601%26bpp%3D424%26bdt%3D1936%26idt%3D789%26shv%3Dr20230830%26mjsv%3Dm202308290101%26ptt%3D5%26saldr%3Dsd%26correlator%3D7481342093613%26frm%3D23%26ife%3D1%26pv%3D1%26ga_vid%3D2028617141.1693831955%26ga_sid%3D1693831955%26ga_hid%3D186727165%26ga_fc%3D0%26ga_cid%3Damp-8egML7Ct6COpbVD1sVxY9A%26nhd%3D1%26u_tz%3D120%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D432%26ady%3D320%26biw%3D1600%26bih%3D1200%26isw%3D336%26ish%3D280%26ifk%3D1000899801%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31077328%252C31077372%252C31077443%252C31077522%252C31077559%252C31077550%26oid%3D2%26pvsid%3D3390865890185771%26tmod%3D610610474%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CoE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.mbnd5fxsfzy2%26fsb%3D1%26dtd%3D804&ro=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14893_2023%26adk%3D1587687671%26adf%3D2452301110%26pi%3Dt.ma%7Eas.3006%252F14893_2023%26w%3D336%26lmt%3D1693824755%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1693831954601%26bpp%3D424%26bdt%3D1936%26idt%3D789%26shv%3Dr20230830%26mjsv%3Dm202308290101%26ptt%3D5%26saldr%3Dsd%26correlator%3D7481342093613%26frm%3D23%26ife%3D1%26pv%3D1%26ga_vid%3D2028617141.1693831955%26ga_sid%3D1693831955%26ga_hid%3D186727165%26ga_fc%3D0%26ga_cid%3Damp-8egML7Ct6COpbVD1sVxY9A%26nhd%3D1%26u_tz%3D120%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D432%26ady%3D320%26biw%3D1600%26bih%3D1200%26isw%3D336%26ish%3D280%26ifk%3D1000899801%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31077328%252C31077372%252C31077443%252C31077522%252C31077559%252C31077550%26oid%3D2%26pvsid%3D3390865890185771%26tmod%3D610610474%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CoE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.mbnd5fxsfzy2%26fsb%3D1%26dtd%3D804&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=621230338&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvLkyE9P1ZKXIIrzB%5FtMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr%2DzAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk%5FD9wcKWNS7jQ%5FDv8nBcTY1M7uUBSnLmxyABJ%5FSRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1%5F0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc%5FMD9MfKJ9CZRTeL8%5F7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM%5FTn5UnyIlb8hGXWO8y%2Dcu24%5FRZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv%5FABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGF0yAooCOgKAQEi9%5FcE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE%26sig%3DAOD64%5F00zkwiba%2DYgSFDEC%2DPOhSonSKVSA%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DDbZ8i%5FMmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw%2Dj8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj%2D6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD%5FGqKv9Q%2DfEVdw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b%5Ffe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk%5FSvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn%5FIk%5FpJ595P%5FerZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn%5F3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe%2DuV%2DwNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX%5F7IbFogbAUPbeWKynKO835Ns%5FvoclPxQacYRH9yAUU3FHdpPZI%5FS2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh%5FLvP%5FanCa7Ofbkw5mBAUD%5FdBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5%5FxfWKfF%5FhuS9khTKT7jLLPHHwEYAv84AcG81%5Ft6poKSDrUAax%26adurl%3D&gclid=EAIaIQobChMI5Z2V4P%2DQgQMVvKB%5FBB0s8A6DEAEYASAAEgLWzfD%5FBwE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad2.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: cf159f4e8cb0c7ae70772a05b945576690500d8217815ec8ec00c30cb7432b6d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Mon, 04 Sep 2023 14:52:37 +0200
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B4F8 22 KB
8 KB 276ms
275ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 98577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 09:29:40 GMT
expires: Mon, 02 Sep 2024 09:29:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 19AB 13 KB
5 KB 354ms
350ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:31:43 GMT
expires: Tue, 03 Sep 2024 12:31:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2EAF 829 B
760 B 294ms
290ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a42b01797a14ecc7dd422e8a12126c0c276b09c2a7cc62eabc3f8bdfcba3d61a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1S-ocrJIicCiKMTAt2zq7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-1S-ocrJIicCiKMTAt2zq7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:37 GMT
expires: Mon, 04 Sep 2023 12:52:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1513 13 KB
5 KB 353ms
350ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:31:43 GMT
expires: Tue, 03 Sep 2024 12:31:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3F75 829 B
992 B 289ms
288ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

63027105ca1d100cb5d0007660e5052d961d29bc8605ce7987635fb421fa1433

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O6S5y1DaYqf7WeOitcrhKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-O6S5y1DaYqf7WeOitcrhKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:37 GMT
expires: Mon, 04 Sep 2023 12:52:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 38F7 22 KB
8 KB 352ms
351ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 98577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 09:29:40 GMT
expires: Mon, 02 Sep 2024 09:29:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame B4F8 38 KB
15 KB 119ms
119ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Sep 2024 12:47:35 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3F75 0
0 234ms
234ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308290101&jk=1731831362702570&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2EAF 0
0 233ms
233ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308290101&jk=2222117741474032&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
290 B 448ms
430ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bg3.co
Date: Mon, 04 Sep 2023 12:52:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame C033 38 KB
15 KB 184ms
183ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Sep 2024 12:47:35 GMT

GET
H2 200 auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 70 B
308 B 179ms
178ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9mYS1odWktamluLXJvbmctY2h1YW5nLXhpbi15b3Utc2hpLXpoZW5nLXlpbi1kYW4teGlhbi1zaGFuZy1waS1saWFuZy1yb25nLXppLWRhbi1iYW8taGUtenVvLW1vLXNoaS10dWktY2h1Lmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS05YTI0NzgxOC00N2M0LTQ1MGItYjUwYS03ZWE4NDMwYzAzZDYiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjAxZmE1NTM0LTlkMjMtNDA4Yy1hMTVhLTUzNWRlM2I2ODU5NCIsInRpbWVPZkF1Y3Rpb24iOjE2OTM4MzE5NTQ0MTQsImJpZHMiOlt7ImNwbSI6MC4wMywiYWRJZCI6Ijc1ODA1ODFkNzE0OTgwOCIsIm9yaWdpbmFsQ3BtIjowLjA0LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjYyMCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTM4MzE5NTUwNTB9LHsiY3BtIjowLjA0NDU0NDUsImFkSWQiOiI3NjZiOTUzOWRlNjQ2OWIiLCJvcmlnaW5hbENwbSI6MC4wNjQxNywiYmlkZGVyIjoiYWRsaXZldGVjaCIsInJldmVudWUiOjAuMDAwMDU0NTQ0NTAwMDAwMDAwMDA2LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo5MzQsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjkzODMxOTU1MzcwfV0sInRpbWVkT3V0QmlkZGVycyI6WyJhZHlvdWxpa2UiLCJhZHlvdWxpa2UiLCJhZHlvdWxpa2UiLCJhZHlvdWxpa2UiXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoiYWRsaXZldGVjaCIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiNzY2Yjk1MzlkZTY0NjliIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDA1NDU0NDUwMDAwMDAwMDAwNn0seyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiIwMWZhNTUzNC05ZDIzLTQwOGMtYTE1YS01MzVkZTNiNjg1OTQiLCJ0aW1lT2ZBdWN0aW9uIjoxNjkzODMxOTU0NDE0LCJiaWRzIjpbeyJjcG0iOjAuMDQ0NTQ0NSwiYWRJZCI6Ijc3YzVkMzdlN2U0MTAyNiIsIm9yaWdpbmFsQ3BtIjowLjA2NDE3LCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwNTQ1NDQ1MDAwMDAwMDAwMDYsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjkzNCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTM4MzE5NTUzNzB9LHsiY3BtIjowLjAxLCJhZElkIjoiNzhhZDQ1ZTYwNjA3ZWQ2Iiwib3JpZ2luYWxDcG0iOjAuMDIsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDAyLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo5ODAsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjkzODMxOTU1NDIyfV0sInRpbWVkT3V0QmlkZGVycyI6WyJhZHlvdWxpa2UiXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoiYWRsaXZldGVjaCIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiNzdjNWQzN2U3ZTQxMDI2IiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDA1NDU0NDUwMDAwMDAwMDAwNn1dLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=8956.20000076294
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:37 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 199ms
199ms Script
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Sep 2023 12:52:37 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
20 KB 672ms
672ms Fetch
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1345933802354856&correlator=3676714641309124&eid=31076399&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height%2Cheight&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Df9ed3c550e4b5e5c-22e363f666de0023%3AT%3D1693831956%3ART%3D1693831956%3AS%3DALNI_MbhPi_Lx4YtnDPZPXgSXaIUXyj9uA&gpic=UID%3D00000c6ef83ff7e2%3AT%3D1693831956%3ART%3D1693831956%3AS%3DALNI_MYtkc6IQPUlJs6FV160220h_mwajg&arp=1&abxe=1&dt=1693831957490&lmt=1693824757&adxs=236%2C315&adys=60%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&vis=1&psz=728x-1%7C970x-1&msz=728x-1%7C970x-1&fws=4%2C516&ohw=728%2C1600&ga_vid=268073163.1693831955&ga_sid=1693831955&ga_hid=7279&ga_fc=true&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&dlt=1693831951089&idt=3972&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_5_0%26cluster_reporting%3Dchrome_DESKTOP_5_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.04%26hb_ap_adid%3D766b9539de6469b%26hb_ap_bidder%3Dadlivetech%26fcEnabled%3D0%7CstopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_5_0%26cluster_reporting%3Dchrome_DESKTOP_5_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.04%26hb_ap_adid%3D77c5d37e7e41026%26hb_ap_bidder%3Dadlivetech%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c%26faid%3Dfalse&adks=1420297610%2C2825066673&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e30e343532631e396117e9fe10d2585490eba2a8edda7807346d491d3f754203

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19972
x-xss-protection: 0
google-lineitem-id: -1,5221734716
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138440838575
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal900021.redintelligence.net/ Frame 1ED7
Redirect Chain

https://hal900021.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=a2273c1c88&subid=&uid=51f12e8240c17ec8&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900021.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=a2273c1c88&subid=&uid=51f12e8240c17ec8&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

588ms
226ms

Script
application/x-javascript

144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=a2273c1c88&subid=&uid=51f12e8240c17ec8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCv1OsE9P1ZOeaHsuAngWi7rqQC5HB0Jtp-_CDktwP8C4QASDSzIEaYPWNu4GYBMgBCakCe7uNKzEdsj6oAwHIA5uEgIAEqgT-AU_QYQUOqU_S7V36hhrAY6dwdA7hak0Gs1RS32meqS2hZYxnF75W6W7v9DNTBXJIIqDt6EfO1Kb_Tasf6GhxvZbZ07N7MNKXbyFKkXp9y8SU_3maCIMlVp2hbq6g9LgmKYSWS5TIbQFzrdOcn6e3-on9uXFN9DbxJWQn8NvPPPIn_rr0qkksB7hWjbkQqnSQprpnnJsF0QEIM1J9OzgRFP8f5G89qhI9NPZn14QajPuYx6GKGPwMY3zDPmRcQcPvAhX-Ij2clQdd5pJ4aCySgtDw5AAmG2hB-wyYzFndC8xo0_4P0JfQSgKKfqwfiXWcnjafl2L18xZCuAPfygUcwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARhdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkNIyA0BsBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIp_CQ4P-QgQMVS4CnCh0itw6yEAEYASAAEgItuPD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWisWF2FLtkaug4rUzJBFWw93JCm_SyK4FpXwVJvoSUhlHTbweGAE%26sig%3DAOD64_2bbxIgfYMcL8uiZ-aNsIz6pcc4uQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-D7E7TcDGpvehZGx-icQY2YTtJwlZPTZ96rZFhDSKIwe9fagOTsI0fK6SdFvVquCmj4_odWsseNrXmsuVIBgX_gMpHThIYgXy49uVXvZa4rI7YDzkyQDfoBik2qLPjHlrNTHofuKp3hZtF0qPme8gR29WP-Sh6D7ZchTdpf8JY38iDWdAo%26cry%3D1%26dbm_d%3DAKAmf-D2qoFfAitG2Drgf05oYxaBrfzj0QjcE9bgu4CYhyenx9WEKMSSJNBogmYShNfo0bxBMyPkG-lofDLnyjHSyYVDYotDjAiuNlZ8vQpklycbt5r3G7mzplzVTXlL8S-Wi-1nCkT4-ma1exNWVf3qo8sGdYt-vuZ0Ut6baNsOrfD_jiHtkouoXa6TfYS3T4W_hYx-rtmSSsxMVkQc0nfS_o9PtnWxcbVUBFIcAcS2c7eD3xG2na7eAcfjkhc6TCVTZ6I2KZhr7OjPK4CWdgFEtnJsDACMi1eSkEVjCjMFajJujZ04XxagWiyK7yo-19WI5_aEpwSBvPZdyDAXU2qv2FenYXMu_syZNLgHk1GV4ADZcelXFDo4RzQ6c1czPtOwiLe5AXBD_rMUvDvl605SsIUEswfxqAFAktCAKySxeMEKvuzpJtsdTbg1pddoGufQQDZaI1Hhu7YlKyzbF6kRvhJ1jrV8clWeIDBJBx2ysfcqGgKo6JetCNUYQB-q2D4H2Xv6fL_kXqyopCOZRDRlCr7oOT0pmXZnd25h5Bs3F2t1EVRUtc1xQB0lN_--mSJUuxs41aPvO-Xb-JMqGCgPMZNdmFfebNnrkAgWIjhXSQ_NY15xgvBvV7oNbOPwQ8c3XHW7mWBlW5IeCL3m8MvhYwPsQedCdJDx0xVwQSHHhUUE51KRAhrc2g3-UC99L5LO3hf0V0s1%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=1256845453216&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954597&bpp=277&bdt=1921&idt=721&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=2&ga_vid=1433181647.1693831955&ga_sid=1693831955&ga_hid=1027435732&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1554&biw=1600&bih=1200&isw=336&ish=280&ifk=4260656508&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077443%2C31077560%2C31077588&oid=2&pvsid=402901672500272&tmod=1292911160&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0wnu3cqf74e&btvi=1&fsb=1&dtd=735
Protocol: HTTP/1.1
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 7c2ae836679e86b2a4e2523af0697365c3b2f2ad44ebbfa6cb04efcffee46515

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 12:52:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 69230100099624304438458012437021
Connection: close
Content-Length: 803
Expires: Mon, 04 Sep 2023 13:52:38 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 12:52:37 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=a2273c1c88&subid=&uid=51f12e8240c17ec8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCv1OsE9P1ZOeaHsuAngWi7rqQC5HB0Jtp-_CDktwP8C4QASDSzIEaYPWNu4GYBMgBCakCe7uNKzEdsj6oAwHIA5uEgIAEqgT-AU_QYQUOqU_S7V36hhrAY6dwdA7hak0Gs1RS32meqS2hZYxnF75W6W7v9DNTBXJIIqDt6EfO1Kb_Tasf6GhxvZbZ07N7MNKXbyFKkXp9y8SU_3maCIMlVp2hbq6g9LgmKYSWS5TIbQFzrdOcn6e3-on9uXFN9DbxJWQn8NvPPPIn_rr0qkksB7hWjbkQqnSQprpnnJsF0QEIM1J9OzgRFP8f5G89qhI9NPZn14QajPuYx6GKGPwMY3zDPmRcQcPvAhX-Ij2clQdd5pJ4aCySgtDw5AAmG2hB-wyYzFndC8xo0_4P0JfQSgKKfqwfiXWcnjafl2L18xZCuAPfygUcwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARhdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkNIyA0BsBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIp_CQ4P-QgQMVS4CnCh0itw6yEAEYASAAEgItuPD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWisWF2FLtkaug4rUzJBFWw93JCm_SyK4FpXwVJvoSUhlHTbweGAE%26sig%3DAOD64_2bbxIgfYMcL8uiZ-aNsIz6pcc4uQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-D7E7TcDGpvehZGx-icQY2YTtJwlZPTZ96rZFhDSKIwe9fagOTsI0fK6SdFvVquCmj4_odWsseNrXmsuVIBgX_gMpHThIYgXy49uVXvZa4rI7YDzkyQDfoBik2qLPjHlrNTHofuKp3hZtF0qPme8gR29WP-Sh6D7ZchTdpf8JY38iDWdAo%26cry%3D1%26dbm_d%3DAKAmf-D2qoFfAitG2Drgf05oYxaBrfzj0QjcE9bgu4CYhyenx9WEKMSSJNBogmYShNfo0bxBMyPkG-lofDLnyjHSyYVDYotDjAiuNlZ8vQpklycbt5r3G7mzplzVTXlL8S-Wi-1nCkT4-ma1exNWVf3qo8sGdYt-vuZ0Ut6baNsOrfD_jiHtkouoXa6TfYS3T4W_hYx-rtmSSsxMVkQc0nfS_o9PtnWxcbVUBFIcAcS2c7eD3xG2na7eAcfjkhc6TCVTZ6I2KZhr7OjPK4CWdgFEtnJsDACMi1eSkEVjCjMFajJujZ04XxagWiyK7yo-19WI5_aEpwSBvPZdyDAXU2qv2FenYXMu_syZNLgHk1GV4ADZcelXFDo4RzQ6c1czPtOwiLe5AXBD_rMUvDvl605SsIUEswfxqAFAktCAKySxeMEKvuzpJtsdTbg1pddoGufQQDZaI1Hhu7YlKyzbF6kRvhJ1jrV8clWeIDBJBx2ysfcqGgKo6JetCNUYQB-q2D4H2Xv6fL_kXqyopCOZRDRlCr7oOT0pmXZnd25h5Bs3F2t1EVRUtc1xQB0lN_--mSJUuxs41aPvO-Xb-JMqGCgPMZNdmFfebNnrkAgWIjhXSQ_NY15xgvBvV7oNbOPwQ8c3XHW7mWBlW5IeCL3m8MvhYwPsQedCdJDx0xVwQSHHhUUE51KRAhrc2g3-UC99L5LO3hf0V0s1%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=1256845453216&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Mon, 04 Sep 2023 13:52:37 +0200

GET
H2 200 video1.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 396 KB
397 KB 225ms
225ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video1.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 9c54bf6ab1af08f7f512d67d17c99c32dd9bddc19421c9a7e672b2a22ffe5ed1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:37 GMT
cdn-edgestorageid: 1079
cdn-storageserver: DE-677
cdn-cachedat: 08/18/2023 10:37:58
cdn-pullzone: 829957
content-length: 405516
last-modified: Fri, 18 Aug 2023 08:17:57 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 637
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 2aabb581cc60891f52a0e91fb11e2bd8
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame 38F7 38 KB
15 KB 250ms
249ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Sep 2024 12:47:35 GMT

GET
H2 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame 19AB 38 KB
15 KB 272ms
271ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Sep 2024 12:47:35 GMT

GET
H2 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame 1513 38 KB
15 KB 291ms
291ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Sep 2024 12:47:35 GMT

GET
H2 200 banner Show response
ad2.adfarm1.adition.com/ Frame 55DF 11 KB
4 KB 124ms
124ms Script
text/javascript 217.79.188.21
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.adfarm1.adition.com/banner?sid=4389193&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14893_2023%26adk%3D1587687671%26adf%3D2452301110%26pi%3Dt.ma%7Eas.3006%252F14893_2023%26w%3D336%26lmt%3D1693824755%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1693831954601%26bpp%3D424%26bdt%3D1936%26idt%3D789%26shv%3Dr20230830%26mjsv%3Dm202308290101%26ptt%3D5%26saldr%3Dsd%26correlator%3D7481342093613%26frm%3D23%26ife%3D1%26pv%3D1%26ga_vid%3D2028617141.1693831955%26ga_sid%3D1693831955%26ga_hid%3D186727165%26ga_fc%3D0%26ga_cid%3Damp-8egML7Ct6COpbVD1sVxY9A%26nhd%3D1%26u_tz%3D120%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D432%26ady%3D320%26biw%3D1600%26bih%3D1200%26isw%3D336%26ish%3D280%26ifk%3D1000899801%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31077328%252C31077372%252C31077443%252C31077522%252C31077559%252C31077550%26oid%3D2%26pvsid%3D3390865890185771%26tmod%3D610610474%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CoE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.mbnd5fxsfzy2%26fsb%3D1%26dtd%3D804&ro=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14893_2023%26adk%3D1587687671%26adf%3D2452301110%26pi%3Dt.ma%7Eas.3006%252F14893_2023%26w%3D336%26lmt%3D1693824755%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1693831954601%26bpp%3D424%26bdt%3D1936%26idt%3D789%26shv%3Dr20230830%26mjsv%3Dm202308290101%26ptt%3D5%26saldr%3Dsd%26correlator%3D7481342093613%26frm%3D23%26ife%3D1%26pv%3D1%26ga_vid%3D2028617141.1693831955%26ga_sid%3D1693831955%26ga_hid%3D186727165%26ga_fc%3D0%26ga_cid%3Damp-8egML7Ct6COpbVD1sVxY9A%26nhd%3D1%26u_tz%3D120%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D432%26ady%3D320%26biw%3D1600%26bih%3D1200%26isw%3D336%26ish%3D280%26ifk%3D1000899801%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31077328%252C31077372%252C31077443%252C31077522%252C31077559%252C31077550%26oid%3D2%26pvsid%3D3390865890185771%26tmod%3D610610474%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CoE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.mbnd5fxsfzy2%26fsb%3D1%26dtd%3D804&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=7274952855952886794&kid=5609187&kw=PACS%5F4787111%5F17068013&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvLkyE9P1ZKXIIrzB%5FtMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr%2DzAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk%5FD9wcKWNS7jQ%5FDv8nBcTY1M7uUBSnLmxyABJ%5FSRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1%5F0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc%5FMD9MfKJ9CZRTeL8%5F7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM%5FTn5UnyIlb8hGXWO8y%2Dcu24%5FRZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv%5FABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGF0yAooCOgKAQEi9%5FcE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE%26sig%3DAOD64%5F00zkwiba%2DYgSFDEC%2DPOhSonSKVSA%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DDbZ8i%5FMmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw%2Dj8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj%2D6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD%5FGqKv9Q%2DfEVdw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b%5Ffe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk%5FSvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn%5FIk%5FpJ595P%5FerZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn%5F3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe%2DuV%2DwNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX%5F7IbFogbAUPbeWKynKO835Ns%5FvoclPxQacYRH9yAUU3FHdpPZI%5FS2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh%5FLvP%5FanCa7Ofbkw5mBAUD%5FdBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5%5FxfWKfF%5FhuS9khTKT7jLLPHHwEYAv84AcG81%5Ft6poKSDrUAax%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952855957212170%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D63869%2526keyword%253D%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gclid=EAIaIQobChMI5Z2V4P%2DQgQMVvKB%5FBB0s8A6DEAEYASAAEgLWzfD%5FBwE
Requested by: Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=4389193&gdpr=0&gdpr_consent=&ts=7274952855957212170&kid=5609187&keyword=PACS_4787111_17068013&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvLkyE9P1ZKXIIrzB%5FtMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr%2DzAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk%5FD9wcKWNS7jQ%5FDv8nBcTY1M7uUBSnLmxyABJ%5FSRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1%5F0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc%5FMD9MfKJ9CZRTeL8%5F7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM%5FTn5UnyIlb8hGXWO8y%2Dcu24%5FRZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv%5FABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGF0yAooCOgKAQEi9%5FcE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE%26sig%3DAOD64%5F00zkwiba%2DYgSFDEC%2DPOhSonSKVSA%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DDbZ8i%5FMmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw%2Dj8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj%2D6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD%5FGqKv9Q%2DfEVdw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b%5Ffe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk%5FSvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn%5FIk%5FpJ595P%5FerZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn%5F3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe%2DuV%2DwNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX%5F7IbFogbAUPbeWKynKO835Ns%5FvoclPxQacYRH9yAUU3FHdpPZI%5FS2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh%5FLvP%5FanCa7Ofbkw5mBAUD%5FdBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5%5FxfWKfF%5FhuS9khTKT7jLLPHHwEYAv84AcG81%5Ft6poKSDrUAax%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952855957212170%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D63869%2526keyword%253D%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMI5Z2V4P%2DQgQMVvKB%5FBB0s8A6DEAEYASAAEgLWzfD%5FBwE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad2.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 29969dc94c7064bf3c9421055cf55691866807393f7d6d62c9d04ec06347e58d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 14:52:37 +0200
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 821ms
164ms XHR
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 02 Jan 1970 00:00:00 GMT
server: nginx
etag: W/"15180-17d52"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Sep 2023 12:52:38 GMT

GET
H2 200 Mueller_generisch_300x250_x_211022_ms.html Show response
imagesrv.adition.com/banners/268/01/09/6a/c0/ Frame 65A5 3 KB
1 KB 155ms
154ms Document
text/html 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/09/6a/c0/Mueller_generisch_300x250_x_211022_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvLkyE9P1ZKXIIrzB%5FtMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr%2DzAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk%5FD9wcKWNS7jQ%5FDv8nBcTY1M7uUBSnLmxyABJ%5FSRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1%5F0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc%5FMD9MfKJ9CZRTeL8%5F7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM%5FTn5UnyIlb8hGXWO8y%2Dcu24%5FRZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv%5FABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGF0yAooCOgKAQEi9%5FcE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE%26sig%3DAOD64%5F00zkwiba%2DYgSFDEC%2DPOhSonSKVSA%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DDbZ8i%5FMmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw%2Dj8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj%2D6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD%5FGqKv9Q%2DfEVdw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b%5Ffe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk%5FSvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn%5FIk%5FpJ595P%5FerZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn%5F3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe%2DuV%2DwNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX%5F7IbFogbAUPbeWKynKO835Ns%5FvoclPxQacYRH9yAUU3FHdpPZI%5FS2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh%5FLvP%5FanCa7Ofbkw5mBAUD%5FdBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5%5FxfWKfF%5FhuS9khTKT7jLLPHHwEYAv84AcG81%5Ft6poKSDrUAax%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952855957212170%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D63869%2526keyword%253D%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952860247657229%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17394368%2526c%253D28805%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMI5Z2V4P%2DQgQMVvKB%5FBB0s8A6DEAEYASAAEgLWzfD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 3571e28fd3fb67101767fff48755ca19aa191a8f6e32cbda87d091906c90fb6e

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
content-length: 1083
content-type: text/html
date: Mon, 04 Sep 2023 12:52:37 GMT
etag: "2232168756-br"
last-modified: Thu, 01 Jun 2023 08:55:00 GMT
vary: Accept-Encoding

GET
H2 200 oba_priv.sjs Show response
imagesrv.adition.com/banners/270/ Frame 55DF 2 KB
698 B 155ms
155ms Script
text/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7274952855957212170&btr=true&pos=top-right&cid=558342&aid=558342
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 1f74851d8ee68d23456ed670e8abe6d90ffcf2fbc5ecaa9079cc569ecdeeb51a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 12:52:37 GMT
content-encoding: br
content-length: 615
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 45A0 1 KB
747 B 135ms
135ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 5918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 05 Sep 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 55DF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e0117e56704a1637707d80612cb54644edf61ec715c3bb8d7458f1668a17f47

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B4F8 0
63 B 258ms
257ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3s8iFNP1ZJ62LLWZjuwP_fKmiAIAAAAAOAHgBAI&bg=!dXaldjnNAAYHwnCgJ8I7ADQBe5WfOPidUSNti5RcaRpvIeveww4ik6XyvpP8F4ZSEbNDTMZuFas9YqdNWMlt23cDuA6dAgAAAMpSAAAAB2gBB5kDEBKmVrYIwXQ2092Tdiw91vTF8iXcfrZgfWl0He8hyXhCevzDogStvsf_5rQrLG9_Vk8b9zaWpbrYw6XVBa5pHcKG4NTI27STI9cd7EGxozNocXzZRw6V0z5qQ4h57EGwbw9ObreCLRlxVOg501rUonKgWfhbAxj9SZLJLnY1AtjabKFvZt5xj7JC64RXI0WOM_EfQkMGFY_vfW66TBRbK7gUDtAavHMDqyBDzQ31puoNnjN9M3R1DYHky-0zcB34kzdGcrlE6ofVFwV8Fdj0D1RY_Rq1VWPAQr3wHPJkELfU3z69U3bgAEt5ggT0HMEG5mVutzqQHnOmY_meDgFkF2uDPycQtJAKtLnU9tFmCz_DST3Tk-Yv29wqQWb8OrA9Ms73bRGopbWo84D52Hs54KlFs0D1zzfbzNHEfcgbXWsDVtXAUHAjCAotfpywiUDFzm-TnI9uyX5GzC-rQZ0UnyOH5JdvMcVfHqtQbHMmxBnDwZulg71_obFjoAMtVzLMtO9Ov5ne83sVAAzVWqatHX_KPQHmC27NzSJpdRDUI5e_pHZmts6Q0NUcktQlk3Av1ScYwFLkpB4M5PLIeuAA0xvk_6XXfziiuehs98__xFeUAOjdLjiML9NVDHSh5i396_UGEFAjUBFJP0sMOwPWsJKPzdECGHVASHyTsmjakx8LrQFxY5qHg-8zY5l-7pGVKK9zJ1eEssdc2UmcfuPN5AJJgYIPhK5ZzuW2hQUUQm4x_zfrHlZ_JSVG55pJ2XQ7kf9NpB6UOXiaVFwcf3D8GItCyU-JE6TSMlVI91cy4wz4P0xkOiWfq9xS0SY6A0AyAx7XvIFiBrfmwPWoyv2A3QeG-iLbI_W-F2DRtvtLOkE4MFlK6ZJyRKMysIUWIfofWgYj0xz3oEP1SHHBOpvIRwaVqhSwqyTio8xPdeYkC9g_vn0rLHe29J6rx0dIdCkOOWJJ5WGh0rDi1Y74lZNUsP-oiZhNAYI1aiTvSDEFwJdQH_2JhPjFUnXd6WIWs4Lx5TLZ_VbIyBvHInd39ycLA3o

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4F6F 0
234 B 1613ms
526ms Ping
image/gif 142.251.133.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lm4vta6c&c=7481342093613&slotId=3740671046806.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.133.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: eze10s08-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AditionH5_ClickTags.js Show response
imagesrv.adition.com/js/ Frame 65A5 753 B
407 B 138ms
137ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/09/6a/c0/Mueller_generisch_300x250_x_211022_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvLkyE9P1ZKXIIrzB%5FtMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr%2DzAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk%5FD9wcKWNS7jQ%5FDv8nBcTY1M7uUBSnLmxyABJ%5FSRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1%5F0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc%5FMD9MfKJ9CZRTeL8%5F7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM%5FTn5UnyIlb8hGXWO8y%2Dcu24%5FRZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv%5FABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGF0yAooCOgKAQEi9%5FcE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE%26sig%3DAOD64%5F00zkwiba%2DYgSFDEC%2DPOhSonSKVSA%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DDbZ8i%5FMmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw%2Dj8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj%2D6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD%5FGqKv9Q%2DfEVdw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b%5Ffe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk%5FSvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn%5FIk%5FpJ595P%5FerZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn%5F3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe%2DuV%2DwNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX%5F7IbFogbAUPbeWKynKO835Ns%5FvoclPxQacYRH9yAUU3FHdpPZI%5FS2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh%5FLvP%5FanCa7Ofbkw5mBAUD%5FdBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5%5FxfWKfF%5FhuS9khTKT7jLLPHHwEYAv84AcG81%5Ft6poKSDrUAax%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952855957212170%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D63869%2526keyword%253D%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952860247657229%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17394368%2526c%253D28805%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMI5Z2V4P%2DQgQMVvKB%5FBB0s8A6DEAEYASAAEgLWzfD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/09/6a/c0/Mueller_generisch_300x250_x_211022_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvLkyE9P1ZKXIIrzB%5FtMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr%2DzAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk%5FD9wcKWNS7jQ%5FDv8nBcTY1M7uUBSnLmxyABJ%5FSRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1%5F0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc%5FMD9MfKJ9CZRTeL8%5F7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM%5FTn5UnyIlb8hGXWO8y%2Dcu24%5FRZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv%5FABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGF0yAooCOgKAQEi9%5FcE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE%26sig%3DAOD64%5F00zkwiba%2DYgSFDEC%2DPOhSonSKVSA%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DDbZ8i%5FMmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw%2Dj8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj%2D6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD%5FGqKv9Q%2DfEVdw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b%5Ffe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk%5FSvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn%5FIk%5FpJ595P%5FerZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn%5F3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe%2DuV%2DwNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX%5F7IbFogbAUPbeWKynKO835Ns%5FvoclPxQacYRH9yAUU3FHdpPZI%5FS2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh%5FLvP%5FanCa7Ofbkw5mBAUD%5FdBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5%5FxfWKfF%5FhuS9khTKT7jLLPHHwEYAv84AcG81%5Ft6poKSDrUAax%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952855957212170%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D63869%2526keyword%253D%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952860247657229%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17394368%2526c%253D28805%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMI5Z2V4P%2DQgQMVvKB%5FBB0s8A6DEAEYASAAEgLWzfD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:37 GMT
content-encoding: br
last-modified: Thu, 20 Aug 2020 14:03:40 GMT
etag: "1134380014-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 330

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 65A5 236 KB
63 KB 921ms
295ms Script
text/javascript 23.48.23.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/09/6a/c0/Mueller_generisch_300x250_x_211022_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvLkyE9P1ZKXIIrzB%5FtMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr%2DzAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk%5FD9wcKWNS7jQ%5FDv8nBcTY1M7uUBSnLmxyABJ%5FSRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1%5F0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc%5FMD9MfKJ9CZRTeL8%5F7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM%5FTn5UnyIlb8hGXWO8y%2Dcu24%5FRZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv%5FABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGF0yAooCOgKAQEi9%5FcE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE%26sig%3DAOD64%5F00zkwiba%2DYgSFDEC%2DPOhSonSKVSA%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DDbZ8i%5FMmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw%2Dj8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj%2D6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD%5FGqKv9Q%2DfEVdw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b%5Ffe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk%5FSvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn%5FIk%5FpJ595P%5FerZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn%5F3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe%2DuV%2DwNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX%5F7IbFogbAUPbeWKynKO835Ns%5FvoclPxQacYRH9yAUU3FHdpPZI%5FS2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh%5FLvP%5FanCa7Ofbkw5mBAUD%5FdBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5%5FxfWKfF%5FhuS9khTKT7jLLPHHwEYAv84AcG81%5Ft6poKSDrUAax%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952855957212170%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D63869%2526keyword%253D%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952860247657229%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17394368%2526c%253D28805%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMI5Z2V4P%2DQgQMVvKB%5FBB0s8A6DEAEYASAAEgLWzfD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.48.23.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-33.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:07:38 GMT

GET
H2 200 Mueller_generisch_300x250_x_211022_ms.js Show response
imagesrv.adition.com/banners/268/01/09/6a/c0/ Frame 65A5 51 KB
9 KB 138ms
137ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/09/6a/c0/Mueller_generisch_300x250_x_211022_ms.js?1674744172280
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/09/6a/c0/Mueller_generisch_300x250_x_211022_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvLkyE9P1ZKXIIrzB%5FtMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr%2DzAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk%5FD9wcKWNS7jQ%5FDv8nBcTY1M7uUBSnLmxyABJ%5FSRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1%5F0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc%5FMD9MfKJ9CZRTeL8%5F7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM%5FTn5UnyIlb8hGXWO8y%2Dcu24%5FRZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv%5FABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGF0yAooCOgKAQEi9%5FcE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE%26sig%3DAOD64%5F00zkwiba%2DYgSFDEC%2DPOhSonSKVSA%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DDbZ8i%5FMmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw%2Dj8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj%2D6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD%5FGqKv9Q%2DfEVdw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b%5Ffe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk%5FSvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn%5FIk%5FpJ595P%5FerZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn%5F3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe%2DuV%2DwNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX%5F7IbFogbAUPbeWKynKO835Ns%5FvoclPxQacYRH9yAUU3FHdpPZI%5FS2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh%5FLvP%5FanCa7Ofbkw5mBAUD%5FdBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5%5FxfWKfF%5FhuS9khTKT7jLLPHHwEYAv84AcG81%5Ft6poKSDrUAax%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952855957212170%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D63869%2526keyword%253D%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952860247657229%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17394368%2526c%253D28805%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMI5Z2V4P%2DQgQMVvKB%5FBB0s8A6DEAEYASAAEgLWzfD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 566a1491128d9452b38912ed8a0f00f2ccfbff07df847255c51fa95437fc926a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/09/6a/c0/Mueller_generisch_300x250_x_211022_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvLkyE9P1ZKXIIrzB%5FtMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr%2DzAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk%5FD9wcKWNS7jQ%5FDv8nBcTY1M7uUBSnLmxyABJ%5FSRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1%5F0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc%5FMD9MfKJ9CZRTeL8%5F7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM%5FTn5UnyIlb8hGXWO8y%2Dcu24%5FRZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv%5FABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGF0yAooCOgKAQEi9%5FcE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE%26sig%3DAOD64%5F00zkwiba%2DYgSFDEC%2DPOhSonSKVSA%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DDbZ8i%5FMmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw%2Dj8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj%2D6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD%5FGqKv9Q%2DfEVdw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b%5Ffe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk%5FSvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn%5FIk%5FpJ595P%5FerZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn%5F3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe%2DuV%2DwNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX%5F7IbFogbAUPbeWKynKO835Ns%5FvoclPxQacYRH9yAUU3FHdpPZI%5FS2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh%5FLvP%5FanCa7Ofbkw5mBAUD%5FdBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5%5FxfWKfF%5FhuS9khTKT7jLLPHHwEYAv84AcG81%5Ft6poKSDrUAax%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952855957212170%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D63869%2526keyword%253D%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952860247657229%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17394368%2526c%253D28805%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMI5Z2V4P%2DQgQMVvKB%5FBB0s8A6DEAEYASAAEgLWzfD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:37 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2023 14:30:41 GMT
etag: "3339604966-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 9228

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 45A0
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEKmUn0q7s5VjMyGQ27uLmCo&google_cver=1&google_push=AXcoOmQyhc5UC96uig1AFJidcseuog6b651rCska_o381W-ak_bFO-sZIkAAeRQwq8VEYDHmAU8D0uEAR5dAm0t3qXp82W9JD...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823004513490

170 B
188 B

190ms
189ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823004513490

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823004513490
content-length: 0

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame 45A0 43 B
641 B 1537ms
571ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEG3GAtBimKaZ1hSF7W6QixQ&google_cver=1&google_push=AXcoOmRJ7CwBiH_nUGYAE0kkFLcLhOr8gm4qPy6xeARGT2Cp9nsG7XuFqtez0pnf9hltt_VsC5x43U8AEu83q-IjrzDWL82n4Lssk0oKBA1fZlKzkNIjp3sjC6uQJeHYJKb0P_H6bZGwW5dO7D8oUO2hgHfe

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 12:52:39 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 45A0
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEjE9LvoqjU5ohSst6dl8sE&google_cver=1&google_push=AXcoOmTCntJxXlzuCJRRKxsuJdLYMMr8JwKTMUxNcuyJeZ8Z-rhod-2-rc7zFF21Dp_Q3NQO0oFvyQIHFxlMDNW...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=2zNv3FvXQDhs4QVahYkzZg&google_push=AXcoOmTCntJxXlzuCJRRKxsuJdLYMMr8JwKTMUxNcuyJeZ8Z-rhod-2-rc7zFF21Dp_Q3NQO0oFvyQIHFxlMDNWhkFf...

170 B
188 B

222ms
220ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=2zNv3FvXQDhs4QVahYkzZg&google_push=AXcoOmTCntJxXlzuCJRRKxsuJdLYMMr8JwKTMUxNcuyJeZ8Z-rhod-2-rc7zFF21Dp_Q3NQO0oFvyQIHFxlMDNWhkFfRRMJuxpiRYjs2cg0nQegBVTyzewoWZYQ7h5wfJ4D0pzDlup4xgYl75pbCA1AMqVWK

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=2zNv3FvXQDhs4QVahYkzZg&google_push=AXcoOmTCntJxXlzuCJRRKxsuJdLYMMr8JwKTMUxNcuyJeZ8Z-rhod-2-rc7zFF21Dp_Q3NQO0oFvyQIHFxlMDNWhkFfRRMJuxpiRYjs2cg0nQegBVTyzewoWZYQ7h5wfJ4D0pzDlup4xgYl75pbCA1AMqVWK
Date: Mon, 04 Sep 2023 12:52:38 GMT
Connection: keep-alive
Content-Length: 293
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 45A0
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKzem3AFrU6EncCUVO3sN34&google_cver=1&google_push=AXcoOmTjK1OA70pibucnxfJP7BPCzP4PJpOSeNhpr8RR7fmpolSqbQlxB077y1JwJ5F9plXE-IspO84W5I5ADvw1J9r_JTBZjr...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTjK1OA70pibucnxfJP7BPCzP4PJpOSeNhpr8RR7fmpolSqbQlxB077y1JwJ5F9plXE-IspO84W5I5ADvw1J9r_JTBZjrB...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTYxOTI1ODEyNzIyNjkyNDc1Njk4Mw%3D%3D&google_push=AXcoOmTjK1OA70pibucnxfJP7BPCzP4PJpOSeNhpr8RR7fmpolSqbQlx...

170 B
188 B

149ms
149ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTYxOTI1ODEyNzIyNjkyNDc1Njk4Mw%3D%3D&google_push=AXcoOmTjK1OA70pibucnxfJP7BPCzP4PJpOSeNhpr8RR7fmpolSqbQlxB077y1JwJ5F9plXE-IspO84W5I5ADvw1J9r_JTBZjrBsC1ipeUER_qrcnjGHBdzQFYtugbtrWpWrlQQP1do-5brL0EkIl6IOC3qz

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTYxOTI1ODEyNzIyNjkyNDc1Njk4Mw%3D%3D&google_push=AXcoOmTjK1OA70pibucnxfJP7BPCzP4PJpOSeNhpr8RR7fmpolSqbQlxB077y1JwJ5F9plXE-IspO84W5I5ADvw1J9r_JTBZjrBsC1ipeUER_qrcnjGHBdzQFYtugbtrWpWrlQQP1do-5brL0EkIl6IOC3qz
date: Mon, 04 Sep 2023 12:52:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 45A0
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEBnW4UpiGAncrm-D-5D-LrA&google_cver=1&google_push=AXcoOmQTE7h-1_5AjRKJkbRXKgYwn-0ug0mVyEFy_sPEd4w1sctLtseUxwzZZj2ruprlrQ1_ho76xqrYaz1Kh5mzU9kdTN75N...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM2ODMzNTU4OTA3NDYyMTAwMFYxMA%3d%3d&mn_hm=MzM2ODMzNTU4OTA3NDYyMTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQTE7h-1_5AjRKJkbRXKgYwn-0...

170 B
188 B

377ms
377ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM2ODMzNTU4OTA3NDYyMTAwMFYxMA%3d%3d&mn_hm=MzM2ODMzNTU4OTA3NDYyMTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQTE7h-1_5AjRKJkbRXKgYwn-0ug0mVyEFy_sPEd4w1sctLtseUxwzZZj2ruprlrQ1_ho76xqrYaz1Kh5mzU9kdTN75NGNUKO_9KnsLE6cMzqQlUetssYMaapGdxSVIQXT3rOOLDOHKLpzFTrapLLQ&gdpr=&gdpr_consent=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 12:52:38 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM2ODMzNTU4OTA3NDYyMTAwMFYxMA%3d%3d&mn_hm=MzM2ODMzNTU4OTA3NDYyMTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQTE7h-1_5AjRKJkbRXKgYwn-0ug0mVyEFy_sPEd4w1sctLtseUxwzZZj2ruprlrQ1_ho76xqrYaz1Kh5mzU9kdTN75NGNUKO_9KnsLE6cMzqQlUetssYMaapGdxSVIQXT3rOOLDOHKLpzFTrapLLQ&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Mon, 04 Sep 2023 12:52:38 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 45A0
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEE8I1MAzIONFZGMoMU3_Oa0&google_cver=1&google_push=AXcoOmSTRcqk_l5NJqKWzebavtAfvVQeRALNIIYtGsSdyYCG3fXKiaF0h...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSTRcqk_l5NJqKWzebavtAfvVQeRALNIIYtGsSdyYCG3fXKiaF0huiSivG3q0XsnYP56Acuau-KDSYqE1sXdHhcEbjPFcQLzTx0SSakZlZtA3vbWRRXUBSNh9VE-...

170 B
188 B

453ms
453ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSTRcqk_l5NJqKWzebavtAfvVQeRALNIIYtGsSdyYCG3fXKiaF0huiSivG3q0XsnYP56Acuau-KDSYqE1sXdHhcEbjPFcQLzTx0SSakZlZtA3vbWRRXUBSNh9VE-Em55WzWt8YzXcJEfiEKSOldEq1OdQ&google_hm=QlMuYmU2NS0wYTE5LTQ2NjMtYmE3Nw==

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSTRcqk_l5NJqKWzebavtAfvVQeRALNIIYtGsSdyYCG3fXKiaF0huiSivG3q0XsnYP56Acuau-KDSYqE1sXdHhcEbjPFcQLzTx0SSakZlZtA3vbWRRXUBSNh9VE-Em55WzWt8YzXcJEfiEKSOldEq1OdQ&google_hm=QlMuYmU2NS0wYTE5LTQ2NjMtYmE3Nw==
Date: Mon, 04 Sep 2023 12:52:38 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 45A0
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEAASdZtJKS-dqk1PYrmVmNk&google_cver=1&google_push=AXcoOmTveV11E2UEIuw11m38EaeJvZji55Wj5eUai1FqC9j1P9rkVsw8HGDg1BbidTkhzrlBsLzPlWPbsWjgbg4YizV_DOD763rW6WsO...
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTveV11E2UEIuw11m38EaeJvZji55Wj5eUai1FqC9j1...

43 B
1 KB

579ms
418ms

Image
image/gif

162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTveV11E2UEIuw11m38EaeJvZji55Wj5eUai1FqC9j1P9rkVsw8HGDg1BbidTkhzrlBsLzPlWPbsWjgbg4YizV_DOD763rW6WsOQ-NV9UnUBb9lV-lry1UTsYv5WEzQ4hP5kh-zscvUgDAfNX_J3GmNsQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804

Protocol

HTTP/1.1

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 04 Sep 2023 12:52:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Mon, 04 Sep 2023 12:52:38 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTveV11E2UEIuw11m38EaeJvZji55Wj5eUai1FqC9j1P9rkVsw8HGDg1BbidTkhzrlBsLzPlWPbsWjgbg4YizV_DOD763rW6WsOQ-NV9UnUBb9lV-lry1UTsYv5WEzQ4hP5kh-zscvUgDAfNX_J3GmNsQ
x-download-options: noopen
vary: Accept
content-length: 329
x-xss-protection: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 45A0 0
12 B 123ms
122ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K24Sy9LzETAJUHX6_SXmXeMjnEyQmoYt_UwF5JV0jbM9meTk1OfHoL6DmdyPUCkJJKKiSScVA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adplayer_privacy.sjs Show response
imagesrv.adition.com/js/adplayer/ Frame 55DF 20 KB
6 KB 278ms
278ms Script
text/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7274952855957212170&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7274952855957212170&btr=true&pos=top-right&cid=558342&aid=558342
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: e05fc3ffe40c7b5e3001d71707f476dd91e2b00bcafcbdf303b8a920d781b968

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 12:52:38 GMT
content-encoding: br
content-length: 6042
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 19AB 0
40 B 147ms
146ms Image
text/plain 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HjhxRA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 video2.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 340 KB
341 KB 151ms
151ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video2.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 89ed9b4a17a685a30f2f8f46a6749bf5ed43a3fde2ee34845be82db018b261e5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
cdn-edgestorageid: 756
cdn-storageserver: DE-587
cdn-cachedat: 08/18/2023 10:37:58
cdn-pullzone: 829957
content-length: 348552
last-modified: Fri, 18 Aug 2023 08:17:59 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 647
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 2d15abf11c187d787a099b5c57d53e70
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 1513 0
38 B 212ms
212ms Image
text/plain 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?r0PQJA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38F7 0
63 B 327ms
327ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwcRIFNP1ZOv3MdKA3wOumLbgAgAAAAA4AeAEAg&bg=!YWKlYi3NAAYHwnCgJ8I7ADQBe5WfOAbwDLkBsz0YZyqk3sZj-enK2YgvzEDR7iK5M0JLWpT2gvhieUrr4HsK6UX5pRRbAgAAAMtSAAAAB2gBB5kC-I7KPNdHAlp36Z9XZZVRY2nFopJWyfA2SB6PkbsjcsGqz57_1MVhiKcKBvzxv-fte20wm-6Xx7FZ4cNapvcAyR4reN8L1D2cgCyParqvvwkbucI0XrSjt5t3GcdO3yH6JDaE8fnHuJeJUBVmoSZ_GkrobYuBF0B9XP4FDJPNlKtV4EWdMyxjFVEq9MT91u3QA5aHd7RqzxFQUezvPtzEzIRMHVSd1y1-_OD0ZaFAmfmkxYd8WfKau6wyD6TVqcJRUba7vEUfb9ux-VRSo3RNcj4xEKT5qLn8_7pkbnyXoP1bPouhCJHkuN2hzMr0qYcc1zP-SycB6xV3eSTe5t9-ADYoRtkRwsV2lTmqrw9oIJS3jnjO70odJunD4vJQk0_MWLlSUISa4S-wVYF3JxXlIQPZncT8W3koh3Yl3yHSQ-lPoqoEbWI3K67wqyzSdYUIWDUmIIdRBVZVfeWCB9eBKp52UGnHONW_PYKy5OXqYh0MrhdN6HL_U_yQcIjNJUBVQoB03EKTxp-qqkAve0z5XbWL2Ci-yJE2FTOrL58XuuMdDvvNCiPMIszHiTEm193jH7d4x6McC20sFWJf2j5cUWe4c3EpKTbEVH4bS53ut4Xc9WegAJBLEh2CZiW8u8cO9_Fibtw0QIC_nrhOwloDHxWpO1-eYWECMbBPFk7R_wNSiylXd38Ay8iyFwsLQ2AhJG8dC8_Qe857Zp_RiDmtmhPYt3QF6tvFeWEWk9pgUtoNhjpzAgV9mNkVHiomOZyGdrbVr9HVh7Nw3JY_0SUYhhSFUD3jZolQgNx0xkXe3Y7_pKKPPPaIEYJ3mlkHbyvZLPPoLXu_OPRoeDNd7ePj7CpAq2nVtPENZfiZ1OUfHNAYVuowrXI2cvfcpqqMSg7FIku9ZEVHmjkw2_upDWACi-vWQXTuOPwLIvifzt0TU8IfagaM078-2UrIuIrwa0wmJpe1Gk-r2NXIAhsUVDiUOmUTKaxphqDRzlnc9XC45UQ0C4ad0lel5CI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A6E1 6 KB
3 KB 116ms
114ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:35 GMT
expires: Tue, 03 Sep 2024 12:52:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A55E 0
0 190ms
190ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste_VS_n44qOErktRiwrUT1fs_FYNktaC7WMR4ALsa_eHUUL-9ZBdw8F8SpT2N8eHc21VtHqlYL4qCstxoPWMsAAKFCoB33CB0iecpteb4YXw3iHE2fnjKal1kDwQ00lKKXSXFbGWpth5jH1qXhIB1oPvj-7ZxRFcStbJi11e10y_EGPnUZAH_L9V6vvj25K1tUutJOhtKASWo-ZGv99YSHWoubZa2RVmWB8f2Kj35H11mBWZC1sz45nY_JzQAMdpqUAcxpJxA4lrnac7ZL6G3OVlqkr7rJgoHcyrDWyvo5s9n7QdtBJBenayebcKsRj1k&sai=AMfl-YTsb4MtqKZ8K9udPSOiQHi_MVB4Rl4pct9SdrjCdP6za0tlkzKeVDxhqwmrQm8KHR6x1qthzRYKrWZLKaoN7dcv-eSxllOgR-a5Pa3frWfUdZ1rKAsUE8zt852FwiI&sig=Cg0ArKJSzBEAELgO0PwEEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST logs
http-intake.logs.datadoghq.com/api/v2/ 0
0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D638 287 B
176 B 188ms
186ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjX14jGATAB&v=APEucNX_GjhMmAXBayey8MMHMyh7_sVrnf7eMi9xxgGdquQad6Mdu8Jm7vMOYTmg5wBOYPfoY9of7Wnn_AspkekVBptJZhl0fK_XL0b-9O48JHT2Tk1w1qA

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54fceb645bc52a6e4d261bae97e40d4b3fd1307d8b1ddc1845307214605fe0ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A55E 86 KB
30 KB 243ms
241ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:38 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame A55E
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=e0d0cda8-b2f5-4ee0-93c4-4a27373150c8&google_hm=ZTBkMGNkYTgtYjJmNS00ZWUwLTkzYzQtNGEyNzM3MzE...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELFYVrkqWVkGYdTfSuJ87M0&google_cver=1&ssp=themediagrid&bsw_param=e0d0cda8-b2f5-4ee0-93c4-4a27373150c8

43 B
145 B

552ms
552ms

Image
image/gif

18.196.96.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELFYVrkqWVkGYdTfSuJ87M0&google_cver=1&ssp=themediagrid&bsw_param=e0d0cda8-b2f5-4ee0-93c4-4a27373150c8
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Server: 18.196.96.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-96-246.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELFYVrkqWVkGYdTfSuJ87M0&google_cver=1&ssp=themediagrid&bsw_param=e0d0cda8-b2f5-4ee0-93c4-4a27373150c8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCHwN8EtP1ZMSvOfKvmLAP5NOZyAvn6cObaZzPtovSD5EvEAEgg____3mH2D1jb...
media.grid.bidswitch.net/imp/kaujUotQLrKW5Wlb8NGNdOcutvSz7k4BkMtBj6eCsxn6-4uXwbEyTeHHOjjHcYUrDlQq9P_Zwc5pv7qOxcH1JsOYE6WLbwi5gNbLmJ0B2XO_Ve9qTYYZAQMGxkISVuY1wsHPwY7LtG010kXEEH8sFWndLpLCpi2R6gyD7Wm4... Frame A55E 43 B
196 B 448ms
109ms Image
image/gif 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.grid.bidswitch.net/imp/kaujUotQLrKW5Wlb8NGNdOcutvSz7k4BkMtBj6eCsxn6-4uXwbEyTeHHOjjHcYUrDlQq9P_Zwc5pv7qOxcH1JsOYE6WLbwi5gNbLmJ0B2XO_Ve9qTYYZAQMGxkISVuY1wsHPwY7LtG010kXEEH8sFWndLpLCpi2R6gyD7Wm4unh-h0rX59qbs0hi4WTLz7QZrR1GCMr1VBEf31NvGrYvkBiZullVYG9zLJVGhM17KygZaiO8mCnFDwiPP-3c-1GTPnwtGt71ZN0eRJNFNGDwa50nobzs9MT3uBcQaGQfPOux--EnCuI8fhMa24A5EqIdFKhmMyATOwHYGE26d2HiWljhitxCH3sehBHttRg6Op0fpl1O-FBDNerpzX04v0YrhqyqlHUFnXuyxeVn1o-H516yWWONYd9QbhvDSwB21UWAMxDf-SoI-_sij75G8MTcUdqQmJpUIE0Jp5hePsrwkLo7wbKm4fzviJbRgub29wSuLjIVFxqH-W2lPjcXlI-IYp7tA_3YFL_8YvJUGiTbfWlmRbNoATIm3oP3zwJeOrfom_MBLUrChId64zUkgLw9m19V6YvSXHBC7AF4UBjd_lTJ-AXOKxTy5xfZ8XzqVoi2drm8CIBmUp4GKbdE1jmzLxkAdwiIWzVJC8D-7RJM3C3smQdCeI7TQ-b1kBIB5ErE9YSLbJDn1K6Nl62xRFk5pAEXj3iIZjT008QdhceMkjnltn8NktU3ylIFaqh1DepXApr3UU5kYt2iizKx8sg2I9frh8wyl_KC9rt3lg4btdNj3x0B-UU8m4WH65h1NKvAnB5yAcr7q-s2K9Lw-V-N3RHQn3fxKjyyZCnJUx_dL3sID5Mv8AS2NvymoISSoovgKOQLJvgX_7BZybqVgG3fDYtJuSWYDPNzJOsQlmBym_afGSjKPTonh7gJokfs88L5YVbCsIJMVN78O4hgkHVNNojEBIqHZNJmRyuciMCXNXpVxWqmhXDipXzv9E3NFoRvfBKazR9Rqk6kgX_KgbuUglfKS3nKq6Hoj76AWXg8bhDTSu8gbjiPrmP7bCQijlgzTN7ZAhmYNLUbjePy2998o8UMhmEjYLd4/billingq8wT3K0HtVKzHGISGZ6aBtRo9olw2V73upYFl6DRHZYHhAg0/https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCHwN8EtP1ZMSvOfKvmLAP5NOZyAvn6cObaZzPtovSD5EvEAEgg____3mH2D1jbuBmATIAQmpAt5wzfFwHLI-qAMByAObBKoEhgJP0Oq6bMW8sQWKGKjKUeENLTcEnaF5YD8jSD4K2NJ0wmWtffT8ejKyfPbH0t____22eTtPIfydHyZwmipwzk____fNZJb94eIHVsWB6KNt4L7vgKkzR9cRYVB5PsWJWMedcYJ9rO2bDFwPy1TOWCzFrRnngR46hJNHpxQ6RNQdNU2G4VoNcmQRYNmDwA6hpNolYOr1lG5la____GWboUQme0cH1stkZipBS53Bx7bLiJuQ8FgoRIlR-aK1JCB4de7MXwpEwcAQ2Vuuvo____0O____wJZxQ6m6lAv1buCFBGCQ4kMs0PYi2hAet7ZNOslNbgNE47LaXYaOvKpGoFNbckdCdJosQMNue4iRJfbgCkmwATq272N____APgBAOIBbGf5v09kgUGCAMQARgBkgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB____6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEJ2tBBjX14jGAdIIFAiAYRABGF8yAooCOgKAQEi9____cE68ggUYmlkZGVyLXRoZW1lZGlhZ3JpZF-aCRxodHRwczovL3d3dy5zb2JlcmJlcmxpbi5jb20vgAoEyAsBsBOVtdEOyBPJi9rfA9ATANgTA9gUAdAVAYAXAbIXCAoGCAASABgA__Jsigh__R0zxvC-0HXp0__Juach____m__R__EUACH__F__Jase__R2__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSMgBpAlJWNXYsYpmsByWY28____tuUgCE7Q6X-YKbaNUTa55j9EolLADrQwdNm2HBEuvliisGAE_B1jPO__Ve46BE4djumG06HQ7Fl9A__8qw7ZTZ7RvGL6q1APGWM4vcMonp2054QkukOLvvwrlQP905JulLQvB9mxq2AawodAno7BGE4hIsEwX5AV3XK-u5ZYqVRsOkb____j__n02gonqo52bxAWE-CqJp7bo4q05g8CzReWZTqwm7__zByBrgL0Pjfjwo0__i1CgC9luIJ0JsxkLs-QBirhi32Xwg0YmKF6-5-ds-9azWXYERmKtvNrZfEyXnV8VLQQnBGRdRD2xyb2dHkZM-Eum0RI8RFd6b2y2OTsw4-nfxIePKTO3iCHal2GauOOWUv__RIIFipYcbcauPN2fXj9xqfy2Onx0wYgIMnQ__6IToTpvb59Oj1FHovelxgL3v7DaQP9WTavwXzPUXQTuZ6tanp5IelBLqIKy0gXMOf2FifIf7YHC-e2OEuir__nrvwHmfxGb8T1w2qRIT8nEcLlsKsB6RpINVmw-HLagwuo2UO3H8cnEPt8mdgTGoR4xFgyLhBEqNrvQw3ADc5QIC20iQ7pDWCsy8gE14KxggmckZ1ziktRswRACmq3GRhvnPn0B2wPDbgQkXdlTUjGoabHTLJ0y-pZ9wIbLGGx24Cae6xtAcFWEXDhlIxM4ETOi444ZStzsEww7COAwYKNZIxlEWY__CQbco5ggoufX-pyPx35cVxBxgXxGXROWkJbmGQbQQ__4qKglUkJBoJl0Behuy8VdeKd-U9o8saqr5DXcg98QKpqBJhEmQ6YVmABnOmry9KcBY5BZHStrZ44Gs-AJFLExKZkfJ__Z1eoSvM-PpaOH1xRdEd1QJK0aG1US1J-wwXRwEhQYJJSWl-DjBh8eT4XRoEkyVcJ280UlM7DcDiq5__liI3ivAkA4-DPTLufEr2jWPnLnVimwXE5-VH8KnWZ9JAA__LNizqL3w30tkEEHSnJQYOSH__LVU8MrnQCZ9532yHMmN3ov8lMpJiVayYw8m5TpNixl-VSC1zhqvENAq8__w1yViZIYS0FbF-M87oemEbFEuItmsbYrYVgJdhL7k68ObVKfYy0Gg2y41SuX6SRwmR67soFmgYWR7ByeXqKUbtu9r__ca1sGkCzBlGnWFWZ__2DZ2WFOOABiDCdct5h1IlKqTaNxPtnQNATFdtQr__-f-o9iAQV2-lGeRLP0B8mAkNSs_B
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 12:52:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 43
Content-Type: image/gif

GET
H2 204 cookie-overlap
grid-mercury.criteo.com/notifications/ Frame A55E 0
122 B 614ms
121ms Image
text/plain 178.250.1.39
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=bg3.co&bid_id=eece154a-7b5f-4fac-89ab-9f9a409dc6a8&ads_txt_id=GJXPHY&has_bsw_id=0&bid_price_usd=0.06417

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.39 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A55E 42 B
114 B 249ms
248ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BI7krxENu-JcxcjHrqF1t42Xw9pDFntjWSHrajRXstoSHTr3esf2K7eWgASwaoIVxlyaf66e8W6d1rVkxLAoPtjDzZhm6a1Kms2FUM8eGY9sP3yPU

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A55E 0
63 B 250ms
248ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13487448795965191878&x=38&ct=77

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A55E 181 KB
57 KB 179ms
178ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:38 GMT

GET
H2 200 aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
308 B 135ms
134ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9mYS1odWktamluLXJvbmctY2h1YW5nLXhpbi15b3Utc2hpLXpoZW5nLXlpbi1kYW4teGlhbi1zaGFuZy1waS1saWFuZy1yb25nLXppLWRhbi1iYW8taGUtenVvLW1vLXNoaS10dWktY2h1Lmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS05YTI0NzgxOC00N2M0LTQ1MGItYjUwYS03ZWE4NDMwYzAzZDYiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwNTQ1NDQ1MDAwMDAwMDAwMDYsInJlc3BvbnNlVGltZSI6OTM0LCJuZXR3b3JrUmVsYXRpb24iOjF9XSwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJ3aW5uZXIiOiJhZGxpdmV0ZWNoIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAwNTQ1NDQ1MDAwMDAwMDAwMDYsIndpbm5lckFkVW5pdElkIjoiNzdjNWQzN2U3ZTQxMDI2IiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOls1LDNdLCJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiIzMDB4NTAiLCJwcmViaWRBdWN0aW9uSWQiOiIwMWZhNTUzNC05ZDIzLTQwOGMtYTE1YS01MzVkZTNiNjg1OTQiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=9694.5
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 adplayer.min.css
imagesrv.adition.com/js/adplayer/ Frame 55DF 3 KB
1 KB 151ms
151ms Stylesheet
text/css 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7274952855957212170&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
content-encoding: br
last-modified: Tue, 30 Oct 2012 15:33:13 GMT
etag: "524465627-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 918

GET
H2 200 video3.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 344 KB
345 KB 134ms
134ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video3.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 36d1268298a6da877a354aa0afefa709bc3c35e373d547d04ea67943b6aba853

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
cdn-edgestorageid: 1053
cdn-storageserver: DE-661
cdn-cachedat: 08/28/2023 19:09:50
cdn-pullzone: 829957
content-length: 352124
last-modified: Fri, 18 Aug 2023 08:17:58 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 635
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: bda20b0aa68571f2fd9a2f829f76b46c
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0931 611 B
318 B 193ms
192ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNUCNwj9B15BzjICOGiDijSrH1SIuZU8DJtvLpQGFGqW7aWMgxq0JdUIOziHduo55iu8LBx5v8xWJPtLDTHtkn_GC_tepg

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A6E1 86 KB
30 KB 332ms
331ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:38 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A6E1 42 B
114 B 259ms
257ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ceh8U2MqvgvCByKabe76Yrr99ymGYFqll6fiJuvBbmbPXKe_WYOqq1ZjNrwW5AtAHXLwbx4rce1vXZou8dD8uTcbCXYAaxs5L2r3be7WuD5f4DJ4E

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A6E1 0
63 B 230ms
228ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13981052834583628654&x=1&ct=77

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame A6E1 32 KB
8 KB 143ms
142ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad4.adfarm1.adition.com/ Frame A6E1 3 KB
3 KB 144ms
142ms Script
application/x-javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/js?wp_id=4787111&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CdN9MFdP1ZMfYKs2j7_UPmvOL-A6t8KXecp-e6LGIEdq24u-aOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC_GyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH_WtLt_eI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d-OROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v_wMudxSQtzbdHOlrHRFi4mbtUMjx_CPlGw5FozekRKC1uyAFv5K8-evhF9-w_Zs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW_YsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB_DrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE&ae=1&gclid=EAIaIQobChMIh7eX4f-QgQMVzdG7CB2a-QLvEAEYASAAEgIGkPD_BwE&num=1&cid=CAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g_u3x8hgB&sig=AOD64_18ovVlEVRNVhVt7sD_Xe3OYNNr6A&client=ca-pub-8933329999391104&dbm_c=AKAmf-CfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM-fLQfSh6KgItvqNagcsSCrxYadsy_rmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG_0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT-rb-U9A3RqMNQ5m0MuJxKAT9WGNgQ&cry=1&dbm_d=AKAmf-BD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7-70dzX4Dgqz32Tx5SQK-w97Jl-oeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b_Fq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ_LEArk68sHM1R2NNc-ppk85wur7BFq_SUJDETHoQz0uDRyphmBqdh5t4Ie-xpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF_h9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5_XXS5IScbG6Q_ET1K06nnDxO5T8NvovWWgd_Xi1QKhZ-NsnDny0WoX3zzcKRQ_k3ySFOYNJEvgNeBuKAWv8XMp5Qjre-yItri__5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH-LISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh-YEWOM&adurl=
Requested by: Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 1962b6fa7294e75fc3ceed3e56e27d910d4cbdcc0648843932ef2e52abaf4fc8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Mon, 04 Sep 2023 14:52:38 +0200
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame A6E1 3 KB
1 KB 142ms
141ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 07:44:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame A6E1 20 KB
8 KB 142ms
141ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 13:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Sep 2023 13:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A6E1 0
0 144ms
143ms Image
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQtMIV0ecPzJctAtYIJFdmG3QcfdR0tfrJrWHUmBn1FtfFwht-VaEpgXAeXhfmP-ehIKNMd1p4crm0y9xT9VpjmKhXoQA
Requested by: Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6E1 181 KB
57 KB 206ms
206ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:38 GMT

GET
H2 200 oba_icon.png
imagesrv.adition.com/js/adplayer/ Frame 55DF 3 KB
3 KB 159ms
152ms Image
image/png 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/js/adplayer/oba_icon.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 12:52:38 GMT
last-modified: Tue, 30 Oct 2012 15:33:13 GMT
accept-ranges: bytes
etag: "502461915"
content-length: 3262
content-type: image/png

GET

/
ads.smartstream.tv/cm/ Frame D638
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEJg9y6lL3gsY6sqMFcqRpKU&google_cver=1

0
0

GET

sync
ad.sxp.smartclip.net/ Frame D638
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEAPtLe4HHmqRlkorWrjo8Gw&gdpr=0&google_cver=1

0
0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A55E 0
63 B 346ms
346ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5039924023510&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A55E 0
63 B 345ms
345ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5039924023510&version=m202307240101&ct=77&x=38&cor=13487448795965192000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A55E 18 KB
13 KB 190ms
190ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DC9LUYShQvydMS6d6rc9ipVWjJRNF6LWSz45o6a1-jysjYYDDJX-Rdmi8x0GJ7EKL6mIyDEJI-oQRr0dAVuwvrsSOusU2FHF0v-7qdDrfVtzaz74y2xmNR3Nd4N9CWRcosXGXtEUHc4MO39faBjwmxzPadTL_gkWp4tV1jcDjs1-IPUtI&cry=1&dbm_d=AKAmf-AGIg3iJLiLziW6Pf-wgMaqo8g3fqjQhK3Fdf2jWL31Bvf25lOBPkG3DMZ_T2TwWRBWAn40AxSuFVoYOjhQrFZSCIR2yofgSO_jSOaURR7f0f9OlkXkWH9XJX3nMHbbFhwLPlZSm6KEW-HS0Vevbyj7AeOgdsKCzJZzqoaha-1qGPR3RVnjwlSZ4rwhF-XfIdN8MPo9ug0C9Vf2ckhq05kLYwgBDrP9rn6yAxU8ggFRYyfF6j7pUsemnCywYLnpUPusew5rRX8dzNKggS__bP-BVAcf46lvwFQU4SDCa09Jp65Kj2uj43oVj1L5k72OFuMIvw7N3tqkjKD1YS9ZjdhwvefzsLhz-K3lnthE-r1MyVqD47oR8S8EQ-UyWrQO8azCCcjVJvLfK2HcX8C15uHbnVagMCYl5npiIi5eicoOwqwIWIOa6KSxcdQW72TOdbilk7q9IsHeeSTXzvuMZSkCB-KGmVKGcFaWTb9j1ItsYiiRAnmQBC3mlSRp-AlnBk53d_ITtv4J25HSoq4bdDDPfScUTkdS1Ick5Jkfw7-_jMA5854k4tKUUK3dEmmP-V8F_IpXTDpa91mxYgw8923krUunCSCRQ5LP9qpI7OGP1aX7QyOMjLMLm-cHhScTOgBWvMMTuGySseG7rsJquvfy5MuVRF0icXOZ3sx_EiB5L7_LA_r1zxoFnm1TpGORt5T7lXE5bgfoDVz-NpRRPnhGfHq9LyToNMmqw86fYJ4y8QDumQJ98s2cTphzb9phlVob4e1iFFkdGT5t3g_2GT_H_yJt9V6VeY8we29VeFIpkp00F2mpKRNqe3ZU3oUI_Gd9puZXimuzyDU03IbmGzZV3uriFtfbKc5fV0s9zsGYQf0nL3yhScHbN61nZUgCOwHoxLJZ1DII7R2dwE4U_Bk4E5Wro2vcdDSix9dl-ctK_pwUP9KZdVEU2awGF_XYgXM9APEFqd3N5QaeATLK5CmU3EgrjpRWjnhytUxLJgofEH8ERYfGAuAu-4022c9D5_9xADnWv8IGEBEBWZK2hZiO-wS11TtW_LcDYug_oDGDiJg7orERjd9rLRTvRtklxCtwXFAiM7JfLbDmXy2e_bPb_SYfA0VkzG-k7aJr3PDkwyN8kwZU26zrx5_c2U7mgR6Y6zoYa3z6QNIJuU3agTLqc2ztCVdxDtBENwjWUilv8FfrH78y9wSI0b20PU-FMDLru4GbW6G39X2QRV-UeIeptiwTVwC5EAk6jzb0wz_Zc4jr3okD48l4jI5415kuOw-yG9O_iT45t2WrQFbiZhF1nLa5-ajDKSZWsstw5X5x9jsQqEm2LbL0JW_BJOIfHg2xeSKRkxYGNrnRuif-PiRfuuuFqEevsEx35adbORwThff8LZT7-p0gkGoQY93rB-TENJYkBI_SPqkWtlRngFgJOOxNCaJyS0UIDwyfO6ct2zQv78lPTm_fzWJjvyRdsjTxQN7JnopLUwmyiUL-ovCdkxN7AdBCQOmhQoOVYrm2M4FP9Z3QnsFTbvpQIo5vugdAyOAmNRoYjSLSItI5vAkvYo1LaDIhggtDBHyh4zyvBYadUml9WFjJu-DYWYph07AzuGEuO4t4paxKLf77y9aysTSIziU7rDxHfCKGUmKGo5gm4Nfu2cvHsp2fdFOk4I7U8zgz8v5w3bDPibUoirgn0JEz52ay3jDoUY_ZWQ9fumGSBbEm-Qvo8m2ljY5OOJaqO6LhVfcEjKW1_pnRk7HV7eP2_fjE-Bx6GelQL2g5nxqqhukjza5bEp_l19Wsss5ECudWu8zrn0MXVUbf50FxmG66v_HCI0cgS8ZbpF-0xR_2gAELWtUSEChjI9YQ7Q5-OWzR9CWwHJmzLTUgAiL9FcqEXRv5CtMnrdIoFOxoQG9t-CmhfT302w9v4UUhZIaNgEl5AYX0njOJNUgtGp4YksWsoeoLV-54ScNSZhGJs3Fggfk6ev_KToqUT6niOO0gMHEhn7jed2DYeZz0KZIZg79r1aE0MsSNyteN2y9XkHaDUmN3muyFi9PRl2Mfsem_AngS75FZlzaTDL93eAW-nAjruGWNf0tzFcDIKKc_NNyZ6QSj2LBWvjs6xhzZBs_M1NgAUAAzvwv3PK9yzllHNyw-xjd0BXAofxYczSrGtoEHFpEx0QTqKkK9plfL1xCRj-Gt0kn7QAkY9eEr7bnJl8Bmz_M3hppbe_7mxNaoIFZBmT85veJaZWu3J_7s2aQnZROM9n3ieoqvdhT0Tl2Brp0EpmYbbR68OzOYa0lgugu590JJnqp_JVVAWSPed0lvJ6ec9gWWKOBnmodlVSv5V3MKIX9h3CFcIRjthUo75uEtqDHZotCFpUarFOkyZcNRFsCzdESRuyFG_GkR1rbP-KgE96WhuToC5yF_cmot97IU80qMQRV6lBiU06QU6JAIr5HfHWfS1l2HK7BZocA1DvUTU97GUpKbwqdoI7Qkvx-hdGtetSF4dkmNZycWbh4kHMnSXC7XavJvgcLlB00t5yidC9QPWKDl0Y_QcOCyNCxrnV4SVxZdVe_D2QdQnu8Rc2cXX09nX_CC-32Tc4igpPyP_-Y1LFw35iv9GCtOh5bpT1CjInzUuaTseo83RYFuzsp_Rd4jzGLT9yIoWZaz1OfHFnodQ8BV59AAn55vH0Y6GkDi9KimVETTzrgmwVB3SnyanYEddxm9joyUBEfehCXUKbDuewZvYqLJup_yLSbMNhh7mq9YMVc0j0pLkiTZBvzQSeSX_JR4HlKvXs__Z7kDcVDSOEDjg0UGJxKApTO4naNGjmgS4vNzYI9gJPJl7vUKfeZbrczQCB6LxJI_87vzwLn1Bg_RDTFvtSn9bH_K_ife6WJQ5BkBnxQTT3DLZmUGBLHrC-X78jrB59I1wgjtrEdOXUjlJy2tWeMEy6SAIhMm2j2DQhbwQKQoWd__AtQ-_qt_5ktcazipKqq4-8_qLmedN4BehR50vc83zbPMz1LDP5erLxHUHshktfsu0qKWupSIrlF975CTYsV5QalujxXfubgHMxf_pd84kxR0mrlEjWcrLfMPzSARcFlbLdR-xW4Ojv1NknfADwhniR6lz41HLDZZsDaYwsnqSM4nAQ45onEhEYwT2BR_AJek32xCDiTTaPQ-nPyFNN6nNKGnNsHPFb_BCLqzGUv8P1oqU1UXBFgWkdp1TJbAgfzqnXsr88AjlPgrtVQH7QNUT6P3uAH0v4RJlP6xQvc4aKjozsuRmB5g-mlApq59F-_T4sACsw4YFLEG2MGL_6ccM2qKuSz_E3pmzdiTjhLejUP1T3xgMklUq3fmdXtNanG72hLDXqP5dZnpF6tSybOvTRj7UXorCMXA1Dqe2OXJFd3EpyXFcsGTMgq2kYgaA6MH76nb29XSMFjIIFh4B9LvWH8NyUMIlxJ2Xx1WWuU2O4EusEfhx5OFsBVc2w5s0dgRC5y-Kssg0lzXU1rGxl1B27DC-Fb2Om6xduiP5apvVZitMhPpubeE4aOg58EOj6LS1QhrhT_ok46xpxZveam1M0gJ36VrnmuBfMy4qIVE1IuXf9FOmKsVMrrCCT9kiKyGJfFCkMYimtzkWKPb9cQVqDC8aj10hZIZRswr-FpV9TrK8lVgLZr2dHsH_-pwGd763tmBhjDHdpvwZVC0yuI0IKi-Jenv5VFAFDEPQFIqaouqi9EM6e7JzkXNnW-iWzpt0T7EhGED-Bc3IVr35CJq9TZqoTdUuspDrd8LHzjW32zrGLXPaHkvg8L4xCby1nIvFdFZiFT0QBX-3lrD7qJ6yehzAZdyjoS2Iln_kCZDBj360u9PgrFdqoztuXIna3ZVAgBre33ObTPIc1_BWU0ijCpKE9KXJflx5z4lJdtqsmkPOmjTsejrpEnso7asID92JCQsl1ptAvaBy4J-BqGcC-a6go0Ic8zrSiPOw7EekiQ4-EryDrFQQ2q7dnZBMtj9oUvUcLVsZR3ThEDy_KLVzAjZPtI2Lc5-mPHdy1e2dDcW65q-k7vyuf9Cpf9_HSR-kzIejGVIFT24xdfhn-sqKD9dZA&cid=CAQSMgBpAlJWNXYsYpmsByWY28_tuUgCE7Q6X-YKbaNUTa55j9EolLADrQwdNm2HBEuvliisGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ds=l&xdt=0&iif=1&cor=13487448795965192000&adk=1178474741&idt=250&cac=0&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13d8cc9322a2917d0fd0bb177dfc88a83bf111e89c1e47844be6ae8f5e271138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12975
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4F6F 156 B
186 B 440ms
439ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=659282514191882&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=E4E5ED9A-8C8A-4F9D-82BC-8A5220C53399&a3p=EhkKCnB1YmNpZC5vcmcYh4WCgqYxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIeFgoKmMUgAUgIIZBIZCgp1aWRhcGkuY29tGIeFgoKmMUgAUgIIZBIUCgVvcGVueBiHhYKCpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGIeFgoKmMUgAUgIIZA..&nel=0&eid=420706098%2C44750823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dlt=1693831951089&idt=5383&dt=1693831958505&cookie=ID%3Df9ed3c550e4b5e5c-22e363f666de0023%3AT%3D1693831956%3ART%3D1693831956%3AS%3DALNI_MbhPi_Lx4YtnDPZPXgSXaIUXyj9uA&gpic=UID%3D00000c6ef83ff7e2%3AT%3D1693831956%3ART%3D1693831956%3AS%3DALNI_MYtkc6IQPUlJs6FV160220h_mwajg&scor=2962717193436884&ged=ve4_td8_tt2_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts2_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video4.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 343 KB
344 KB 180ms
180ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video4.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 355eb73ef3ddead38f9ac663bb3cde3cf51a4dfb446937f5aca3e716c3c99e73

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
cdn-edgestorageid: 864
cdn-storageserver: DE-51
cdn-cachedat: 08/18/2023 10:37:59
cdn-pullzone: 829957
content-length: 351372
last-modified: Fri, 18 Aug 2023 08:18:03 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 647
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 2243776cbbee44bd57d9b0307c3d8608
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

setuid
ib.adnxs.com/ Frame 0931
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHpVBqtRV2ZyG5m-gjrvkbc&google_cver=1

43 B
845 B

558ms
558ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHpVBqtRV2ZyG5m-gjrvkbc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNUCNwj9B15BzjICOGiDijSrH1SIuZU8DJtvLpQGFGqW7aWMgxq0JdUIOziHduo55iu8LBx5v8xWJPtLDTHtkn_GC_tepg

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:39 GMT
an-x-request-uuid: f2d47e01-1017-458a-9353-0bcd08ffe26b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 194.230.146.186; 194.230.146.186; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHpVBqtRV2ZyG5m-gjrvkbc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0931
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTIzODA1NzM2OTI5OTIzNQ%3D%3D

170 B
188 B

529ms
529ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTIzODA1NzM2OTI5OTIzNQ%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
an-x-request-uuid: cc6e3f55-be77-4881-a26f-bee9732a6213
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTIzODA1NzM2OTI5OTIzNQ%3D%3D
x-proxy-origin: 194.230.146.186; 194.230.146.186; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 0931
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENZP7G5tu_y5OmD0Jo15ew0&google_cver=1

43 B
61 B

87ms
87ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENZP7G5tu_y5OmD0Jo15ew0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNUCNwj9B15BzjICOGiDijSrH1SIuZU8DJtvLpQGFGqW7aWMgxq0JdUIOziHduo55iu8LBx5v8xWJPtLDTHtkn_GC_tepg
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENZP7G5tu_y5OmD0Jo15ew0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0931
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzI4MTgwY2MtZDlhZS0yYjA1LWZmN2UtMjhiZTAzYzA3YWI4

170 B
188 B

146ms
146ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzI4MTgwY2MtZDlhZS0yYjA1LWZmN2UtMjhiZTAzYzA3YWI4

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Sep 2023 12:52:38 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzI4MTgwY2MtZDlhZS0yYjA1LWZmN2UtMjhiZTAzYzA3YWI4
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST logs
http-intake.logs.datadoghq.com/api/v2/ 0
0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 29B1 0
0 287ms
287ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308290101&jk=2222117741474032&bg=!ycqlyoXNAAYHwnCgJ8I7ADQBe5WfOKtYtkUNVPG2IP5G8-8waByzaeXeGUVpRn3BLQoCfC38XWXHBgOSIa02QJ-r2ix1AgAAAORSAAAAB2gBB5kCzNMVIijzgByYN4v8xR0MCET_SqSeZPEOcMJFcIZdZzyuikMqFJ31rNTxtN9zrXsCaKCudVmM2NaKCQTVv4MkJoLy-sQPtkDZ3j3-qLPl5PDpPuxfaGKIpzHY2-7KYEhxYJbZEHRxBPKu1wIp9S0XyUPekSeyK4WWnNnhXzQ0HdWSnatABF-QnKde-JIjLQq9mbh2CQTGxxEbV-Yzs1MPC9hQQP2f7ELByiDp0oj79b5h1bLtxLhW-1mRGDm79j_0tnWbJOyVLaduVphnlrbX1sHNAbZ6bZ_f5rZWCx2q0KeGngyEs_S0r2dkAAjcX8fr5ypKJjDuaDrhAEQ-eiwCWBsBT8ak5LTOlnHUNDiJa_K1cVIo3yazuDwl1EMIXDEjeyze7X5JLcQyRnt7PcLzLsBmm6WYayeVwGIRwfu0GXnEFnbKe0nWPuvyIWbIrXZOf1Lhd0U9MqepmlFs2i3nJBp6VWtgBvdBsq0C1oMh7WnEsMMBdmzoG1P_uv4ZvztW0X3AKITDcrVWheR6UYeL4K-hOb2JUqOznJWQY2iTI9bxptKmbM_Z1ygEAQdFtpGydrMNS6Fuice5lxHQWUKzPdc11COB8lBG4prHb4jXHsjZYD2xiMJdBwr962wIr74M39XUZFy68FZ_D_64ISd2RYEVYXPzVjUVwfBRqw_I1k8rtzUpoxqk1KrLNf1JAlWtCiW4pyjlTNJtOxY9bnNt6PaZSSvh4dbMtBdEiMwute7y-9kvhDwegZdUJbUoLsRV9_eRW0Pm_WKMqP6MCb5TcdCUuBII1xWitb1YABoo1e9YRpT5C6bOEzD1DLnFvhdxNZO9VWXQ4H8GtADSu-t4QMxfFX5gUac5cup3ab7n0jM0bdP-ZnEQNd7gk068IIs0QmiK3ZP3sMVTORt4CtjnB_2K_Azi5RY3wDYDoOwoc5qp9lLghEzusTqNQD3A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F482 0
0 301ms
301ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308290101&jk=1731831362702570&bg=!NzSlNHvNAAYHwnCgJ8I7ADQBe5WfOKuQdq1t9O__ZjHyUXbFOngFLs2uo73smhsOcPOXQXARiwzmG8UB5Zlrei7DBSWFAgAAAOlSAAAACGgBBwoATSQEvivEaZ_WWdiuSWKrd6PT_gmWB3Tt-ErHwbx8OphyfeMvVZ5OCE31DIV-aAPpLYOec1ObElQ-aw5s2V6tent_GtK8b6xPqe0L1mKPmQLakjooablsKEAkZWFWplzCjeCOGimcqPzXlWxpNk_WHnIFKep1ro1oBeGyXWdTKAZsaivxlr6DsooYqLA79w7KP-8rb8pwAc5mIWt4lTr3bWOAW8DiTzgqpBkpdwLrtTd810o3xMVJ1H6MVCikhzl4dmQsCLvVXdve2l11dTbC_A4AWkflGWPKRm5KacrhR-NNzyj-e1BqxPp-CF0lxXThYJM1vvv2PzpGCvWtuO47bNJAtYlUuYcO3zlT46ptRFq05_0nQpD6TCJmy2bfJkwNPMbbsmv2BOWYrpiK7jsJ62dzb55GxBJbhkuLoG_CaZ-ePSJ--WYiymlRIHKH8rvcVQOqhFkG3IG5QjG11MLxC3zSqJufvbspXEuMnlBQpKA-YIw8SD_qK-uPjY8u3JXAxdPD-ILQGSvmupRJ5THWLrXjBl5oRNeX1sjdUejiSGwomtnYcysgeZC5ZWWk8QOumcEP1ErHCXD4RgYio7IHHtWDhuSTZcB0_A66QzsfoisrFWco-O3xoDmQ-TNZrFGgq_eFNUUCQcrOgH7AavzLS3i5VawEqZm2DvBG-kYXzitXKrzA2Yid5Yqu9PMXi2WddLezz_zbB69zt1V0ke7i4G6zwvT5oAgbN2kwgwsEiKSDzRKsLdXlMdBfHjEWsMYAvYsOLoDUo3iHirR2fsgARLI6tslBOCIOF0rGqCO7QTmiy7sR_Lvsmkhszr7HZfOTP92QZ14EkG92D2DVh38M94kY8jZm4UPSra0hQCwiK4SIp_36tsinvQcSzHpGlYvnN15xxm46mOXgQao-DXD7ejyinVLi0bXive2iCqu3nKAG3Bqz3jhdBkTQgvDlP_ZuYCT0y8A2fEYkaDrAORrjqK1ufc6494jz4RaakVjCgHni_zuw2glklssyFhW_x5Wq__UZS02UiqqAomjjr9mumvAAi2JmDE2RHJ2hZ8YEKP36Wsx_41_5sUahSQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET cshow.php
www.awin1.com/ Frame 807D 0
0

GET cshow.php
www.awin1.com/ Frame 5284 0
0

GET
H/1.1 200
OK request_content.php Show response
hal900021.redintelligence.net/ Frame D188 7 KB
3 KB 300ms
97ms Document
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request_content.php?s=69230100099624304438458012437021&a=2028476e
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=a2273c1c88&subid=&uid=51f12e8240c17ec8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCv1OsE9P1ZOeaHsuAngWi7rqQC5HB0Jtp-_CDktwP8C4QASDSzIEaYPWNu4GYBMgBCakCe7uNKzEdsj6oAwHIA5uEgIAEqgT-AU_QYQUOqU_S7V36hhrAY6dwdA7hak0Gs1RS32meqS2hZYxnF75W6W7v9DNTBXJIIqDt6EfO1Kb_Tasf6GhxvZbZ07N7MNKXbyFKkXp9y8SU_3maCIMlVp2hbq6g9LgmKYSWS5TIbQFzrdOcn6e3-on9uXFN9DbxJWQn8NvPPPIn_rr0qkksB7hWjbkQqnSQprpnnJsF0QEIM1J9OzgRFP8f5G89qhI9NPZn14QajPuYx6GKGPwMY3zDPmRcQcPvAhX-Ij2clQdd5pJ4aCySgtDw5AAmG2hB-wyYzFndC8xo0_4P0JfQSgKKfqwfiXWcnjafl2L18xZCuAPfygUcwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARhdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkNIyA0BsBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIp_CQ4P-QgQMVS4CnCh0itw6yEAEYASAAEgItuPD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWisWF2FLtkaug4rUzJBFWw93JCm_SyK4FpXwVJvoSUhlHTbweGAE%26sig%3DAOD64_2bbxIgfYMcL8uiZ-aNsIz6pcc4uQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-D7E7TcDGpvehZGx-icQY2YTtJwlZPTZ96rZFhDSKIwe9fagOTsI0fK6SdFvVquCmj4_odWsseNrXmsuVIBgX_gMpHThIYgXy49uVXvZa4rI7YDzkyQDfoBik2qLPjHlrNTHofuKp3hZtF0qPme8gR29WP-Sh6D7ZchTdpf8JY38iDWdAo%26cry%3D1%26dbm_d%3DAKAmf-D2qoFfAitG2Drgf05oYxaBrfzj0QjcE9bgu4CYhyenx9WEKMSSJNBogmYShNfo0bxBMyPkG-lofDLnyjHSyYVDYotDjAiuNlZ8vQpklycbt5r3G7mzplzVTXlL8S-Wi-1nCkT4-ma1exNWVf3qo8sGdYt-vuZ0Ut6baNsOrfD_jiHtkouoXa6TfYS3T4W_hYx-rtmSSsxMVkQc0nfS_o9PtnWxcbVUBFIcAcS2c7eD3xG2na7eAcfjkhc6TCVTZ6I2KZhr7OjPK4CWdgFEtnJsDACMi1eSkEVjCjMFajJujZ04XxagWiyK7yo-19WI5_aEpwSBvPZdyDAXU2qv2FenYXMu_syZNLgHk1GV4ADZcelXFDo4RzQ6c1czPtOwiLe5AXBD_rMUvDvl605SsIUEswfxqAFAktCAKySxeMEKvuzpJtsdTbg1pddoGufQQDZaI1Hhu7YlKyzbF6kRvhJ1jrV8clWeIDBJBx2ysfcqGgKo6JetCNUYQB-q2D4H2Xv6fL_kXqyopCOZRDRlCr7oOT0pmXZnd25h5Bs3F2t1EVRUtc1xQB0lN_--mSJUuxs41aPvO-Xb-JMqGCgPMZNdmFfebNnrkAgWIjhXSQ_NY15xgvBvV7oNbOPwQ8c3XHW7mWBlW5IeCL3m8MvhYwPsQedCdJDx0xVwQSHHhUUE51KRAhrc2g3-UC99L5LO3hf0V0s1%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=1256845453216&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: fcc16cac490c2b581c1976b73ace9ee6b2f5c6f24710517be6dda352466c03b5

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2216
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Sep 2023 12:52:38 GMT
Expires: Mon, 04 Sep 2023 13:52:38 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET cshow.php
www.awin1.com/ Frame 1ED7 0
0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A6E1 0
63 B 266ms
265ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1982026738274&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A6E1 0
63 B 265ms
265ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1982026738274&version=m202307240101&ct=77&x=1&cor=13981052834583628000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A6E1 29 KB
17 KB 202ms
201ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ACh7TQ8zkjqvSCnnYg-gYfoD2MO0iYduTok0uMwtkfNtScr16fjWxN5Hwsg7tAsB4by6ghvsiaNutrA5EOrLXrOr3Wdw4QZQqBzVXOa6NVUxohjEELerse6zQjfCfZOtqFyXBySq4sg2xpkaCIsptls517lnVD9w7_EFpK8yrKVkkXYAA&cry=1&dbm_d=AKAmf-BZ4rAPrjLG_iE0G3LuDE4tIXYRmFE0kWjtl_SS3krVH35ME2il9Jso4MfmCCMLs79bmlV6_Y-Fz3iNW-BKlz2Jqam4075FWHeWLIHG7PhTQhYo3M5gD2inVKSNdrLSFDI-3fU1wYRf6xX5RmgsyZHGWqTqKZ2XmN6hRYIMvFUAzZDwSWyI_9sBJwRGIB6GvHKirHitXLWIrubVvjztEO0V2VGAVpfSc9JOEreNlx_TyYoCihENjipHCsodOIQEepWqMb9Io38oeLlOVau_k3REcTLe4jlCm8tRqFmKDAdAgwr51zfeCY2lx19eWcgMrZhCucqahrGrdOqo1JfL4k7aPRka9xwJa8ffF-JOh_BgJfZ9rJB7JXOfKDTUx33FdSAG-sfI5pQODGosP0m2eIQrP3BCSbUgGTe21ueAg1b_9MslSXV_sboRIB0CSoCctLqTdwcew9o_3fXJKMiLhzkja-UFqCujuhTYj1CdRBM04qMLqu_K9TlKu_6tqFy-wBuz97xNcjQnAtod0Nyxe75IdTRgVMhuSNYOLf5Ww08nWIfm9doab7U81Zzy-gBN-SnyihS0Wghu9AstucwWw1V7Fu3GrYjYT0DuDtBs8AyOtEiMRTTJzNJQ-ltFElkm_dcRcfgvXfok2czmFmMhs2TJtuDz39X4DhfYMgoTtxJLVPihwv-NDLW-KV9HEX577kvVKvMrmJnoTEYb_ADeMqC10gHdS3M5liRMt8ID8_0xSklKU2KqGeY4-aw7TIK_HMIpcWuW8D8Dj_8wyKqzHfmA7fQ24ZlfqVNrpy7BjkF8cC_dqaWPxTFkKlvFQn-wNqVWCMtTtEjccUq2XrV77ubGBlJbBNe6n99t3HOWqRmyAwt1dvTCZrpik0krP5lkPoRZuHF90Q5JfMkM3KVdrwZkHiKf-e4KAbzmQy-AsLAXf0NgHBjq0PL3dz2ePNP17p_BjxU8nHKp0F2WoDcE18wJT6KuIUVe4nBBP7ovMR_Si7nCZuHPkrBFVIKUqSLqPG4OAfRvCrTLqg1R3ew7k6iIAfVHO8pRNdQXQ3tP6YgdRLFNGbHKgf3_ZEu_P9j2LsFvf3MU8DUAlC6-jvYCIHdVU63MG8_srbvSo0_GY9xhm3v-Whw8LFVMC0CIaeYWTlAdVDnlOWRJanDPYrqS4jRIuMQPwJDCouvoa92m8ENquQapcfNZcymCReF7iOCV5ZB7uyhkjd7YvWp5huO7OycXNzbB0V9tkpaqRnNwG7sfTe5q8fBOFJecb-QxDfFtoEoHSglJmty8XVlXuRmt6ShvSPMGbAgFRyqgYoHd8wNSdEBvdcNanA23JDTEdnt0k0_4JTmiLU_czWNYcuc3Kk896wDZmBK-8m_zaaMoDczuBHBjwmNRCxgbtvGOMGqdGn-jFMTOFHGwhzS79ZhFb0YJoC8r3pVddTiRQ_VbdbbOqhdBqEcDjbhDVAHRnMHCNmRqgmiZQK6Q3obrVY7wYF9XpB2EIcNAyxJQmz4NgCdK034wQIZv124zhKu8TIxFTYbp0ya0NoQP7F1N1Qrf_sMzkICl6YYgh4tVb5vA5ZIzKMNWFlyXm3RgKjKBnnl_Ilbilm0FLAqs6IBSwTbmkduq7BDf2_NPycMbpOHMEbgpXF1MjGMrpvKzsbHWRXGWbBR9UmvWzMEiUYo-peJxV4gwk9VxsxR7N9nRcPy7nGHobllJWAx7mIp5458ukb9myRncD_5Ww6gtN7J0_o91G1Xs7YYlmY64uL3EdSGTeU45RnIcJaGqrCeiH9wam9i3mvOejO3UR2_NqlYI2LmpGiydDk8epM58FO19tSaf19RlC2oxd95kfQlxHlzWP02_DSb2gEj-epWzIBNYXlCitNR_koxh7KL2zvwP6BCcfv70HT2iWEiR1dd-1rqYJHDw29WrYuaFwx5iTnFsLpuQbXD5yi5MzufwJ1kM_TBOtJ9mtHqzq4I0FDUkUHPPTsQVX8IWQMYsdXHnWfjQnPy0y01cYcyir86X2VQnwdzZ0YC3EzGMsIkn0K2y4pIuIRoKGvW3_FUc88ALXDacfSq6I19jZnb7L4Uc2fT_wDSPlouunTi1gCQ0Z7YpqzkabibwFIml7tc5jIMOTwj5G-CzR9E494ygQyA_76OIzv6gj-L01u3fUhSOYe5lEX69GPgIHYrELj_e8kN7AYcyghw-PUOlTCxTqrXzBrXIS9PfWuoAL4WJfGSnPM5Acn-blkw_rvoYHCm6nchuw1PxrENWf1n4oXR3sp14uCCYMcDvDdxx7oy5eZA0xBSEOvl8FEH99N2-yvIrzjYm6mktHHi-l88jgL9qBp_AhFcJolpMX6lIP7NG9PV6S0BEobtJSxVennwN14IQINsT8BCH_FUsz7rK_DiT8S6gBXPNgRjaMLl5MnYLPiMmAnNAdCP9ZdCKyvloQjpRHjbPowt1DUFJ-Guq3ocNJl6MtdCR9Ut5usc8WORMjeuROEwLBlvr-lzzwNL3jR_s2oY5Fd59nbA2-m2-gBRnXXD26f4f21FYQAiOGooW3dCCvPU6_axk5oYpS_grSB_C_oRTkwt_fcOEpnXdwCdA6WeePJxmj6zjMiInBWWn7fY2dfQ_baQnfSAikKJ_8h8gRhm-pceU-OhmpKa5n2MMTYY0r-nysvCo3GPxOLWjFPwcAtTCICHmLoVKWj9sTraEh5_Grp71QKZk0zuPPnuB9jRfFUly3Sm8Rz9JMlnKgmOFW7A120cqkPLunlI8WPnwKNNCTIJyfTzOPywnKat60OztnVkNyXJUwnCYkVOA1jBw-OHaB4E0JgQsjrbx2CJvN-GiZCdFiuQf60-ZqV9uvj2RU12gVlYA1RNZxojWkn12vAyB_UWKLxn7vt9ZIuRrOsu9yFkKcx7pxS8u_BeQ9asNkBbACpa2K-3UaBcGSFqSAzccbNDXsTSNry_gJEY82ZRvyc57ouQr4k4YW77fBQxz81SIfbVDPHCUCw59ZPVxg3--AAPvPY50uKASpZ11k67WebL_KL-wSbmy7_a_zLcx_ZnrefFIWPsTg7icMLLRM195b35J6eOrGRgt2syzI63y-ZBP36ROLmmmtshPbUDX6cHM0mugnq0x67aq4xE-S3RHVnhSirkFXxY_78bK9QsN1Yedan0SpXZFQEUNI8swi8Kpkw_vRrqduusKKGj-ZWoX8vtyfJxAP215WU2lueVbcGWCWkEnI_WmCl3RzNq4sf7VLcIKs8DU9C6esVr164wGkFzSQj70w7Q3VCMEQ4CzVs6tJW5XMEdmojRMVXj521pPBi4cmlTF_1C4DWIvbN5WgB3WnGLI1EH1tRBZDVNe-gtRPmBhtqrVVWHaIhZwZ2Htu1gMezcgiSPlqwx_H9PgvTJphjVhPcIMBV2LOzq1_BxzA5XujPXVQWNztkvZgwZWG9m_0mV2H_QVuHjc5QUPcVfHm8tbJqoKvIV79nIDfeExNXj02B8D_0Gvzo2v9bI7DKXP9ud7YihoGlB2Ju1HXvaI4BmnMI_FPcxHetmg3hijQjZE2f9L2XJvsMGnAIHnk7CKY2hgqdhTha6tTPi0vjP9OgQHZIV-fPSuRMpnQkb_RIVaomC9eGaVCVqR0GdqX1-pG6fOEdomzm8fzF2c4HwXTRIt5kZXALinU44TnjX5SQ7TR2H2kUlztpSRg_kF9_AEmNgwhAHXCQvrmJ77d2ynbFG4Vc1cWjdgbPRCdDk8dfuSyqp_GyJt_CrOunNIvMy0PNya-k71ISP3LtvZPuLi9oCbmYOd-fBIjHi5ncZGQ684xfTIP_x6aUQPd2hI8feplUKL46_6BJ9dJhkfbw81V1_IoURcsm9QbJ4-ElZQGPRRDjAdbwgw3fxr3STdA9m9xQmGGJ1y0BlJCB6erTBI4iS6lFu5Z8OA&cid=CAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g_u3x8hgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=13981052834583628000&adk=792902355&idt=347&cac=0&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cebfa74bc7b14d4543ed39f59a086e4b5b16809db4cf425159d21e2797b4535c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17759
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 26F9 1 KB
691 B 197ms
196ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 5919
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 05 Sep 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1ED7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f99f6146c589675ae04f18b361da57acb74a1110e2d2ec8d167406a3350259ef

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A55E 41 KB
13 KB 164ms
163ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DC9LUYShQvydMS6d6rc9ipVWjJRNF6LWSz45o6a1-jysjYYDDJX-Rdmi8x0GJ7EKL6mIyDEJI-oQRr0dAVuwvrsSOusU2FHF0v-7qdDrfVtzaz74y2xmNR3Nd4N9CWRcosXGXtEUHc4MO39faBjwmxzPadTL_gkWp4tV1jcDjs1-IPUtI&cry=1&dbm_d=AKAmf-AGIg3iJLiLziW6Pf-wgMaqo8g3fqjQhK3Fdf2jWL31Bvf25lOBPkG3DMZ_T2TwWRBWAn40AxSuFVoYOjhQrFZSCIR2yofgSO_jSOaURR7f0f9OlkXkWH9XJX3nMHbbFhwLPlZSm6KEW-HS0Vevbyj7AeOgdsKCzJZzqoaha-1qGPR3RVnjwlSZ4rwhF-XfIdN8MPo9ug0C9Vf2ckhq05kLYwgBDrP9rn6yAxU8ggFRYyfF6j7pUsemnCywYLnpUPusew5rRX8dzNKggS__bP-BVAcf46lvwFQU4SDCa09Jp65Kj2uj43oVj1L5k72OFuMIvw7N3tqkjKD1YS9ZjdhwvefzsLhz-K3lnthE-r1MyVqD47oR8S8EQ-UyWrQO8azCCcjVJvLfK2HcX8C15uHbnVagMCYl5npiIi5eicoOwqwIWIOa6KSxcdQW72TOdbilk7q9IsHeeSTXzvuMZSkCB-KGmVKGcFaWTb9j1ItsYiiRAnmQBC3mlSRp-AlnBk53d_ITtv4J25HSoq4bdDDPfScUTkdS1Ick5Jkfw7-_jMA5854k4tKUUK3dEmmP-V8F_IpXTDpa91mxYgw8923krUunCSCRQ5LP9qpI7OGP1aX7QyOMjLMLm-cHhScTOgBWvMMTuGySseG7rsJquvfy5MuVRF0icXOZ3sx_EiB5L7_LA_r1zxoFnm1TpGORt5T7lXE5bgfoDVz-NpRRPnhGfHq9LyToNMmqw86fYJ4y8QDumQJ98s2cTphzb9phlVob4e1iFFkdGT5t3g_2GT_H_yJt9V6VeY8we29VeFIpkp00F2mpKRNqe3ZU3oUI_Gd9puZXimuzyDU03IbmGzZV3uriFtfbKc5fV0s9zsGYQf0nL3yhScHbN61nZUgCOwHoxLJZ1DII7R2dwE4U_Bk4E5Wro2vcdDSix9dl-ctK_pwUP9KZdVEU2awGF_XYgXM9APEFqd3N5QaeATLK5CmU3EgrjpRWjnhytUxLJgofEH8ERYfGAuAu-4022c9D5_9xADnWv8IGEBEBWZK2hZiO-wS11TtW_LcDYug_oDGDiJg7orERjd9rLRTvRtklxCtwXFAiM7JfLbDmXy2e_bPb_SYfA0VkzG-k7aJr3PDkwyN8kwZU26zrx5_c2U7mgR6Y6zoYa3z6QNIJuU3agTLqc2ztCVdxDtBENwjWUilv8FfrH78y9wSI0b20PU-FMDLru4GbW6G39X2QRV-UeIeptiwTVwC5EAk6jzb0wz_Zc4jr3okD48l4jI5415kuOw-yG9O_iT45t2WrQFbiZhF1nLa5-ajDKSZWsstw5X5x9jsQqEm2LbL0JW_BJOIfHg2xeSKRkxYGNrnRuif-PiRfuuuFqEevsEx35adbORwThff8LZT7-p0gkGoQY93rB-TENJYkBI_SPqkWtlRngFgJOOxNCaJyS0UIDwyfO6ct2zQv78lPTm_fzWJjvyRdsjTxQN7JnopLUwmyiUL-ovCdkxN7AdBCQOmhQoOVYrm2M4FP9Z3QnsFTbvpQIo5vugdAyOAmNRoYjSLSItI5vAkvYo1LaDIhggtDBHyh4zyvBYadUml9WFjJu-DYWYph07AzuGEuO4t4paxKLf77y9aysTSIziU7rDxHfCKGUmKGo5gm4Nfu2cvHsp2fdFOk4I7U8zgz8v5w3bDPibUoirgn0JEz52ay3jDoUY_ZWQ9fumGSBbEm-Qvo8m2ljY5OOJaqO6LhVfcEjKW1_pnRk7HV7eP2_fjE-Bx6GelQL2g5nxqqhukjza5bEp_l19Wsss5ECudWu8zrn0MXVUbf50FxmG66v_HCI0cgS8ZbpF-0xR_2gAELWtUSEChjI9YQ7Q5-OWzR9CWwHJmzLTUgAiL9FcqEXRv5CtMnrdIoFOxoQG9t-CmhfT302w9v4UUhZIaNgEl5AYX0njOJNUgtGp4YksWsoeoLV-54ScNSZhGJs3Fggfk6ev_KToqUT6niOO0gMHEhn7jed2DYeZz0KZIZg79r1aE0MsSNyteN2y9XkHaDUmN3muyFi9PRl2Mfsem_AngS75FZlzaTDL93eAW-nAjruGWNf0tzFcDIKKc_NNyZ6QSj2LBWvjs6xhzZBs_M1NgAUAAzvwv3PK9yzllHNyw-xjd0BXAofxYczSrGtoEHFpEx0QTqKkK9plfL1xCRj-Gt0kn7QAkY9eEr7bnJl8Bmz_M3hppbe_7mxNaoIFZBmT85veJaZWu3J_7s2aQnZROM9n3ieoqvdhT0Tl2Brp0EpmYbbR68OzOYa0lgugu590JJnqp_JVVAWSPed0lvJ6ec9gWWKOBnmodlVSv5V3MKIX9h3CFcIRjthUo75uEtqDHZotCFpUarFOkyZcNRFsCzdESRuyFG_GkR1rbP-KgE96WhuToC5yF_cmot97IU80qMQRV6lBiU06QU6JAIr5HfHWfS1l2HK7BZocA1DvUTU97GUpKbwqdoI7Qkvx-hdGtetSF4dkmNZycWbh4kHMnSXC7XavJvgcLlB00t5yidC9QPWKDl0Y_QcOCyNCxrnV4SVxZdVe_D2QdQnu8Rc2cXX09nX_CC-32Tc4igpPyP_-Y1LFw35iv9GCtOh5bpT1CjInzUuaTseo83RYFuzsp_Rd4jzGLT9yIoWZaz1OfHFnodQ8BV59AAn55vH0Y6GkDi9KimVETTzrgmwVB3SnyanYEddxm9joyUBEfehCXUKbDuewZvYqLJup_yLSbMNhh7mq9YMVc0j0pLkiTZBvzQSeSX_JR4HlKvXs__Z7kDcVDSOEDjg0UGJxKApTO4naNGjmgS4vNzYI9gJPJl7vUKfeZbrczQCB6LxJI_87vzwLn1Bg_RDTFvtSn9bH_K_ife6WJQ5BkBnxQTT3DLZmUGBLHrC-X78jrB59I1wgjtrEdOXUjlJy2tWeMEy6SAIhMm2j2DQhbwQKQoWd__AtQ-_qt_5ktcazipKqq4-8_qLmedN4BehR50vc83zbPMz1LDP5erLxHUHshktfsu0qKWupSIrlF975CTYsV5QalujxXfubgHMxf_pd84kxR0mrlEjWcrLfMPzSARcFlbLdR-xW4Ojv1NknfADwhniR6lz41HLDZZsDaYwsnqSM4nAQ45onEhEYwT2BR_AJek32xCDiTTaPQ-nPyFNN6nNKGnNsHPFb_BCLqzGUv8P1oqU1UXBFgWkdp1TJbAgfzqnXsr88AjlPgrtVQH7QNUT6P3uAH0v4RJlP6xQvc4aKjozsuRmB5g-mlApq59F-_T4sACsw4YFLEG2MGL_6ccM2qKuSz_E3pmzdiTjhLejUP1T3xgMklUq3fmdXtNanG72hLDXqP5dZnpF6tSybOvTRj7UXorCMXA1Dqe2OXJFd3EpyXFcsGTMgq2kYgaA6MH76nb29XSMFjIIFh4B9LvWH8NyUMIlxJ2Xx1WWuU2O4EusEfhx5OFsBVc2w5s0dgRC5y-Kssg0lzXU1rGxl1B27DC-Fb2Om6xduiP5apvVZitMhPpubeE4aOg58EOj6LS1QhrhT_ok46xpxZveam1M0gJ36VrnmuBfMy4qIVE1IuXf9FOmKsVMrrCCT9kiKyGJfFCkMYimtzkWKPb9cQVqDC8aj10hZIZRswr-FpV9TrK8lVgLZr2dHsH_-pwGd763tmBhjDHdpvwZVC0yuI0IKi-Jenv5VFAFDEPQFIqaouqi9EM6e7JzkXNnW-iWzpt0T7EhGED-Bc3IVr35CJq9TZqoTdUuspDrd8LHzjW32zrGLXPaHkvg8L4xCby1nIvFdFZiFT0QBX-3lrD7qJ6yehzAZdyjoS2Iln_kCZDBj360u9PgrFdqoztuXIna3ZVAgBre33ObTPIc1_BWU0ijCpKE9KXJflx5z4lJdtqsmkPOmjTsejrpEnso7asID92JCQsl1ptAvaBy4J-BqGcC-a6go0Ic8zrSiPOw7EekiQ4-EryDrFQQ2q7dnZBMtj9oUvUcLVsZR3ThEDy_KLVzAjZPtI2Lc5-mPHdy1e2dDcW65q-k7vyuf9Cpf9_HSR-kzIejGVIFT24xdfhn-sqKD9dZA&cid=CAQSMgBpAlJWNXYsYpmsByWY28_tuUgCE7Q6X-YKbaNUTa55j9EolLADrQwdNm2HBEuvliisGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ds=l&xdt=0&iif=1&cor=13487448795965192000&adk=1178474741&idt=250&cac=0&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 04:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Sep 2024 04:22:28 GMT

GET u788hubhfpg4
hal9000.redintelligence.net/zone/ Frame A55E 0
0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A55E 0
0 943ms
101ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuu2sMsx2MnsRdIznM7ycpIcCOcVKqjJwc0zEcIu8BXy9g45W9WmMf7YJbxiYh68fGbpWrofwPj68rAAPiccYebjL4DejcuJaWWzJhuWwSZ7JWrZVdE9aONF0Zc_YpiwpsjGp4tlHEr24ZqqRoW0AE6tOEWCLdYUU_bw7kRTlGMiAxxVYg5oq7cp2TZ_jf2jVB3bOGA7QXzipd9iWtpSNO4oOlJrWN2x7ZlwbOs8bIMYRHdcryvnHzqIUQVk1GaGuM3ayGqBghT23e3F5UvDN7qG4iGtvo4V1mQfPoE54o8b3ISmj9aOG1em3fh6WIWra7AdA&sai=AMfl-YSYwTVflBwPEtlYS2jDIgln593-6BoE8cATBQjb_fJvxN8i3DTzVXEMnrA1JmkvtjPA745c11L9_MyxnubViDIZFITSdjynDoMufVPDq0X0iL8C05XN1sNfluqSIzo&sig=Cg0ArKJSzL7bpXFCALAYEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Sep 2023 12:52:39 GMT

GET
H2 200 video5.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 337 KB
339 KB 156ms
155ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video5.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 5d95f53a5578a8535d127a7041191865e9651fe932cdb84dd6c2d08b6a8c518f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
cdn-edgestorageid: 874
cdn-storageserver: DE-383
cdn-cachedat: 08/18/2023 10:38:01
cdn-pullzone: 829957
content-length: 345544
last-modified: Fri, 18 Aug 2023 08:17:58 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 645
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 25900ab0eb28dd10a691c60ec7b077a6
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A55E 181 KB
57 KB 224ms
224ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:52:38 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame A6E1 30 KB
11 KB 183ms
182ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ACh7TQ8zkjqvSCnnYg-gYfoD2MO0iYduTok0uMwtkfNtScr16fjWxN5Hwsg7tAsB4by6ghvsiaNutrA5EOrLXrOr3Wdw4QZQqBzVXOa6NVUxohjEELerse6zQjfCfZOtqFyXBySq4sg2xpkaCIsptls517lnVD9w7_EFpK8yrKVkkXYAA&cry=1&dbm_d=AKAmf-BZ4rAPrjLG_iE0G3LuDE4tIXYRmFE0kWjtl_SS3krVH35ME2il9Jso4MfmCCMLs79bmlV6_Y-Fz3iNW-BKlz2Jqam4075FWHeWLIHG7PhTQhYo3M5gD2inVKSNdrLSFDI-3fU1wYRf6xX5RmgsyZHGWqTqKZ2XmN6hRYIMvFUAzZDwSWyI_9sBJwRGIB6GvHKirHitXLWIrubVvjztEO0V2VGAVpfSc9JOEreNlx_TyYoCihENjipHCsodOIQEepWqMb9Io38oeLlOVau_k3REcTLe4jlCm8tRqFmKDAdAgwr51zfeCY2lx19eWcgMrZhCucqahrGrdOqo1JfL4k7aPRka9xwJa8ffF-JOh_BgJfZ9rJB7JXOfKDTUx33FdSAG-sfI5pQODGosP0m2eIQrP3BCSbUgGTe21ueAg1b_9MslSXV_sboRIB0CSoCctLqTdwcew9o_3fXJKMiLhzkja-UFqCujuhTYj1CdRBM04qMLqu_K9TlKu_6tqFy-wBuz97xNcjQnAtod0Nyxe75IdTRgVMhuSNYOLf5Ww08nWIfm9doab7U81Zzy-gBN-SnyihS0Wghu9AstucwWw1V7Fu3GrYjYT0DuDtBs8AyOtEiMRTTJzNJQ-ltFElkm_dcRcfgvXfok2czmFmMhs2TJtuDz39X4DhfYMgoTtxJLVPihwv-NDLW-KV9HEX577kvVKvMrmJnoTEYb_ADeMqC10gHdS3M5liRMt8ID8_0xSklKU2KqGeY4-aw7TIK_HMIpcWuW8D8Dj_8wyKqzHfmA7fQ24ZlfqVNrpy7BjkF8cC_dqaWPxTFkKlvFQn-wNqVWCMtTtEjccUq2XrV77ubGBlJbBNe6n99t3HOWqRmyAwt1dvTCZrpik0krP5lkPoRZuHF90Q5JfMkM3KVdrwZkHiKf-e4KAbzmQy-AsLAXf0NgHBjq0PL3dz2ePNP17p_BjxU8nHKp0F2WoDcE18wJT6KuIUVe4nBBP7ovMR_Si7nCZuHPkrBFVIKUqSLqPG4OAfRvCrTLqg1R3ew7k6iIAfVHO8pRNdQXQ3tP6YgdRLFNGbHKgf3_ZEu_P9j2LsFvf3MU8DUAlC6-jvYCIHdVU63MG8_srbvSo0_GY9xhm3v-Whw8LFVMC0CIaeYWTlAdVDnlOWRJanDPYrqS4jRIuMQPwJDCouvoa92m8ENquQapcfNZcymCReF7iOCV5ZB7uyhkjd7YvWp5huO7OycXNzbB0V9tkpaqRnNwG7sfTe5q8fBOFJecb-QxDfFtoEoHSglJmty8XVlXuRmt6ShvSPMGbAgFRyqgYoHd8wNSdEBvdcNanA23JDTEdnt0k0_4JTmiLU_czWNYcuc3Kk896wDZmBK-8m_zaaMoDczuBHBjwmNRCxgbtvGOMGqdGn-jFMTOFHGwhzS79ZhFb0YJoC8r3pVddTiRQ_VbdbbOqhdBqEcDjbhDVAHRnMHCNmRqgmiZQK6Q3obrVY7wYF9XpB2EIcNAyxJQmz4NgCdK034wQIZv124zhKu8TIxFTYbp0ya0NoQP7F1N1Qrf_sMzkICl6YYgh4tVb5vA5ZIzKMNWFlyXm3RgKjKBnnl_Ilbilm0FLAqs6IBSwTbmkduq7BDf2_NPycMbpOHMEbgpXF1MjGMrpvKzsbHWRXGWbBR9UmvWzMEiUYo-peJxV4gwk9VxsxR7N9nRcPy7nGHobllJWAx7mIp5458ukb9myRncD_5Ww6gtN7J0_o91G1Xs7YYlmY64uL3EdSGTeU45RnIcJaGqrCeiH9wam9i3mvOejO3UR2_NqlYI2LmpGiydDk8epM58FO19tSaf19RlC2oxd95kfQlxHlzWP02_DSb2gEj-epWzIBNYXlCitNR_koxh7KL2zvwP6BCcfv70HT2iWEiR1dd-1rqYJHDw29WrYuaFwx5iTnFsLpuQbXD5yi5MzufwJ1kM_TBOtJ9mtHqzq4I0FDUkUHPPTsQVX8IWQMYsdXHnWfjQnPy0y01cYcyir86X2VQnwdzZ0YC3EzGMsIkn0K2y4pIuIRoKGvW3_FUc88ALXDacfSq6I19jZnb7L4Uc2fT_wDSPlouunTi1gCQ0Z7YpqzkabibwFIml7tc5jIMOTwj5G-CzR9E494ygQyA_76OIzv6gj-L01u3fUhSOYe5lEX69GPgIHYrELj_e8kN7AYcyghw-PUOlTCxTqrXzBrXIS9PfWuoAL4WJfGSnPM5Acn-blkw_rvoYHCm6nchuw1PxrENWf1n4oXR3sp14uCCYMcDvDdxx7oy5eZA0xBSEOvl8FEH99N2-yvIrzjYm6mktHHi-l88jgL9qBp_AhFcJolpMX6lIP7NG9PV6S0BEobtJSxVennwN14IQINsT8BCH_FUsz7rK_DiT8S6gBXPNgRjaMLl5MnYLPiMmAnNAdCP9ZdCKyvloQjpRHjbPowt1DUFJ-Guq3ocNJl6MtdCR9Ut5usc8WORMjeuROEwLBlvr-lzzwNL3jR_s2oY5Fd59nbA2-m2-gBRnXXD26f4f21FYQAiOGooW3dCCvPU6_axk5oYpS_grSB_C_oRTkwt_fcOEpnXdwCdA6WeePJxmj6zjMiInBWWn7fY2dfQ_baQnfSAikKJ_8h8gRhm-pceU-OhmpKa5n2MMTYY0r-nysvCo3GPxOLWjFPwcAtTCICHmLoVKWj9sTraEh5_Grp71QKZk0zuPPnuB9jRfFUly3Sm8Rz9JMlnKgmOFW7A120cqkPLunlI8WPnwKNNCTIJyfTzOPywnKat60OztnVkNyXJUwnCYkVOA1jBw-OHaB4E0JgQsjrbx2CJvN-GiZCdFiuQf60-ZqV9uvj2RU12gVlYA1RNZxojWkn12vAyB_UWKLxn7vt9ZIuRrOsu9yFkKcx7pxS8u_BeQ9asNkBbACpa2K-3UaBcGSFqSAzccbNDXsTSNry_gJEY82ZRvyc57ouQr4k4YW77fBQxz81SIfbVDPHCUCw59ZPVxg3--AAPvPY50uKASpZ11k67WebL_KL-wSbmy7_a_zLcx_ZnrefFIWPsTg7icMLLRM195b35J6eOrGRgt2syzI63y-ZBP36ROLmmmtshPbUDX6cHM0mugnq0x67aq4xE-S3RHVnhSirkFXxY_78bK9QsN1Yedan0SpXZFQEUNI8swi8Kpkw_vRrqduusKKGj-ZWoX8vtyfJxAP215WU2lueVbcGWCWkEnI_WmCl3RzNq4sf7VLcIKs8DU9C6esVr164wGkFzSQj70w7Q3VCMEQ4CzVs6tJW5XMEdmojRMVXj521pPBi4cmlTF_1C4DWIvbN5WgB3WnGLI1EH1tRBZDVNe-gtRPmBhtqrVVWHaIhZwZ2Htu1gMezcgiSPlqwx_H9PgvTJphjVhPcIMBV2LOzq1_BxzA5XujPXVQWNztkvZgwZWG9m_0mV2H_QVuHjc5QUPcVfHm8tbJqoKvIV79nIDfeExNXj02B8D_0Gvzo2v9bI7DKXP9ud7YihoGlB2Ju1HXvaI4BmnMI_FPcxHetmg3hijQjZE2f9L2XJvsMGnAIHnk7CKY2hgqdhTha6tTPi0vjP9OgQHZIV-fPSuRMpnQkb_RIVaomC9eGaVCVqR0GdqX1-pG6fOEdomzm8fzF2c4HwXTRIt5kZXALinU44TnjX5SQ7TR2H2kUlztpSRg_kF9_AEmNgwhAHXCQvrmJ77d2ynbFG4Vc1cWjdgbPRCdDk8dfuSyqp_GyJt_CrOunNIvMy0PNya-k71ISP3LtvZPuLi9oCbmYOd-fBIjHi5ncZGQ684xfTIP_x6aUQPd2hI8feplUKL46_6BJ9dJhkfbw81V1_IoURcsm9QbJ4-ElZQGPRRDjAdbwgw3fxr3STdA9m9xQmGGJ1y0BlJCB6erTBI4iS6lFu5Z8OA&cid=CAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g_u3x8hgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=13981052834583628000&adk=792902355&idt=347&cac=0&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:01:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Sep 2023 14:01:07 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A6E1 41 KB
13 KB 576ms
575ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 04:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Sep 2024 04:22:28 GMT

GET
H2 200 banner Show response
ad4.adfarm1.adition.com/ Frame A6E1 6 KB
3 KB 574ms
573ms Script
text/javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/banner?sid=4787111&adjsver=3&fvers=&iframe=1&ref=https%3A//www.bg3.co/&ro=https%3A//e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=7274952855952886794&wi=1751459225&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdN9MFdP1ZMfYKs2j7%5FUPmvOL%2DA6t8KXecp%2De6LGIEdq24u%2DaOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC%5FGyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH%5FWtLt%5FeI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d%2DOROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v%5FwMudxSQtzbdHOlrHRFi4mbtUMjx%5FCPlGw5FozekRKC1uyAFv5K8%2DevhF9%2Dw%5FZs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW%5FYsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g%5Fu3x8hgB%26sig%3DAOD64%5F18ovVlEVRNVhVt7sD%5FXe3OYNNr6A%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM%2DfLQfSh6KgItvqNagcsSCrxYadsy%5FrmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG%5F0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT%2Drb%2DU9A3RqMNQ5m0MuJxKAT9WGNgQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7%2D70dzX4Dgqz32Tx5SQK%2Dw97Jl%2DoeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b%5FFq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ%5FLEArk68sHM1R2NNc%2Dppk85wur7BFq%5FSUJDETHoQz0uDRyphmBqdh5t4Ie%2DxpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF%5Fh9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5%5FXXS5IScbG6Q%5FET1K06nnDxO5T8NvovWWgd%5FXi1QKhZ%2DNsnDny0WoX3zzcKRQ%5Fk3ySFOYNJEvgNeBuKAWv8XMp5Qjre%2DyItri%5F%5F5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH%2DLISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh%2DYEWOM%26adurl%3D&gclid=EAIaIQobChMIh7eX4f%2DQgQMVzdG7CB2a%2DQLvEAEYASAAEgIGkPD%5FBwE
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4787111&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CdN9MFdP1ZMfYKs2j7_UPmvOL-A6t8KXecp-e6LGIEdq24u-aOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC_GyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH_WtLt_eI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d-OROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v_wMudxSQtzbdHOlrHRFi4mbtUMjx_CPlGw5FozekRKC1uyAFv5K8-evhF9-w_Zs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW_YsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB_DrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE&ae=1&gclid=EAIaIQobChMIh7eX4f-QgQMVzdG7CB2a-QLvEAEYASAAEgIGkPD_BwE&num=1&cid=CAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g_u3x8hgB&sig=AOD64_18ovVlEVRNVhVt7sD_Xe3OYNNr6A&client=ca-pub-8933329999391104&dbm_c=AKAmf-CfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM-fLQfSh6KgItvqNagcsSCrxYadsy_rmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG_0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT-rb-U9A3RqMNQ5m0MuJxKAT9WGNgQ&cry=1&dbm_d=AKAmf-BD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7-70dzX4Dgqz32Tx5SQK-w97Jl-oeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b_Fq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ_LEArk68sHM1R2NNc-ppk85wur7BFq_SUJDETHoQz0uDRyphmBqdh5t4Ie-xpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF_h9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5_XXS5IScbG6Q_ET1K06nnDxO5T8NvovWWgd_Xi1QKhZ-NsnDny0WoX3zzcKRQ_k3ySFOYNJEvgNeBuKAWv8XMp5Qjre-yItri__5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH-LISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh-YEWOM&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: e2c829ffe184eb5a5342545b5dadacc84cfc856b11a3732513ad882624f882a6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 14:52:39 +0200
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3104 22 KB
8 KB 556ms
556ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 98579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 09:29:40 GMT
expires: Mon, 02 Sep 2024 09:29:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET ecmg
px.owneriq.net/ Frame 26F9 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26F9
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESENlLbEhzjnfh60AVCqW_oJo&google_cver=1&google_push=AXcoOmT0wKMSw9ynSftRZRGmVP7izExdZ0VYgVk73-nTcLe68BBlA1lt181Ct0kscLwdItrAZbye8zBOlg07W_Kv0L0zsdiM-HA
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823004513490

170 B
188 B

199ms
196ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823004513490

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823004513490
content-length: 0

GET us
sync.go.sonobi.com/ Frame 26F9 0
0

GET -
s.ad.smaato.net/c/n/// Frame 26F9 0
0

GET ebda
match.360yield.com/match/ Frame 26F9 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26F9
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEA6Apa4Pjqcuvqhh6D_tLw8&google_cver=1&google_push=AXcoOmTxigWLNpkE7ritoe4AnOMzH36jNxNk35Ik6X1Kb8ALiYvtxKn213syUKTy5gji8SXaZuhndk_szI6sXM-JKa5Yv_nJKqZ8
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM2ODMzNTU4OTA3NDYyMTAwMFYxMA%3d%3d&mn_hm=MzM2ODMzNTU4OTA3NDYyMTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTxigWLNpkE7ritoe4AnOMzH36...

170 B
188 B

223ms
221ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM2ODMzNTU4OTA3NDYyMTAwMFYxMA%3d%3d&mn_hm=MzM2ODMzNTU4OTA3NDYyMTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTxigWLNpkE7ritoe4AnOMzH36jNxNk35Ik6X1Kb8ALiYvtxKn213syUKTy5gji8SXaZuhndk_szI6sXM-JKa5Yv_nJKqZ8&gdpr=&gdpr_consent=

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 12:52:39 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM2ODMzNTU4OTA3NDYyMTAwMFYxMA%3d%3d&mn_hm=MzM2ODMzNTU4OTA3NDYyMTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTxigWLNpkE7ritoe4AnOMzH36jNxNk35Ik6X1Kb8ALiYvtxKn213syUKTy5gji8SXaZuhndk_szI6sXM-JKa5Yv_nJKqZ8&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Mon, 04 Sep 2023 12:52:39 GMT

GET /
cc.adingo.jp/adx/push/ Frame 26F9 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 26F9 0
12 B 559ms
558ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L38UtU4hhdZ0In-SPVkC9E7yRmyeBuE2V3AIJbxwoL9vg991Nv6Nh7N_WGQvfh6m24BScJ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 logo_big.jpg
imagesrv.adition.com/banners/268/01/09/6a/c0/images/ Frame 65A5 23 KB
24 KB 556ms
556ms Image
image/jpeg 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/09/6a/c0/images/logo_big.jpg?1674744172270
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693824755&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693831954601&bpp=424&bdt=1936&idt=789&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=7481342093613&frm=23&ife=1&pv=1&ga_vid=2028617141.1693831955&ga_sid=1693831955&ga_hid=186727165&ga_fc=0&ga_cid=amp-8egML7Ct6COpbVD1sVxY9A&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1000899801&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31077372%2C31077443%2C31077522%2C31077559%2C31077550&oid=2&pvsid=3390865890185771&tmod=610610474&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mbnd5fxsfzy2&fsb=1&dtd=804
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: bc35bff6f4660cfbf91df8ab0b8deb9b816ca875e0a680362d75dac92d56088f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/09/6a/c0/Mueller_generisch_300x250_x_211022_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvLkyE9P1ZKXIIrzB%5FtMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr%2DzAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk%5FD9wcKWNS7jQ%5FDv8nBcTY1M7uUBSnLmxyABJ%5FSRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1%5F0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc%5FMD9MfKJ9CZRTeL8%5F7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM%5FTn5UnyIlb8hGXWO8y%2Dcu24%5FRZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv%5FABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGF0yAooCOgKAQEi9%5FcE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE%26sig%3DAOD64%5F00zkwiba%2DYgSFDEC%2DPOhSonSKVSA%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DDbZ8i%5FMmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw%2Dj8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj%2D6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD%5FGqKv9Q%2DfEVdw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b%5Ffe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk%5FSvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn%5FIk%5FpJ595P%5FerZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn%5F3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe%2DuV%2DwNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX%5F7IbFogbAUPbeWKynKO835Ns%5FvoclPxQacYRH9yAUU3FHdpPZI%5FS2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh%5FLvP%5FanCa7Ofbkw5mBAUD%5FdBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5%5FxfWKfF%5FhuS9khTKT7jLLPHHwEYAv84AcG81%5Ft6poKSDrUAax%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952855957212170%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D63869%2526keyword%253D%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952860247657229%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17394368%2526c%253D28805%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMI5Z2V4P%2DQgQMVvKB%5FBB0s8A6DEAEYASAAEgLWzfD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 12:52:39 GMT
last-modified: Thu, 04 Nov 2021 11:11:28 GMT
accept-ranges: bytes
etag: "3893391325"
content-length: 23978
content-type: image/jpeg

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8269 15 KB
12 KB 550ms
550ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230830&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07a6a21519124eb8c602f911e21da2f6df7ff430472c4a2e8d46638565d908f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11823
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame D188 5 KB
778 B 490ms
489ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=69230100099624304438458012437021&a=2028476e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Sep 2023 12:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 11:12:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Sep 2023 12:52:39 GMT

GET /
hal9000.redintelligence.net/scale/ Frame D188 0
0

GET cshow.php
www.awin1.com/ Frame D188 0
0

GET /
hal9000.redintelligence.net/scale/ Frame D188 0
0

GET
H2 200 video6.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 205 KB
205 KB 425ms
424ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video6.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 387693ae9129954676f66cc2f2d2352e94457c2ff461f778551af1594585d90c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:39 GMT
cdn-edgestorageid: 1047
cdn-storageserver: DE-51
cdn-cachedat: 08/18/2023 10:38:02
cdn-pullzone: 829957
content-length: 209432
last-modified: Fri, 18 Aug 2023 08:18:06 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 653
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: e79a7b08faa9fbe97eb7c2c0231b0964
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ Frame A55E 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2c4a72b37804abbe02d4880629cb7fbf20e5fccc8da30d83dfd0e02c2d0f92b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
821 B 560ms
548ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693831959114&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1546&pt=1650706199&tz=120&viewable=true&ddast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4e99d4830fdcb94b709fc933d292b37154386f86e909b12c2d70f04ec6a9e743

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:39 GMT
content-encoding: gzip
server: nginx
machineid: 1480
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET viewability
hal900021.redintelligence.net/ Frame D188 0
0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8269 17 KB
6 KB 257ms
252ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 12:52:39 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame A6E1 32 KB
8 KB 177ms
177ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4787111&adjsver=3&fvers=&iframe=1&ref=https%3A//www.bg3.co/&ro=https%3A//e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=7274952855952886794&wi=1751459225&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdN9MFdP1ZMfYKs2j7%5FUPmvOL%2DA6t8KXecp%2De6LGIEdq24u%2DaOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC%5FGyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH%5FWtLt%5FeI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d%2DOROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v%5FwMudxSQtzbdHOlrHRFi4mbtUMjx%5FCPlGw5FozekRKC1uyAFv5K8%2DevhF9%2Dw%5FZs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW%5FYsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g%5Fu3x8hgB%26sig%3DAOD64%5F18ovVlEVRNVhVt7sD%5FXe3OYNNr6A%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM%2DfLQfSh6KgItvqNagcsSCrxYadsy%5FrmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG%5F0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT%2Drb%2DU9A3RqMNQ5m0MuJxKAT9WGNgQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7%2D70dzX4Dgqz32Tx5SQK%2Dw97Jl%2DoeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b%5FFq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ%5FLEArk68sHM1R2NNc%2Dppk85wur7BFq%5FSUJDETHoQz0uDRyphmBqdh5t4Ie%2DxpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF%5Fh9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5%5FXXS5IScbG6Q%5FET1K06nnDxO5T8NvovWWgd%5FXi1QKhZ%2DNsnDny0WoX3zzcKRQ%5Fk3ySFOYNJEvgNeBuKAWv8XMp5Qjre%2DyItri%5F%5F5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH%2DLISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh%2DYEWOM%26adurl%3D&gclid=EAIaIQobChMIh7eX4f%2DQgQMVzdG7CB2a%2DQLvEAEYASAAEgIGkPD%5FBwE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:39 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad2.adfarm1.adition.com/ Frame A6E1 4 KB
3 KB 179ms
178ms Script
application/x-javascript 217.79.188.21
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.adfarm1.adition.com/js?wp_id=4389193&gdpr=0&gdpr_consent=&ts=7274952864549374986&kid=5609187&keyword=PACS_4787111_17068013&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdN9MFdP1ZMfYKs2j7%5FUPmvOL%2DA6t8KXecp%2De6LGIEdq24u%2DaOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC%5FGyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH%5FWtLt%5FeI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d%2DOROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v%5FwMudxSQtzbdHOlrHRFi4mbtUMjx%5FCPlGw5FozekRKC1uyAFv5K8%2DevhF9%2Dw%5FZs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW%5FYsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g%5Fu3x8hgB%26sig%3DAOD64%5F18ovVlEVRNVhVt7sD%5FXe3OYNNr6A%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM%2DfLQfSh6KgItvqNagcsSCrxYadsy%5FrmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG%5F0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT%2Drb%2DU9A3RqMNQ5m0MuJxKAT9WGNgQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7%2D70dzX4Dgqz32Tx5SQK%2Dw97Jl%2DoeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b%5FFq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ%5FLEArk68sHM1R2NNc%2Dppk85wur7BFq%5FSUJDETHoQz0uDRyphmBqdh5t4Ie%2DxpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF%5Fh9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5%5FXXS5IScbG6Q%5FET1K06nnDxO5T8NvovWWgd%5FXi1QKhZ%2DNsnDny0WoX3zzcKRQ%5Fk3ySFOYNJEvgNeBuKAWv8XMp5Qjre%2DyItri%5F%5F5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH%2DLISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh%2DYEWOM%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952864549374986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D56087%2526keyword%253D%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIh7eX4f%2DQgQMVzdG7CB2a%2DQLvEAEYASAAEgIGkPD%5FBwE
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4787111&adjsver=3&fvers=&iframe=1&ref=https%3A//www.bg3.co/&ro=https%3A//e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=7274952855952886794&wi=1751459225&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdN9MFdP1ZMfYKs2j7%5FUPmvOL%2DA6t8KXecp%2De6LGIEdq24u%2DaOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC%5FGyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH%5FWtLt%5FeI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d%2DOROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v%5FwMudxSQtzbdHOlrHRFi4mbtUMjx%5FCPlGw5FozekRKC1uyAFv5K8%2DevhF9%2Dw%5FZs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW%5FYsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g%5Fu3x8hgB%26sig%3DAOD64%5F18ovVlEVRNVhVt7sD%5FXe3OYNNr6A%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM%2DfLQfSh6KgItvqNagcsSCrxYadsy%5FrmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG%5F0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT%2Drb%2DU9A3RqMNQ5m0MuJxKAT9WGNgQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7%2D70dzX4Dgqz32Tx5SQK%2Dw97Jl%2DoeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b%5FFq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ%5FLEArk68sHM1R2NNc%2Dppk85wur7BFq%5FSUJDETHoQz0uDRyphmBqdh5t4Ie%2DxpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF%5Fh9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5%5FXXS5IScbG6Q%5FET1K06nnDxO5T8NvovWWgd%5FXi1QKhZ%2DNsnDny0WoX3zzcKRQ%5Fk3ySFOYNJEvgNeBuKAWv8XMp5Qjre%2DyItri%5F%5F5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH%2DLISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh%2DYEWOM%26adurl%3D&gclid=EAIaIQobChMIh7eX4f%2DQgQMVzdG7CB2a%2DQLvEAEYASAAEgIGkPD%5FBwE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad2.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 064e557ed43bc6a364b21aecc0ccdb660522cc861cc71634d2d40f1d1baf4026

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Mon, 04 Sep 2023 14:52:39 +0200
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F65E 22 KB
8 KB 241ms
241ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 98579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 09:29:40 GMT
expires: Mon, 02 Sep 2024 09:29:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame D188 14 KB
15 KB 565ms
90ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900021.redintelligence.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 21:33:46 GMT
x-content-type-options: nosniff
age: 314334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Aug 2024 21:33:46 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame D188 15 KB
15 KB 577ms
102ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900021.redintelligence.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 09:02:57 GMT
x-content-type-options: nosniff
age: 272983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 09:02:57 GMT

GET
H2 200 prod_300_1.jpg
imagesrv.adition.com/banners/268/01/09/6a/c0/images/ Frame 65A5 7 KB
7 KB 238ms
238ms Image
image/jpeg 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/09/6a/c0/images/prod_300_1.jpg?1674744172270
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 15d3e6f287e8e43c6afed8ac2d459c4956cd03dcef6e6e0d1dbc4d946befa78a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/09/6a/c0/Mueller_generisch_300x250_x_211022_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvLkyE9P1ZKXIIrzB%5FtMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr%2DzAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk%5FD9wcKWNS7jQ%5FDv8nBcTY1M7uUBSnLmxyABJ%5FSRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1%5F0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc%5FMD9MfKJ9CZRTeL8%5F7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM%5FTn5UnyIlb8hGXWO8y%2Dcu24%5FRZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv%5FABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGF0yAooCOgKAQEi9%5FcE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE%26sig%3DAOD64%5F00zkwiba%2DYgSFDEC%2DPOhSonSKVSA%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DDbZ8i%5FMmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw%2Dj8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj%2D6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD%5FGqKv9Q%2DfEVdw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b%5Ffe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk%5FSvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn%5FIk%5FpJ595P%5FerZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn%5F3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe%2DuV%2DwNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX%5F7IbFogbAUPbeWKynKO835Ns%5FvoclPxQacYRH9yAUU3FHdpPZI%5FS2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh%5FLvP%5FanCa7Ofbkw5mBAUD%5FdBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5%5FxfWKfF%5FhuS9khTKT7jLLPHHwEYAv84AcG81%5Ft6poKSDrUAax%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952855957212170%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D63869%2526keyword%253D%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952860247657229%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17394368%2526c%253D28805%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMI5Z2V4P%2DQgQMVvKB%5FBB0s8A6DEAEYASAAEgLWzfD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 12:52:39 GMT
last-modified: Thu, 04 Nov 2021 11:11:28 GMT
accept-ranges: bytes
etag: "3628198965"
content-length: 7010
content-type: image/jpeg

GET
H2 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame 3104 38 KB
15 KB 229ms
229ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Sep 2024 12:47:35 GMT

GET
H2 200 video7.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 228 KB
229 KB 150ms
150ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video7.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 2d1d38e921b2af298d6913929f27f091a9e80788ececa370657e2bae396c0e6b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:39 GMT
cdn-edgestorageid: 722
cdn-storageserver: DE-165
cdn-cachedat: 08/18/2023 10:38:03
cdn-pullzone: 829957
content-length: 233496
last-modified: Fri, 18 Aug 2023 08:17:57 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 645
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 76cae76d0ed9877a48bc2912922009b7
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
117 B 176ms
175ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 04 Sep 2023 12:52:39 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4F6F 156 B
186 B 380ms
380ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=3032074463053824&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=E4E5ED9A-8C8A-4F9D-82BC-8A5220C53399&a3p=EhkKCnB1YmNpZC5vcmcYh4WCgqYxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIeFgoKmMUgAUgIIZBIZCgp1aWRhcGkuY29tGIeFgoKmMUgAUgIIZBIUCgVvcGVueBiHhYKCpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGIeFgoKmMUgAUgIIZA..&nel=0&eid=420706098%2C44750823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dlt=1693831951089&idt=5383&dt=1693831959663&cookie=ID%3Df9ed3c550e4b5e5c-22e363f666de0023%3AT%3D1693831956%3ART%3D1693831956%3AS%3DALNI_MbhPi_Lx4YtnDPZPXgSXaIUXyj9uA&gpic=UID%3D00000c6ef83ff7e2%3AT%3D1693831956%3ART%3D1693831956%3AS%3DALNI_MYtkc6IQPUlJs6FV160220h_mwajg&scor=4388668632993680&ged=ve4_td9_tt3_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 banner Show response
ad2.adfarm1.adition.com/ Frame A6E1 11 KB
4 KB 159ms
159ms Script
text/javascript 217.79.188.21
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.adfarm1.adition.com/banner?sid=4389193&adjsver=3&fvers=&iframe=1&ref=https%3A//www.bg3.co/&ro=https%3A//e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=7274952855952886794&kid=5609187&kw=PACS%5F4787111%5F17068013&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdN9MFdP1ZMfYKs2j7%5FUPmvOL%2DA6t8KXecp%2De6LGIEdq24u%2DaOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC%5FGyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH%5FWtLt%5FeI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d%2DOROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v%5FwMudxSQtzbdHOlrHRFi4mbtUMjx%5FCPlGw5FozekRKC1uyAFv5K8%2DevhF9%2Dw%5FZs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW%5FYsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g%5Fu3x8hgB%26sig%3DAOD64%5F18ovVlEVRNVhVt7sD%5FXe3OYNNr6A%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM%2DfLQfSh6KgItvqNagcsSCrxYadsy%5FrmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG%5F0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT%2Drb%2DU9A3RqMNQ5m0MuJxKAT9WGNgQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7%2D70dzX4Dgqz32Tx5SQK%2Dw97Jl%2DoeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b%5FFq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ%5FLEArk68sHM1R2NNc%2Dppk85wur7BFq%5FSUJDETHoQz0uDRyphmBqdh5t4Ie%2DxpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF%5Fh9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5%5FXXS5IScbG6Q%5FET1K06nnDxO5T8NvovWWgd%5FXi1QKhZ%2DNsnDny0WoX3zzcKRQ%5Fk3ySFOYNJEvgNeBuKAWv8XMp5Qjre%2DyItri%5F%5F5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH%2DLISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh%2DYEWOM%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952864549374986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D56087%2526keyword%253D%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gclid=EAIaIQobChMIh7eX4f%2DQgQMVzdG7CB2a%2DQLvEAEYASAAEgIGkPD%5FBwE
Requested by: Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=4389193&gdpr=0&gdpr_consent=&ts=7274952864549374986&kid=5609187&keyword=PACS_4787111_17068013&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdN9MFdP1ZMfYKs2j7%5FUPmvOL%2DA6t8KXecp%2De6LGIEdq24u%2DaOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC%5FGyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH%5FWtLt%5FeI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d%2DOROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v%5FwMudxSQtzbdHOlrHRFi4mbtUMjx%5FCPlGw5FozekRKC1uyAFv5K8%2DevhF9%2Dw%5FZs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW%5FYsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g%5Fu3x8hgB%26sig%3DAOD64%5F18ovVlEVRNVhVt7sD%5FXe3OYNNr6A%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM%2DfLQfSh6KgItvqNagcsSCrxYadsy%5FrmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG%5F0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT%2Drb%2DU9A3RqMNQ5m0MuJxKAT9WGNgQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7%2D70dzX4Dgqz32Tx5SQK%2Dw97Jl%2DoeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b%5FFq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ%5FLEArk68sHM1R2NNc%2Dppk85wur7BFq%5FSUJDETHoQz0uDRyphmBqdh5t4Ie%2DxpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF%5Fh9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5%5FXXS5IScbG6Q%5FET1K06nnDxO5T8NvovWWgd%5FXi1QKhZ%2DNsnDny0WoX3zzcKRQ%5Fk3ySFOYNJEvgNeBuKAWv8XMp5Qjre%2DyItri%5F%5F5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH%2DLISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh%2DYEWOM%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952864549374986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D56087%2526keyword%253D%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIh7eX4f%2DQgQMVzdG7CB2a%2DQLvEAEYASAAEgIGkPD%5FBwE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad2.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 3aaa0f90bcaf99240739512df111711f22ec1e1df462a6175169062ae8cbe6ae

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 14:52:39 +0200
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BC84 13 KB
5 KB 141ms
140ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1256
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:31:43 GMT
expires: Tue, 03 Sep 2024 12:31:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1EA9 829 B
789 B 93ms
93ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

036bf9c6b8e3ece662ae8c14ad1adaeb19941af286227eaa1e6c35b1e9f59ce4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vGCBwmhtcZ6ZvlKMAQm_1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-vGCBwmhtcZ6ZvlKMAQm_1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:39 GMT
expires: Mon, 04 Sep 2023 12:52:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 prod_300_2.jpg
imagesrv.adition.com/banners/268/01/09/6a/c0/images/ Frame 65A5 10 KB
10 KB 109ms
109ms Image
image/jpeg 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/09/6a/c0/images/prod_300_2.jpg?1674744172270
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: ebee2fe89ab9dc831b10d4d7a0d5d4adfd395aca5332d939ed0efbfe41b03179

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/09/6a/c0/Mueller_generisch_300x250_x_211022_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvLkyE9P1ZKXIIrzB%5FtMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr%2DzAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk%5FD9wcKWNS7jQ%5FDv8nBcTY1M7uUBSnLmxyABJ%5FSRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1%5F0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc%5FMD9MfKJ9CZRTeL8%5F7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM%5FTn5UnyIlb8hGXWO8y%2Dcu24%5FRZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv%5FABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGF0yAooCOgKAQEi9%5FcE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE%26sig%3DAOD64%5F00zkwiba%2DYgSFDEC%2DPOhSonSKVSA%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DDbZ8i%5FMmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw%2Dj8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj%2D6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD%5FGqKv9Q%2DfEVdw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b%5Ffe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk%5FSvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn%5FIk%5FpJ595P%5FerZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn%5F3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe%2DuV%2DwNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX%5F7IbFogbAUPbeWKynKO835Ns%5FvoclPxQacYRH9yAUU3FHdpPZI%5FS2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh%5FLvP%5FanCa7Ofbkw5mBAUD%5FdBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5%5FxfWKfF%5FhuS9khTKT7jLLPHHwEYAv84AcG81%5Ft6poKSDrUAax%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952855957212170%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D63869%2526keyword%253D%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952860247657229%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17394368%2526c%253D28805%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMI5Z2V4P%2DQgQMVvKB%5FBB0s8A6DEAEYASAAEgLWzfD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 12:52:39 GMT
last-modified: Fri, 26 Feb 2021 10:43:03 GMT
accept-ranges: bytes
etag: "2114195158"
content-length: 9797
content-type: image/jpeg

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A55E 42 B
174 B 198ms
198ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5SfK-cC46gO3w8L4JTXoXe4GB3kvL69KxLGF3lY6YuEBOxiid_aU6Wu2zYfJN4ovTHgy6pcv_q558VqIGdGlUd5OSfad3ZjNWzOChQQtM_vrpD4wNffLi6ziPc2YR&sig=Cg0ArKJSzNjVP-dhwcR8EAE&id=lidar2&mcvt=1023&p=1110,650,1160,950&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2825066673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693831958200&rpt=561&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame F65E 38 KB
15 KB 114ms
114ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Sep 2024 12:47:35 GMT

POST
H2 204 visible Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
253 B 162ms
162ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=10638&tvi50=12238&route=IL%3AIL%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 64
date: Mon, 04 Sep 2023 12:52:39 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 62164
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-ams21033-AMS
pragma: no-cache
server: nginx
x-timer: S1693831960.859983,VS0,VE64
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 video8.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 267 KB
268 KB 119ms
118ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video8.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 25d2d2d08f72ff6fb277f8a16ccf6204380e718197aa5ab8fe91c82222698aab

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:39 GMT
cdn-edgestorageid: 1055
cdn-storageserver: DE-51
cdn-cachedat: 08/18/2023 10:38:04
cdn-pullzone: 829957
content-length: 273164
last-modified: Fri, 18 Aug 2023 08:17:57 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 657
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 588b5def41bdb5951d3c6f58cb5b8903
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html Show response
imagesrv.adition.com/banners/268/01/03/c1/23/ Frame D2BB 3 KB
1 KB 109ms
109ms Document
text/html 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdN9MFdP1ZMfYKs2j7%5FUPmvOL%2DA6t8KXecp%2De6LGIEdq24u%2DaOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC%5FGyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH%5FWtLt%5FeI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d%2DOROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v%5FwMudxSQtzbdHOlrHRFi4mbtUMjx%5FCPlGw5FozekRKC1uyAFv5K8%2DevhF9%2Dw%5FZs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW%5FYsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g%5Fu3x8hgB%26sig%3DAOD64%5F18ovVlEVRNVhVt7sD%5FXe3OYNNr6A%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM%2DfLQfSh6KgItvqNagcsSCrxYadsy%5FrmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG%5F0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT%2Drb%2DU9A3RqMNQ5m0MuJxKAT9WGNgQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7%2D70dzX4Dgqz32Tx5SQK%2Dw97Jl%2DoeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b%5FFq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ%5FLEArk68sHM1R2NNc%2Dppk85wur7BFq%5FSUJDETHoQz0uDRyphmBqdh5t4Ie%2DxpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF%5Fh9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5%5FXXS5IScbG6Q%5FET1K06nnDxO5T8NvovWWgd%5FXi1QKhZ%2DNsnDny0WoX3zzcKRQ%5Fk3ySFOYNJEvgNeBuKAWv8XMp5Qjre%2DyItri%5F%5F5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH%2DLISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh%2DYEWOM%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952864549374986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D56087%2526keyword%253D%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952868841917197%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D43658%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIh7eX4f%2DQgQMVzdG7CB2a%2DQLvEAEYASAAEgIGkPD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: ab9a2aa06c9954233dfa03111f9ba193dd70a6c2e889b317023b3be6e81ad572

Request headers

Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
content-length: 1088
content-type: text/html
date: Mon, 04 Sep 2023 12:52:39 GMT
etag: "1930707213-br"
last-modified: Thu, 01 Jun 2023 08:54:58 GMT
vary: Accept-Encoding

GET
H2 200 oba_priv.sjs Show response
imagesrv.adition.com/banners/270/ Frame A6E1 2 KB
658 B 137ms
136ms Script
text/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7274952864549374986&btr=true&pos=top-right&cid=558342&aid=558342
Requested by: Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 358ff1d9cf54a3db746c970bd0d1ab5a634cb955caeddac2da129c5b33f2915f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 12:52:39 GMT
content-encoding: br
content-length: 620
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 73FD 1 KB
691 B 107ms
106ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 5920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 05 Sep 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A6E1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdfd0b635becce6342b6aaf0a13f64430cd199a7b02f1b4c0bab08f08fe81aed

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1EA9 0
0 214ms
214ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230830&jk=3390865890185771&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 prod_300_3.jpg
imagesrv.adition.com/banners/268/01/09/6a/c0/images/ Frame 65A5 5 KB
5 KB 117ms
116ms Image
image/jpeg 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/09/6a/c0/images/prod_300_3.jpg?1674744172270
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 0318e90a8ec40e69316028da80d4ad662dcbf74ed28cb6634282099de70829db

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/09/6a/c0/Mueller_generisch_300x250_x_211022_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvLkyE9P1ZKXIIrzB%5FtMPrOC7mAje0qrfcr6FuZHaEJfPor3AARABINLMgRpg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBIQCT9AbARkx4D0u2ahHjDlr%2DzAARDraqsD5n8RSb1HxZxF9RKc8kt6OGbZk%5FD9wcKWNS7jQ%5FDv8nBcTY1M7uUBSnLmxyABJ%5FSRO9XHh3atml77EIJQVqYnnKGgDKrq5WUjBT7UoJHHo6bJ9rZ1%5F0yIdtDBIXv8WRmptuD6Nop434iT7A3YbCLc%5FMD9MfKJ9CZRTeL8%5F7BhNYAtWcrdHngVSMiIIBnv6ORW5twfzkfgz7xpOjziRbvpJ0K0DKFM%5FTn5UnyIlb8hGXWO8y%2Dcu24%5FRZdtjv6vhtvqoNe0i6jcMDJueVlbNtI7h059Qtf0nEXbgWpn1ZD6pmpeF6R0MB5eBKWHWEv%5FABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGF0yAooCOgKAQEi9%5FcE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWz5deVvFQTwO4qW75OeWM2EYTWOMll3VsITMBXUWfWI3eSt6wGAE%26sig%3DAOD64%5F00zkwiba%2DYgSFDEC%2DPOhSonSKVSA%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DDbZ8i%5FMmNIfHrpvZJ9XNGnvXBoWU9AEcENVoALD25JyySPHayS245bRuWviEon4PMVAKUeqw%2Dj8N8LiVSReruiJEe0eFrXsX7XLOuDDgcY7JqV6CCT47BleJRfi7cEzj%2D6ARajDBycDV3his0KYcuTwUvjnRhJLVBbUD%5FGqKv9Q%2DfEVdw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBL0VC0bbzxCuWMX72DflE2LCJfkAk1eH04qXb3s5b%5Ffe1FExYKbqFkwZln293ujTuf5dspZK8p2mtVSzkk%5FSvSAXleXH0MYPYo393PeUFWhOU2TW1j7nkvTnOSPIk414owKmfG6DLG1bUS1QDxRBcw5jFzNUTQih0pyOyAMoBmYiYK8w3eUHm9KHHE2QzDcwWRK7m17XF3wiisSZYD5uCmuywn%5FIk%5FpJ595P%5FerZjjIXzoIyGyR0zPyI5c2SHPOtHHgVt5duMj656w8zzLd2ClgVjy3qU7247esU8wNScy6BWNQSsX4SbFUibVCYg6PmGF0jHu4ZJncd5oU171RwQxcjMvzDOmANHIrDKsPkhrCM7ANjZHR1U4XMVea5Yu3J4Oh76q8PScbrv4SM5TEi5s6rj2XfL6gPn%5F3pES2ekdgXTv8VoEdgRyjcWXFSuBGXKe%2DuV%2DwNt1rmRBMd9Mlv5kYWehH1FeNUAQpmsXX%5F7IbFogbAUPbeWKynKO835Ns%5FvoclPxQacYRH9yAUU3FHdpPZI%5FS2d4Yld1tAS47ne0u15tGrKd7a3rHfshkI6t5YJPPofoh%5FLvP%5FanCa7Ofbkw5mBAUD%5FdBMzk9lfnYHnUR4iVSjGMWnGPiJlFhQOvvZAC1HqFbZwfjgAjyGmSeL5%5FxfWKfF%5FhuS9khTKT7jLLPHHwEYAv84AcG81%5Ft6poKSDrUAax%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952855957212170%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D63869%2526keyword%253D%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952860247657229%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17394368%2526c%253D28805%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMI5Z2V4P%252DQgQMVvKB%255FBB0s8A6DEAEYASAAEgLWzfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMI5Z2V4P%2DQgQMVvKB%5FBB0s8A6DEAEYASAAEgLWzfD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 12:52:39 GMT
last-modified: Thu, 04 Nov 2021 11:11:28 GMT
accept-ranges: bytes
etag: "2316986368"
content-length: 5551
content-type: image/jpeg

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3104 0
63 B 206ms
205ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbXcSFtP1ZMfXItT1-gabi5KoBwAAAAA4AeAEAg&bg=!TE-lTwDNAAYHwnCgJ8I7ADQBe5WfOPmyLm1wW4deHzUKkeHzZQ4g_lQlGRCmXMizWAsKJ5GUKhG8vsbF5t_snIbTvOHFAgAAAIZSAAAABGgBBwoAO2-0Q1vN2QijojWrNzZBX7caIdrznEZMhj17I2dSHx9uBgQte_6YlM0eO6qBG_ONGqXSeY3V-enMWRjRmQLGU0_eh4t1busmXthdVTivXSf9QhSXI4KgtIZLU0bJK621wGnZ0l3Z1WqBwe4BAa21U18nIclAYBIk4KlA8f7TziNtFuF2E9fFVUPP9WpgCRhhgpQaH_dkBXuWClTnQOBwhRjCHFrA7BIaMQOp9FbmVXDEfh_Xw61ikqh4EiP-_J6YHavAP_3VseNityX8oR_-GXDxPEOA15md01WJItbcyvxTbKm1XI-GhmZ8pVEPh7o8NmfpJq92bC1knIntJaXV9y11Hfg9sknK_HEYsKcivvlt_GDU_Lfgrd2Jx30FZSQaj-lasxp5fFCDyU17GEdrlRe6tyEwAE8GngNGRMJeJWwR_pewT2VLrFRFivwIEvT6c62FK73v20XaijydIzTYN14fuNzhxUdQJHtvMYBFbObUgXII3qzVcRZHQoDXqzmk8WBn4961wsArjN788dTrxRH_ZDuYd74CZ-9fEVGQ-P4i0ky9l_8LvTaeGuY37USDu-5V7JjK8rbFs8KYA26cyIj7B5L19PBeFFRaSxYt2oR6dDvDzwuQjGbvsFkaRqrhspgnZGt6cBKKnKqUbSHN4EOtqIMvuALEcWF1V5-0T5neHc6pNfon2srab_4IWNlmTVS67DToV6cVoTmVbyivK-jHGimcapDB2eF_ySYMTii1Jb2tIx7hZloAdYGNhmFEFQg3UKGzrTiqR_1840MI5U87sOmQGm_6OJCr3TvBxjsRDdZAQZH9bYmhj8ZmcO8TvZKGtzYR3PdHa_kRNgmJQL0vZ_mzsDb-YbxhkEK9WnkuvKlF_tMxvJ5JCaQ2eptqoS-zwOWIpA3xU1wXiQf0MK030oSgj3DpI3neQTqeSI9k5BRP3e_bFADbqnegr4eluJ8h2M9fWpfcyu8BF_m2fYuN3CpjIQE54RvvL2FPEGwfpeMqvPRpOeHykK0THO9iNKyl14c

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55DF 0
63 B 195ms
195ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=715039294320&version=m202307240101&ct=77&x=1&cor=10029601596841734000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AditionH5_ClickTags.js Show response
imagesrv.adition.com/js/ Frame D2BB 753 B
391 B 131ms
130ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdN9MFdP1ZMfYKs2j7%5FUPmvOL%2DA6t8KXecp%2De6LGIEdq24u%2DaOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC%5FGyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH%5FWtLt%5FeI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d%2DOROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v%5FwMudxSQtzbdHOlrHRFi4mbtUMjx%5FCPlGw5FozekRKC1uyAFv5K8%2DevhF9%2Dw%5FZs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW%5FYsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g%5Fu3x8hgB%26sig%3DAOD64%5F18ovVlEVRNVhVt7sD%5FXe3OYNNr6A%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM%2DfLQfSh6KgItvqNagcsSCrxYadsy%5FrmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG%5F0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT%2Drb%2DU9A3RqMNQ5m0MuJxKAT9WGNgQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7%2D70dzX4Dgqz32Tx5SQK%2Dw97Jl%2DoeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b%5FFq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ%5FLEArk68sHM1R2NNc%2Dppk85wur7BFq%5FSUJDETHoQz0uDRyphmBqdh5t4Ie%2DxpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF%5Fh9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5%5FXXS5IScbG6Q%5FET1K06nnDxO5T8NvovWWgd%5FXi1QKhZ%2DNsnDny0WoX3zzcKRQ%5Fk3ySFOYNJEvgNeBuKAWv8XMp5Qjre%2DyItri%5F%5F5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH%2DLISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh%2DYEWOM%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952864549374986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D56087%2526keyword%253D%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952868841917197%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D43658%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIh7eX4f%2DQgQMVzdG7CB2a%2DQLvEAEYASAAEgIGkPD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdN9MFdP1ZMfYKs2j7%5FUPmvOL%2DA6t8KXecp%2De6LGIEdq24u%2DaOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC%5FGyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH%5FWtLt%5FeI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d%2DOROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v%5FwMudxSQtzbdHOlrHRFi4mbtUMjx%5FCPlGw5FozekRKC1uyAFv5K8%2DevhF9%2Dw%5FZs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW%5FYsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g%5Fu3x8hgB%26sig%3DAOD64%5F18ovVlEVRNVhVt7sD%5FXe3OYNNr6A%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM%2DfLQfSh6KgItvqNagcsSCrxYadsy%5FrmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG%5F0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT%2Drb%2DU9A3RqMNQ5m0MuJxKAT9WGNgQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7%2D70dzX4Dgqz32Tx5SQK%2Dw97Jl%2DoeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b%5FFq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ%5FLEArk68sHM1R2NNc%2Dppk85wur7BFq%5FSUJDETHoQz0uDRyphmBqdh5t4Ie%2DxpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF%5Fh9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5%5FXXS5IScbG6Q%5FET1K06nnDxO5T8NvovWWgd%5FXi1QKhZ%2DNsnDny0WoX3zzcKRQ%5Fk3ySFOYNJEvgNeBuKAWv8XMp5Qjre%2DyItri%5F%5F5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH%2DLISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh%2DYEWOM%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952864549374986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D56087%2526keyword%253D%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952868841917197%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D43658%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIh7eX4f%2DQgQMVzdG7CB2a%2DQLvEAEYASAAEgIGkPD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:40 GMT
content-encoding: br
last-modified: Thu, 20 Aug 2020 14:03:40 GMT
etag: "1134380014-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 330

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame D2BB 236 KB
63 KB 134ms
133ms Script
text/javascript 23.48.23.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdN9MFdP1ZMfYKs2j7%5FUPmvOL%2DA6t8KXecp%2De6LGIEdq24u%2DaOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC%5FGyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH%5FWtLt%5FeI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d%2DOROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v%5FwMudxSQtzbdHOlrHRFi4mbtUMjx%5FCPlGw5FozekRKC1uyAFv5K8%2DevhF9%2Dw%5FZs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW%5FYsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g%5Fu3x8hgB%26sig%3DAOD64%5F18ovVlEVRNVhVt7sD%5FXe3OYNNr6A%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM%2DfLQfSh6KgItvqNagcsSCrxYadsy%5FrmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG%5F0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT%2Drb%2DU9A3RqMNQ5m0MuJxKAT9WGNgQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7%2D70dzX4Dgqz32Tx5SQK%2Dw97Jl%2DoeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b%5FFq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ%5FLEArk68sHM1R2NNc%2Dppk85wur7BFq%5FSUJDETHoQz0uDRyphmBqdh5t4Ie%2DxpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF%5Fh9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5%5FXXS5IScbG6Q%5FET1K06nnDxO5T8NvovWWgd%5FXi1QKhZ%2DNsnDny0WoX3zzcKRQ%5Fk3ySFOYNJEvgNeBuKAWv8XMp5Qjre%2DyItri%5F%5F5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH%2DLISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh%2DYEWOM%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952864549374986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D56087%2526keyword%253D%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952868841917197%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D43658%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIh7eX4f%2DQgQMVzdG7CB2a%2DQLvEAEYASAAEgIGkPD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.48.23.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-33.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:40 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:07:40 GMT

GET
H2 200 Mueller_Multimedia_Emotional_300x250_x_220105_vdj.js Show response
imagesrv.adition.com/banners/268/01/03/c1/23/ Frame D2BB 28 KB
8 KB 132ms
131ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.js?1656412763783
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdN9MFdP1ZMfYKs2j7%5FUPmvOL%2DA6t8KXecp%2De6LGIEdq24u%2DaOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC%5FGyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH%5FWtLt%5FeI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d%2DOROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v%5FwMudxSQtzbdHOlrHRFi4mbtUMjx%5FCPlGw5FozekRKC1uyAFv5K8%2DevhF9%2Dw%5FZs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW%5FYsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g%5Fu3x8hgB%26sig%3DAOD64%5F18ovVlEVRNVhVt7sD%5FXe3OYNNr6A%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM%2DfLQfSh6KgItvqNagcsSCrxYadsy%5FrmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG%5F0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT%2Drb%2DU9A3RqMNQ5m0MuJxKAT9WGNgQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7%2D70dzX4Dgqz32Tx5SQK%2Dw97Jl%2DoeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b%5FFq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ%5FLEArk68sHM1R2NNc%2Dppk85wur7BFq%5FSUJDETHoQz0uDRyphmBqdh5t4Ie%2DxpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF%5Fh9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5%5FXXS5IScbG6Q%5FET1K06nnDxO5T8NvovWWgd%5FXi1QKhZ%2DNsnDny0WoX3zzcKRQ%5Fk3ySFOYNJEvgNeBuKAWv8XMp5Qjre%2DyItri%5F%5F5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH%2DLISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh%2DYEWOM%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952864549374986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D56087%2526keyword%253D%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952868841917197%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D43658%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIh7eX4f%2DQgQMVzdG7CB2a%2DQLvEAEYASAAEgIGkPD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: efc473dcdcf62e562f384ba4112558f559de7b8c98646d74b8392bba18d8a1c8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdN9MFdP1ZMfYKs2j7%5FUPmvOL%2DA6t8KXecp%2De6LGIEdq24u%2DaOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC%5FGyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH%5FWtLt%5FeI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d%2DOROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v%5FwMudxSQtzbdHOlrHRFi4mbtUMjx%5FCPlGw5FozekRKC1uyAFv5K8%2DevhF9%2Dw%5FZs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW%5FYsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g%5Fu3x8hgB%26sig%3DAOD64%5F18ovVlEVRNVhVt7sD%5FXe3OYNNr6A%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM%2DfLQfSh6KgItvqNagcsSCrxYadsy%5FrmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG%5F0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT%2Drb%2DU9A3RqMNQ5m0MuJxKAT9WGNgQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7%2D70dzX4Dgqz32Tx5SQK%2Dw97Jl%2DoeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b%5FFq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ%5FLEArk68sHM1R2NNc%2Dppk85wur7BFq%5FSUJDETHoQz0uDRyphmBqdh5t4Ie%2DxpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF%5Fh9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5%5FXXS5IScbG6Q%5FET1K06nnDxO5T8NvovWWgd%5FXi1QKhZ%2DNsnDny0WoX3zzcKRQ%5Fk3ySFOYNJEvgNeBuKAWv8XMp5Qjre%2DyItri%5F%5F5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH%2DLISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh%2DYEWOM%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952864549374986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D56087%2526keyword%253D%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952868841917197%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D43658%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIh7eX4f%2DQgQMVzdG7CB2a%2DQLvEAEYASAAEgIGkPD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:40 GMT
content-encoding: br
last-modified: Fri, 22 Jul 2022 09:12:52 GMT
etag: "420280442-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 7986

POST
H2 204 csi
csi.gstatic.com/ Frame 4F6F 0
54 B 363ms
362ms Ping
image/gif 142.251.133.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lm4vtbao&c=7481342093613&slotId=3740671046806.5&ghmsh_eids=420706098%2C44750823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.133.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: eze10s08-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 73FD 35 B
362 B 102ms
99ms Image
image/gif 91.228.74.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELwIX516kgNbAbbj_irJRmU&google_cver=1&google_push=AXcoOmQztC05Eg9xibmQul3b1n-XFXGhI26pdIukVVu3-ZzzLyIE-7-bEFMsawvH9EF3_OLbXrmadKdmUDeRFeh4WRraIHUgBhv1

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.206 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET i.match
a.tribalfusion.com/ Frame 73FD 0
0

GET gp_match
um.simpli.fi/ Frame 73FD 0
0

GET /
dsp.adfarm1.adition.com/cookie/ Frame 73FD 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 73FD
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOB9v0gUPkwm4vyQD66chDQ&google_cver=1&google_push=AXcoOmR7qPmyWfhwPfj5g7n_BVQ6sr5zlTtHtTBQe_eVP7ddwvzIx8iYt9s1LwlT-Li2aEbYRtHphSGOPmYPwc25VCBp...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR7qPmyWfhwPfj5g7n_BVQ6sr5zlTtHtTBQe_eVP7ddwvzIx8iYt9s1LwlT-Li2aEbYRtHphSGOPmYPwc25VCBpA_kZPbgN&google_hm=4NDNqLL1TuCTxEonNzFQyA==

170 B
188 B

119ms
119ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR7qPmyWfhwPfj5g7n_BVQ6sr5zlTtHtTBQe_eVP7ddwvzIx8iYt9s1LwlT-Li2aEbYRtHphSGOPmYPwc25VCBpA_kZPbgN&google_hm=4NDNqLL1TuCTxEonNzFQyA==

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR7qPmyWfhwPfj5g7n_BVQ6sr5zlTtHtTBQe_eVP7ddwvzIx8iYt9s1LwlT-Li2aEbYRtHphSGOPmYPwc25VCBpA_kZPbgN&google_hm=4NDNqLL1TuCTxEonNzFQyA==
date: Mon, 04 Sep 2023 12:52:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 73FD 0
12 B 134ms
132ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHIwEIIq-Wy2MXfJEQZumxc7S0-O8sb4Tb2UurXJ1tAXn77oBKWcIowlU

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adplayer_privacy.sjs Show response
imagesrv.adition.com/js/adplayer/ Frame A6E1 20 KB
6 KB 222ms
221ms Script
text/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7274952864549374986&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7274952864549374986&btr=true&pos=top-right&cid=558342&aid=558342
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 4429312fcbd45669c148139a5887c10403d36febe81d0ae48e4b69f0af76e509

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 12:52:40 GMT
content-encoding: br
content-length: 6040
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame BC84 38 KB
15 KB 112ms
112ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Sep 2024 12:47:35 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3EBB 15 KB
11 KB 188ms
187ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230830&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cffe2deb7bec5ba075b50b3cb7f7e347407922043f7ace76f6471a1f2651e54b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11644
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F65E 0
63 B 204ms
204ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpxKQFtP1ZOTOL_SE1PIPybKT4AkAAAAAOAHgBAI&bg=!u7iluPfNAAYHwnCgJ8I7ADQBe5WfOMn2I4zVTuUagPOulNUGXXA7e1HZx1C_Dl8gUeq15PD8s01-euFyManh1lcU2TY9AgAAANNSAAAABWgBB5kDF47fgXVEFRxnk6ZBSd4ic_3yTmSsFanPH9ep2KCLW6hzgcm_i75UIF-SkMsJ_0sHiR1qlCxESTUV5juY_0YxMo05ZihORbXIZZfAXtEbRnIQwoE9ezSb95NPymWaUSSQSk11Pfxpfdxysb-rLGEv23SdyVyhkVMd1snB0doaTf5Ou_64Rz9uxwYz4iVUBoMQ9KPeaTJ78fwY-BzcrgByNyWf7Knz1RXPyk3ZuvEVSJ0LiSMJ8m9qGgfobb6pcqrHBzapbiUqzhjuhdMYyA0WP7v_GfaZHZkP0AhXCaDa9WOpRvlCNTM-r2U0kKiyJZy0mdlbyygxWolUi-ReeetFLJilDiMY6WdSTEOnsKVI3wkRAXqk1tne0nbxd1JsWZdUfp70Jngul2afYhiVXygIhRHsuwb4uvC18iMrfVbtlw2gUU1lND-Yh2fnefZlaWYrXA8d1noLgmQPbofgpkICTzTKgYo2_OTDVPCBeZcHQfo5jpgHNn1XzM8ru_m5CiD_wIEUEA4fEgOUK6PhQD95JBVtsqmQfuxvxRVmS7PYigcImaXQmSY_AIeVSSJ8O8gg5vB-O41WgPDg5i4brofri1djovEykZJvdEaWdDs4cjim0GBxcB6X3DuEF7BxtE3uO5V-F-XrJFCZOhD1j9j4PX6LsiSWPIw7rgQfjMNQKD4x0YLi8DW0gWH0AuYunui78VMNJkLhMsYHkNFwNheKf7xlnh9a2LWpNc-bYGm2-mbthVxqjyVlS0Fc036rdAQlwzeHjEwJcjubNFAzWir7yP4ontpsghIstzpIyZZHHSNX3DNtnThd-XYnp_imG4knt2YAZdt1W-snYNaZ2Il2dzIIYZUDh8kB9KrY-P4Y4976WpRNm6G7V3ctWly-v6YOPZsMsGX-2_FjqlmR_RMff6l2k2WyEuF5mlOHnx0xVr5VKihSkibe2Oi8qZR3trxJ5jcrWsxygCbExNUS5_iUoPHeepP-uEquwg3tGvSme9Nx39DsEDHxeU1HgJWaab_kyLIhgzkV57z__beHvjQ4bolPnv0SqkfP

Requested by

Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg_1_120.jpg
imagesrv.adition.com/banners/268/01/03/c1/23/images/ Frame D2BB 15 KB
15 KB 176ms
176ms Image
image/jpeg 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/03/c1/23/images/bg_1_120.jpg?1656412763772
Requested by: Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 19442eeceb09ba614ca6ee07b22598363b9c03109682cb01f27aec8a54f8730b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdN9MFdP1ZMfYKs2j7%5FUPmvOL%2DA6t8KXecp%2De6LGIEdq24u%2DaOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC%5FGyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH%5FWtLt%5FeI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d%2DOROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v%5FwMudxSQtzbdHOlrHRFi4mbtUMjx%5FCPlGw5FozekRKC1uyAFv5K8%2DevhF9%2Dw%5FZs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW%5FYsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g%5Fu3x8hgB%26sig%3DAOD64%5F18ovVlEVRNVhVt7sD%5FXe3OYNNr6A%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM%2DfLQfSh6KgItvqNagcsSCrxYadsy%5FrmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG%5F0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT%2Drb%2DU9A3RqMNQ5m0MuJxKAT9WGNgQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7%2D70dzX4Dgqz32Tx5SQK%2Dw97Jl%2DoeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b%5FFq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ%5FLEArk68sHM1R2NNc%2Dppk85wur7BFq%5FSUJDETHoQz0uDRyphmBqdh5t4Ie%2DxpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF%5Fh9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5%5FXXS5IScbG6Q%5FET1K06nnDxO5T8NvovWWgd%5FXi1QKhZ%2DNsnDny0WoX3zzcKRQ%5Fk3ySFOYNJEvgNeBuKAWv8XMp5Qjre%2DyItri%5F%5F5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH%2DLISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh%2DYEWOM%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952864549374986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D56087%2526keyword%253D%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952868841917197%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D43658%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIh7eX4f%2DQgQMVzdG7CB2a%2DQLvEAEYASAAEgIGkPD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 12:52:40 GMT
last-modified: Fri, 14 Jan 2022 07:49:19 GMT
accept-ranges: bytes
etag: "3547394822"
content-length: 15385
content-type: image/jpeg

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3EBB 17 KB
6 KB 147ms
146ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 12:52:40 GMT

GET
H2 200 adplayer.min.css
imagesrv.adition.com/js/adplayer/ Frame A6E1 3 KB
982 B 159ms
159ms Stylesheet
text/css 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7274952864549374986&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:40 GMT
content-encoding: br
last-modified: Tue, 30 Oct 2012 15:33:13 GMT
etag: "524465627-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 918

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame BC84 0
38 B 115ms
114ms Image
text/plain 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mkJ6LA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/fa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 bg_2_120.jpg
imagesrv.adition.com/banners/268/01/03/c1/23/images/ Frame D2BB 18 KB
18 KB 150ms
149ms Image
image/jpeg 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/03/c1/23/images/bg_2_120.jpg?1656412763773
Requested by: Host: e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com
URL: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 02ba78c0231b2b63196b67715fad60c4e09d1e2f5074408b1ad856d59be305d8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdN9MFdP1ZMfYKs2j7%5FUPmvOL%2DA6t8KXecp%2De6LGIEdq24u%2DaOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC%5FGyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH%5FWtLt%5FeI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d%2DOROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v%5FwMudxSQtzbdHOlrHRFi4mbtUMjx%5FCPlGw5FozekRKC1uyAFv5K8%2DevhF9%2Dw%5FZs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW%5FYsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g%5Fu3x8hgB%26sig%3DAOD64%5F18ovVlEVRNVhVt7sD%5FXe3OYNNr6A%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM%2DfLQfSh6KgItvqNagcsSCrxYadsy%5FrmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG%5F0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT%2Drb%2DU9A3RqMNQ5m0MuJxKAT9WGNgQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7%2D70dzX4Dgqz32Tx5SQK%2Dw97Jl%2DoeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b%5FFq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ%5FLEArk68sHM1R2NNc%2Dppk85wur7BFq%5FSUJDETHoQz0uDRyphmBqdh5t4Ie%2DxpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF%5Fh9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5%5FXXS5IScbG6Q%5FET1K06nnDxO5T8NvovWWgd%5FXi1QKhZ%2DNsnDny0WoX3zzcKRQ%5Fk3ySFOYNJEvgNeBuKAWv8XMp5Qjre%2DyItri%5F%5F5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH%2DLISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh%2DYEWOM%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952864549374986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D56087%2526keyword%253D%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952868841917197%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D43658%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIh7eX4f%2DQgQMVzdG7CB2a%2DQLvEAEYASAAEgIGkPD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 12:52:40 GMT
last-modified: Fri, 14 Jan 2022 07:49:19 GMT
accept-ranges: bytes
etag: "3256217860"
content-length: 18552
content-type: image/jpeg

GET
H2 200 oba_icon.png
imagesrv.adition.com/js/adplayer/ Frame A6E1 3 KB
3 KB 161ms
160ms Image
image/png 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/js/adplayer/oba_icon.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 12:52:40 GMT
last-modified: Tue, 30 Oct 2012 15:33:13 GMT
accept-ranges: bytes
etag: "502461915"
content-length: 3262
content-type: image/png

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=277AF428C2C44A3DA376601F9E099576&RedC=c.clarity.ms&MXFR=318F45BFC2C36D48072D563DC6C36335
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=277AF428C2C44A3DA376601F9E099576&MUID=1D0A6E4177836F5502FC7DC376396EAF

42 B
466 B

81ms
80ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=277AF428C2C44A3DA376601F9E099576&MUID=1D0A6E4177836F5502FC7DC376396EAF
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:40 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CD5739BA59CF4CAE9B0DB8A9013316CC Ref B: ZRHEDGE1609 Ref C: 2023-09-04T12:52:41Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=277AF428C2C44A3DA376601F9E099576&MUID=1D0A6E4177836F5502FC7DC376396EAF
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 145ms
145ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=7279&cid=amp-8egML7Ct6COpbVD1sVxY9A&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dr=&dt=%E7%99%BC%E6%8F%AE%E9%87%91%E8%9E%8D%E5%89%B5%E6%96%B0%E5%84%AA%E5%8B%A2%C2%A0%E2%80%9C%E6%94%BF%E9%8A%80%E6%93%94%E2%80%9D%E7%B7%9A%E4%B8%8A%E6%89%B9%E9%87%8F%E8%9E%8D%E8%B3%87%E6%93%94%E4%BF%9D%E5%90%88%E4%BD%9C%E6%A8%A1%E5%BC%8F%E6%8E%A8%E5%87%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1693831955&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=11952&epn.domain_lookup_time=12&epn.tcp_connect_time=1121&epn.redirect_time=0&epn.server_response_time=1437&epn.page_download_time=1&epn.content_download_time=2597&epn.dom_interactive_time=2597
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308181609000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
119 B 135ms
134ms Image
image/gif 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E7%99%BC%E6%8F%AE%E9%87%91%E8%9E%8D%E5%89%B5%E6%96%B0%E5%84%AA%E5%8B%A2%C2%A0%E2%80%9C%E6%94%BF%E9%8A%80%E6%93%94%E2%80%9D%E7%B7%9A%E4%B8%8A%E6%89%B9%E9%87%8F%E8%9E%8D%E8%B3%87%E6%93%94%E4%BF%9D%E5%90%88%E4%BD%9C%E6%A8%A1%E5%BC%8F%E6%8E%A8%E5%87%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-8egML7Ct6COpbVD1sVxY9A&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=11952&dns=12&tcp=1121&rrt=0&srt=1437&pdt=1&clt=2597&dit=2597&a=7279&z=0.15801280937601114&gtm=45De1110&t=timing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 08:16:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16585
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 161ms
161ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b7f7af801a083a40802873ad2dd1b857ed63c2bbaa54cec634fdcd7c3ccabfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11936
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7CD2 15 KB
6 KB 138ms
138ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 887084
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS json
gum.criteo.com/sid/ Frame 0
0

GET json
gum.criteo.com/sid/ 0
0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
386 B 143ms
143ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 5c9e44b3162118c9a56b059c276c2c4200823729e3c8bd90cbf1286b27232226

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 12:52:40 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 04 Oct 2023 12:52:40 GMT

GET ixmatch.html
js-sec.indexww.com/um/ Frame D84D 0
0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 6F6D 4 KB
2 KB 124ms
123ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1693831954956

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a7856a2f23ded0db3eccd55ee2f42e1663226219e93fdc6a647fc91c671f7b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1378
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET checksync.php
contextual.media.net/ Frame 132D 0
0

GET async_usersync.html
acdn.adnxs.com/dmp/ Frame 359A 0
0

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 2EAD 6 KB
2 KB 431ms
422ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 80165ef98de70375-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 12:52:40 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 isyn
prebid.a-mo.net/ Frame B4FF 0
0 131ms
131ms Document
text/plain 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Mon, 04 Sep 2023 12:52:40 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 1

GET sync.html
public.servenobid.com/ Frame 916F 0
0

GET
H2 200 pd Show response
adpushup-d.openx.net/w/1.0/ Frame 3AB4 504 B
640 B 131ms
125ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpushup-d.openx.net/w/1.0/pd
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e34dc9949f04786826b535eced14d5fe36c3ee44863e791cf1df3ffcd0a29129

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 325
content-type: text/html
date: Mon, 04 Sep 2023 12:52:40 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 213B 281 B
554 B 128ms
127ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Sep 2023 12:52:40 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 9DA6 37 B
139 B 128ms
128ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Mon, 04 Sep 2023 12:52:40 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CC7B 13 KB
5 KB 127ms
125ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:31:43 GMT
expires: Tue, 03 Sep 2024 12:31:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A27E 829 B
785 B 140ms
139ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9dcbcca5552b90cb4108635edec064213fd85c4cd1fa9b85bb3977505b526c38

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wV63mixxKO4RI4UCPQi2sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-wV63mixxKO4RI4UCPQi2sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:40 GMT
expires: Mon, 04 Sep 2023 12:52:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
290 B 374ms
374ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bg3.co
Date: Mon, 04 Sep 2023 12:52:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A55E 0
63 B 371ms
371ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5039924023510&version=m202307240101&ct=77&x=38&cor=13487448795965192000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video9.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 227 KB
228 KB 263ms
263ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video9.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 0b9bd9b5591994cc9ee339949b213d6b636909d874601730b81674da5701f597

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:40 GMT
cdn-edgestorageid: 874
cdn-storageserver: DE-167
cdn-cachedat: 08/18/2023 21:57:17
cdn-pullzone: 829957
content-length: 232368
last-modified: Fri, 18 Aug 2023 08:17:57 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 627
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 6a6972604af42c86f5f653f597a0c6a6
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bg_3_120.jpg
imagesrv.adition.com/banners/268/01/03/c1/23/images/ Frame D2BB 13 KB
13 KB 315ms
315ms Image
image/jpeg 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/03/c1/23/images/bg_3_120.jpg?1656412763773
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 9df8c7ef5f36a7b12cab996ba25c8ac2498558bb64bc69588e4aa20c30548aea

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdN9MFdP1ZMfYKs2j7%5FUPmvOL%2DA6t8KXecp%2De6LGIEdq24u%2DaOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC%5FGyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH%5FWtLt%5FeI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d%2DOROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v%5FwMudxSQtzbdHOlrHRFi4mbtUMjx%5FCPlGw5FozekRKC1uyAFv5K8%2DevhF9%2Dw%5FZs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW%5FYsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g%5Fu3x8hgB%26sig%3DAOD64%5F18ovVlEVRNVhVt7sD%5FXe3OYNNr6A%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM%2DfLQfSh6KgItvqNagcsSCrxYadsy%5FrmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG%5F0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT%2Drb%2DU9A3RqMNQ5m0MuJxKAT9WGNgQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7%2D70dzX4Dgqz32Tx5SQK%2Dw97Jl%2DoeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b%5FFq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ%5FLEArk68sHM1R2NNc%2Dppk85wur7BFq%5FSUJDETHoQz0uDRyphmBqdh5t4Ie%2DxpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF%5Fh9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5%5FXXS5IScbG6Q%5FET1K06nnDxO5T8NvovWWgd%5FXi1QKhZ%2DNsnDny0WoX3zzcKRQ%5Fk3ySFOYNJEvgNeBuKAWv8XMp5Qjre%2DyItri%5F%5F5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH%2DLISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh%2DYEWOM%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952864549374986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D56087%2526keyword%253D%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952868841917197%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D43658%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIh7eX4f%2DQgQMVzdG7CB2a%2DQLvEAEYASAAEgIGkPD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 12:52:40 GMT
last-modified: Fri, 14 Jan 2022 07:49:19 GMT
accept-ranges: bytes
etag: "1478145505"
content-length: 13748
content-type: image/jpeg

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 213B 34 KB
10 KB 285ms
284ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 645c990f39dbf24c282b2e62297b3cf0f8a06f732309c682843f019d4df02eba

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 12:52:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Sep 2023 01:29:29 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=45358
Connection: keep-alive
Content-Length: 10123
Expires: Tue, 05 Sep 2023 01:28:38 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 3AB4
Redirect Chain

https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=43775deaafda1654&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIl4K5YBntUwMtUrXYAAAAAAA&expiration=1693918361&nuid={OX_USER_ID}&is_secure=true

43 B
61 B

74ms
74ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIl4K5YBntUwMtUrXYAAAAAAA&expiration=1693918361&nuid={OX_USER_ID}&is_secure=true
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:41 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:41 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIl4K5YBntUwMtUrXYAAAAAAA&expiration=1693918361&nuid={OX_USER_ID}&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

dds
rtb.openx.net/sync/ Frame 3AB4
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=MbjZOrlfzI8M6j6wGjuOYg==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
114 B

99ms
98ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H2
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:41 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7a293542-8075-e7e8-db49-64f236757991
pr-bh.ybp.yahoo.com/sync/openx/ Frame 3AB4 43 B
601 B 294ms
291ms Image
image/gif 34.255.44.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/7a293542-8075-e7e8-db49-64f236757991?gdpr=0

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.44.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET

usersync.aspx
dis.criteo.com/dis/ Frame 3AB4
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dopenx%26user_id%3D%40%40CRITEO_USERID%40%40

0
0

GET cm-notify
creativecdn.com/ Frame 3AB4 0
0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 3AB4
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=CEBxSVpHJkgTTXEdBhA6HVhBLkkTQCcZDRErwvo4

43 B
61 B

71ms
70ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=CEBxSVpHJkgTTXEdBhA6HVhBLkkTQCcZDRErwvo4
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:41 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=CEBxSVpHJkgTTXEdBhA6HVhBLkkTQCcZDRErwvo4
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 7CD2 449 B
559 B 356ms
356ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=3&topUrl=www.bg3.co&bundle=KkWd8F84YiUyQjd5UmtBaks2SlV2MHNiRmJsJTJCd01IbjRCeENmcCUyQkNUM2xnTENzOXR0eGV0MHB1JTJCRWJPUiUyRnhVb01HOG5TRzVJam14QWRHRU5FaHkxSXRNYzYyZVdSZXlOQ3F4c0hYUCUyRmtzMmxtY3hqYm5yQWV5ZyUyQkolMkJMblhOUkVKJTJGUGp6bTluWSUyQldMODZZbDR4blpiNjRsc3BJUSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

58663f3895176b058364b9ae4fb2e696c69510630b54ab0fbc968897cba17a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:40 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 770834
expires: 0

GET img
sync.mathtag.com/sync/ Frame 6F6D 0
0

GET sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6F6D 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 6F6D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8281238057369299235

0
291 B

115ms
114ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8281238057369299235

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693831954956

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:40 GMT
an-x-request-uuid: 1b54b2ef-3ba9-40d2-b8d0-c58369d4839a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8281238057369299235
x-proxy-origin: 194.230.146.186; 194.230.146.186; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 6F6D 42 B
676 B 270ms
269ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=8Jj6ck1b4zwJkRS8SXJHLV5It0cXBW9_BVtWAf_nEow
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693831954956
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F6D
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimBAmSFG8TPyWYdegc-9j-wulhknShCgnQ

170 B
188 B

121ms
121ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimBAmSFG8TPyWYdegc-9j-wulhknShCgnQ

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693831954956

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimBAmSFG8TPyWYdegc-9j-wulhknShCgnQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame 6F6D 0
75 B 299ms
79ms Image
text/plain 185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693831954956
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:40 GMT
content-length: 0

GET 711916.gif
id.rlcdn.com/ Frame 6F6D 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6F6D
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=v4UEgfAOIOQasluWtxIheNOya9OgnTSTHhNFRNhUcpQ

43 B
479 B

242ms
242ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=v4UEgfAOIOQasluWtxIheNOya9OgnTSTHhNFRNhUcpQ

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693831954956

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 12:52:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: M8EAT0NS9BA4FZPP20Z1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=v4UEgfAOIOQasluWtxIheNOya9OgnTSTHhNFRNhUcpQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET ImgSync
image8.pubmatic.com/AdServer/ Frame 6F6D 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 6F6D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESENGZkZg_xNjROszbGmH4KQs&google_cver=1

0
291 B

109ms
109ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESENGZkZg_xNjROszbGmH4KQs&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693831954956

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESENGZkZg_xNjROszbGmH4KQs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame 6F6D 0
38 B 270ms
269ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693831954956

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:40 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6F6D 70 B
264 B 355ms
354ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693831954956
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame 6F6D 43 B
145 B 270ms
269ms Image
image/gif 18.196.96.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693831954956
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.96.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-96-246.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 350ms
347ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 12:52:40 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A27E 0
0 324ms
324ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230830&jk=402901672500272&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame CC7B 38 KB
15 KB 315ms
315ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Sep 2024 12:47:35 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4F6F 156 B
186 B 470ms
470ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=3539734792715964&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=E4E5ED9A-8C8A-4F9D-82BC-8A5220C53399&a3p=EhkKCnB1YmNpZC5vcmcYh4WCgqYxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIeFgoKmMUgAUgIIZBIZCgp1aWRhcGkuY29tGIeFgoKmMUgAUgIIZBIUCgVvcGVueBiHhYKCpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGIeFgoKmMUgAUgIIZA..&nel=0&eid=420706098%2C44750823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dlt=1693831951089&idt=5383&dt=1693831960786&cookie=ID%3Df9ed3c550e4b5e5c-22e363f666de0023%3AT%3D1693831956%3ART%3D1693831956%3AS%3DALNI_MbhPi_Lx4YtnDPZPXgSXaIUXyj9uA&gpic=UID%3D00000c6ef83ff7e2%3AT%3D1693831956%3ART%3D1693831956%3AS%3DALNI_MYtkc6IQPUlJs6FV160220h_mwajg&scor=1386108632797209&ged=ve4_td10_tt4_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A6E1 42 B
108 B 212ms
212ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxeBC5wufMJ_tWh4UaBtaPz18ExB4y2yxtqKfBs38piGrYElIlSIqE2NGIvmJFMMnv9hrTu7z23I4k34VruyOekfKwZr6FwoabC1KfvC9aY8RjC9ek_ITPEt-VF7BE&sai=AMfl-YSy4IB5PZUILuVeHur0bRQWhgD6qJWlOtspYtG-J9gvt7tsAh6eTlA0jGtutTnsrbUHtEjI3k3biC5u5XvIX5dJ2k1-tHDgtaZjpjn9BNLvD97ZLPYap278CUYD&sig=Cg0ArKJSzMP-gakxzv1CEAE&cid=CAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g_u3x8hgB&id=lidar2&mcvt=1006&p=60,450,310,750&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693831958193&rpt=1683&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8269 0
0 219ms
219ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230830&jk=3390865890185771&bg=!OzilOHfNAAYHwnCgJ8I7ADQBe5WfOCvgy9aXe5V8kyt_Y6nnWvfKmqb6CUeqAVEoym3E4qI2ISnHKovo3yhGQdsDV8cUAgAAAKJSAAAABmgBB5kC0NlmOHxYtXYJBVveB2YaZTSSeopEGLvXUau8-SklMkgIh_EQY5tFLHX5AcMOJyn1qqMyhzmuJZjnCl6t1dVEiwPMiDefA-XxEZaJYvT07R6WTGtAcjTcWzeXV-sMfwboKjMvYDQVhcoFPk9V_44BAQhiJYXlqU66twujvrE75nq3yh4SdQyT1Wl-MYfQypSJz7az86WJzNYtNo6d7ke9PzNCaUINFjClhXQM-s00_FBXoiFhzt-vE70BS8ZZeQPQb9cau-1PigaeIyphOIdXa0jLnim4efJYhKNmlzttE8xyQ-s8QOYws1ZbBMvJNQVC8BDkonCCcuHkzidJfj5jm0PAA_X5ndrWLQccLOgzzWtugLYKN8dH6cRlbe4jtQSRjRU9wKXc-Qu3khjQaGh-JYse5gbq9WIHFIlfC5-edKE9epxg-iVcOGA8q_A1Mqz-WGkE2WfiUzvDPC4j6bgHco71oD1zaRWUbFbjPZEALEd4iceC_t5iwfj-c4bMYuMNgUOIePwES14__zlo_0qgw0uTvnd7F3F7W-N-vdd8JEEOyHb26b4Gku6rQOAjGQIfgdTEa0no36DYRRh21K2YqOlaoH5ezLq9MuMa89WlB2YwqOMXjCcn2T1N5iKOgpxGxPIcdtX748natr3r4h4CdwqXfz_LyaURCHPNOZYiFxgx_9Hy6mDaDiWU5Bvv3_v2rVy6sFVtH6RvpZpdnfKPgwbIDPCOpMxDRv3vhTgbCygi-NUyPjpUc238IuddwF5qMY4tP9F9IPBHm466gX6y-A0qSKQojr-ublOEWLAftdB_bjiJNAUl0Ds9T6GI72ythEMLwCj1FTagsvF_JHgmtaCc6UCvcCaXUt3bIx1XJOZoJ1IZN6ytJSlVXaU5Sg7KLXnONRRTALbpsAgEf7yWmM-IozuJEqsqvuFEe_hfLlyfkrRXoVDCu4P6HBR0PyfHAw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 logo_img.png
imagesrv.adition.com/banners/268/01/03/c1/23/images/ Frame D2BB 2 KB
2 KB 124ms
123ms Image
image/png 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/03/c1/23/images/logo_img.png?1656412763773
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 166c42a322eda48a1e0be2c9c71a28f66c325d3e4cb08e77bed5c89e14838b4e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdN9MFdP1ZMfYKs2j7%5FUPmvOL%2DA6t8KXecp%2De6LGIEdq24u%2DaOBABILqEwDNg9Y27gZgEyAEJqQJ7u40rMR2yPqgDAcgDmwSqBI0CT9DH6ariMybbSX9bI3tdf6PXw9xjeLOyPu1oFBgONMddWC%5FGyCDqF2fYwqQ1rqVfpVImBOLbcMij9VljJHo7H0tH%5FWtLt%5FeI6uAKCxkyKKx8RjOt1DWp3Ht3RvKN1n2tAkT3AQL932xJgK7d%2DOROZehbHIbuWSStd51D4DdBPTPyGkHOdoY5bBIiXmesM31v%5FwMudxSQtzbdHOlrHRFi4mbtUMjx%5FCPlGw5FozekRKC1uyAFv5K8%2DevhF9%2Dw%5FZs7Fl9JTdSY0KWAteNMaAi51r1ZSNqGgF72ZlrcVbW%5FYsfqWl7xgmi52DqTvY4mBKEO7kEHEJR4DxXxzRWM7w3vTKyf8f0SxFIo0aYHIMrABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWhqUPVkkoSEvrqGPnZj9lo32RmhL1ywoAYV2aWMe2GC5IPCzEY1Dp1KkZ3UspMn6lTe9g%5Fu3x8hgB%26sig%3DAOD64%5F18ovVlEVRNVhVt7sD%5FXe3OYNNr6A%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCfvZgeoX4H6x8sEOHwZe45ejkh75ImGJ8GYNhlaVifWrM%2DfLQfSh6KgItvqNagcsSCrxYadsy%5FrmhLTqsM8L7VD3UBjpSds2DfV5B0CFQWz1PLvG%5F0dVAzAsF1PUMQr2X2QFD8QRQzLTsWiqTPrT%2Drb%2DU9A3RqMNQ5m0MuJxKAT9WGNgQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBD7b0GJ9edevfAgpJJPGqzWiqycasEpKBu275mpasJLsvGyfc8WhRI3GA9Ts4kx78wztdGRyEbuGNaQPYlhpQ7l5cWH0oiF98s7%2D70dzX4Dgqz32Tx5SQK%2Dw97Jl%2DoeXJRIpYbadOTKd8kXbV3DgaRweBYbkvsMjpiijxKbQiC63z5rIV9af3Zx1b%5FFq1aOmR3dU0Te6Lt4rdB8dZXzBEbJa3OzHtXIuqt8uI3zlQBWMZ%5FLEArk68sHM1R2NNc%2Dppk85wur7BFq%5FSUJDETHoQz0uDRyphmBqdh5t4Ie%2DxpFDznF1y1thlN8H8mivBiYQOlmiR4IFtF%5Fh9LfQpMejHMLYSQFy31keGs9WklFNReLVnV7yyKL5Q9H5%5FXXS5IScbG6Q%5FET1K06nnDxO5T8NvovWWgd%5FXi1QKhZ%2DNsnDny0WoX3zzcKRQ%5Fk3ySFOYNJEvgNeBuKAWv8XMp5Qjre%2DyItri%5F%5F5lMHhQ76ECqsMNrUBauzV9vJxOAgHjnkV1miOQMWE9unoD0bqRYcZIXL63ao7uvkD0gRegbZrWH%2DLISbRmdVhUcsjCFRV7Wf4KFJ5Tj0Yz2b6MnhMUzkRt5SfLIhWM6MWjMDnmO0Hi6wyUh0j61fMLwE4PMT6WXVkbAg61XgS6mGxgLu1ri1ePcXfP4wFaCJZ72ezlGxS9vAY9VqR6L0sAmbRHCaZvCRjKqyh%2DYEWOM%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274952864549374986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D56087%2526keyword%253D%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274952868841917197%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274952855952886794%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D43658%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMIh7eX4f%252DQgQMVzdG7CB2a%252DQLvEAEYASAAEgIGkPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIh7eX4f%2DQgQMVzdG7CB2a%2DQLvEAEYASAAEgIGkPD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 12:52:41 GMT
last-modified: Thu, 30 Sep 2021 12:59:23 GMT
accept-ranges: bytes
etag: "2878649034"
content-length: 1858
content-type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1105 13 KB
5 KB 91ms
90ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:31:43 GMT
expires: Tue, 03 Sep 2024 12:31:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A1A5 829 B
784 B 102ms
102ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4efc62b955fcca872e6150029f4b88ee87fb08e47a7c36e7c6b3ed76277b1864

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o_fyM-Ncj_6CSDYy3PX3Ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-o_fyM-Ncj_6CSDYy3PX3Ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 12:52:41 GMT
expires: Mon, 04 Sep 2023 12:52:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1ED7 0
63 B 240ms
240ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8965952001134&version=m202307240101&ct=77&x=1&cor=166581595500971520

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A1A5 0
0 195ms
195ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308290101&jk=1345933802354856&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame 1105 38 KB
15 KB 118ms
118ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Sep 2024 12:47:35 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame CC7B 0
38 B 91ms
91ms Image
text/plain 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Epde2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A6E1 0
63 B 209ms
208ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1982026738274&version=m202307240101&ct=77&x=1&cor=13981052834583628000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://e527160087a3a2c43b828b688c7cb67e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 2EAD 48 KB
12 KB 437ms
429ms Script
application/javascript 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 259148
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80165f00eeb90375-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 1105 0
38 B 108ms
108ms Image
text/plain 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0NIjOw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 199ms
198ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38u0&_p=7279&cid=268073163.1693831955&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1693831956&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dt=%E7%99%BC%E6%8F%AE%E9%87%91%E8%9E%8D%E5%89%B5%E6%96%B0%E5%84%AA%E5%8B%A2%C2%A0%E2%80%9C%E6%94%BF%E9%8A%80%E6%93%94%E2%80%9D%E7%B7%9A%E4%B8%8A%E6%89%B9%E9%87%8F%E8%9E%8D%E8%B3%87%E6%93%94%E4%BF%9D%E5%90%88%E4%BD%9C%E6%A8%A1%E5%BC%8F%E6%8E%A8%E5%87%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3EBB 0
0 197ms
196ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230830&jk=402901672500272&bg=!e3ileDfNAAYHwnCgJ8I7ADQBe5WfOEIs1UY58m1vjzaEb6rGKKj7gpiQGO2ZvHGDUwVbEgu0F6magBRW3aNR8Xysubk1AgAAAX1SAAAAB2gBB5kCv_qFeTbLjFjD00TSr9SuMB5eHfKnENpWEpUmymNJeTR0-FiPJ1XrD7iFyEgpGk7bUWnpZmhxky47YVeV6BZKRCj9MZw6_xcnCNDoXMWaSlrBBRhgkFgzDGCk_GnWu-HWiPEGA-NoV89pci-Iejf_p6g7srtMPY9Z55RJ51aIjgdiq3tHpuDnUmFg2_qv66QK_kEALHUhWjhUH_qcxVXczIrIRW3-WRcRZlLT1sp0V3PoC87qEvQPaM_zo_jXsbsWcAsLXSRQmlzoD1z8RFbe7ZlblMg5Rz4Why7AKF0vSE7n-3oqu7obg8o1mYgs0V8t8YzRee5QHZF4fV1YQ5dBbPqzVcIYyNH4ad8lvmJnoqedlzDE9lOwjhVNKV5PkzBUnGEC_YCO9PG_2KL7786YJ0IVNMVaj5kyCBFW2PQ8PMdcjNGT8WaYYA2H_wOqVKi-HN2hiAkotKMKSf6bRzZ6-Uzhrl1fh5VPitSlWuibhf4rHp9Exxo4TUTZ35h9sE3PsOnsaI2JxetrQwrRCJ76m8uAhrB8WRF5BwMv6Rv7BnOWxFmMrCGQ0pn737SplAwvGiEfqcGQ-ihfBn1-2tgaIXOuyFdHEBRgh8BI7LCsBHXRcPmaJYN66NEKhxYQE7Ed05qlJv2qYHKudY8KjgsodbScs-W65DfZNVX7oVTxMmx1vNaM6s7bbZRahmN059vXaQ0Z4NP6hAb3f5aDjMBpBR0tCBHGphEplLTgUd7TRBZXCI4asmnzMJ-P5ZSPRmFYyWUtcYsnyl0S598OUY41hV2ZNiaDBITz_eElhSvUVFk6_gHUPjo2Ba8H7OZGvm7foIJM-H8oW9Q-Rg6PAQYuSfSEcVj4lj66a7jtB7o8inAQLsofbOcP0kyvX2CWYA_-g7icSkqcjSL2pRYyNimgQQNL9Tz3D2wpmyDwIbfrmmg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame ABEC 0
343 B 218ms
218ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 80165f02c92d0375-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 12:52:42 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame D4F9 4 KB
2 KB 96ms
96ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

5887278b72cd44ba7f2bca994fc7047489bb1d047640a1f069be00519af7f700

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1416
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 9668 0
0 276ms
107ms Document
text/plain 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Mon, 04 Sep 2023 12:52:42 GMT
X-Sovrn-Pod: ad_ap2ams1

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4F6F 156 B
186 B 471ms
471ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=1965070006222643&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=E4E5ED9A-8C8A-4F9D-82BC-8A5220C53399&a3p=EhkKCnB1YmNpZC5vcmcYh4WCgqYxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIeFgoKmMUgAUgIIZBIZCgp1aWRhcGkuY29tGIeFgoKmMUgAUgIIZBIUCgVvcGVueBiHhYKCpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGIeFgoKmMUgAUgIIZA..&nel=0&eid=420706098%2C44750823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dlt=1693831951089&idt=5383&dt=1693831962097&cookie=ID%3Df9ed3c550e4b5e5c-22e363f666de0023%3AT%3D1693831956%3ART%3D1693831956%3AS%3DALNI_MbhPi_Lx4YtnDPZPXgSXaIUXyj9uA&gpic=UID%3D00000c6ef83ff7e2%3AT%3D1693831956%3ART%3D1693831956%3AS%3DALNI_MYtkc6IQPUlJs6FV160220h_mwajg&scor=4270237630314388&ged=ve4_td11_tt5_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame 1DD0 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4F9
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimBA9rKgdqGBMHcmNamlbUK22Lx7L_C6kw

170 B
188 B

105ms
105ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimBA9rKgdqGBMHcmNamlbUK22Lx7L_C6kw

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimBA9rKgdqGBMHcmNamlbUK22Lx7L_C6kw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame D4F9
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=AlOkKTk_Tp0s_4C2kTr7z8D2231cPdv7v_HeYXD22Ig

43 B
479 B

534ms
534ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=AlOkKTk_Tp0s_4C2kTr7z8D2231cPdv7v_HeYXD22Ig

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 12:52:42 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: C2GDHHTZSAPHQKHH6WQC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=AlOkKTk_Tp0s_4C2kTr7z8D2231cPdv7v_HeYXD22Ig
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D4F9 70 B
264 B 228ms
223ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Sep 2023 12:52:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame D4F9 43 B
145 B 224ms
219ms Image
image/gif 18.196.96.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.96.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-96-246.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET img
sync.mathtag.com/sync/ Frame D4F9 0
0

GET sync.php
pixel-eu.rubiconproject.com/exchange/ Frame D4F9 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame D4F9
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8281238057369299235

0
291 B

197ms
197ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8281238057369299235

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:42 GMT
an-x-request-uuid: dc4ab29e-0697-4669-bdc1-dd75c87704a0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8281238057369299235
x-proxy-origin: 194.230.146.186; 194.230.146.186; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame D4F9 42 B
676 B 227ms
223ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=v4UEgfAOIOQasluWtxIheNOya9OgnTSTHhNFRNhUcpQ
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame D4F9 0
75 B 71ms
68ms Image
text/plain 185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:42 GMT
content-length: 0

GET 711916.gif
id.rlcdn.com/ Frame D4F9 0
0

GET ImgSync
image8.pubmatic.com/AdServer/ Frame D4F9 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame D4F9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESENGZkZg_xNjROszbGmH4KQs&google_cver=1

0
291 B

196ms
196ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESENGZkZg_xNjROszbGmH4KQs&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESENGZkZg_xNjROszbGmH4KQs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame D4F9 0
38 B 227ms
223ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 v4UEgfAOIOQasluWtxIheNOya9OgnTSTHhNFRNhUcpQ&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame D4F9 0
80 B 228ms
224ms Image
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.smilewanted.com/set_partner_userid_get/onetag/v4UEgfAOIOQasluWtxIheNOya9OgnTSTHhNFRNhUcpQ&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 80165f03da910375-CDG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET rmpssp
sync.1rx.io/usersync2/ Frame 2581 0
0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 217ms
217ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308290101&jk=1345933802354856&bg=!iomlicbNAAYHwnCgJ8I7ADQBe5WfOAnytICoFZqhjV51G8ypgEyY7iPZSU6wD2UQgP9mbrUIHO1YDNE-IZrcRis7Co4bAgAAAJxSAAAAJmgBBwoAmYbDBMC-6nW7jFSiEPukseldMbldKaJSx80RvZyenk63OkWTR8vQMVVWKUemsGsjxiHXPlEl_YYB2ZzUmbn9VwEj9ECKDhrh2pDsFo0xm0dmCiQlcTDEekon2TJiISNLyzyk0dLw8xj80fJog72xi7KGw1I6VRm3QprlVqr9x8jRcs_4Kph59YWr-7OpeQP5tWpQzHmID9aMmpkCuR5VlHORsvTow-kWaV8Cc_mYvFH-b1HtSp1twC1bXo2VNeih0c1nXteKBmqRE1z3vtcDDaDLzRLDKI1j_mfDXefTVS6V04Ruvzxt9b-UkGPlWgeQtn3WI9A7iQHA276gLZjPppEifOLACYxb9NN99GA0kdxTIxmmhAtZmobUj8B2pRSaAr15DvgOKpMI-kdDB5ymn5Ne-CmJneaCWrcloNxsvBGlMvKxXjTusxSi5nDTTrg03HB-BzjCThjEcZ3UdPa_aF6nCs-eKyDw4qjoG9kABu6pl-KESrV1R7yibZwrjjY7mbCTwnHZxg68DGTnELEF9mFIFQdZD6ehy2VRMazoWh9jBGN7MK6SMlgGLe2L7VtqidXQNVscBDKla8bmj84b8pbMt6tlbL9dYusER_mhw6NqS1RzCoz74aiTKbRnJIPHXteYJOXKfZT05U1JiJxaOFyOkEVIlb1kTM0x405yyM5ZtpY6r-WnbabEuFZvlhUyq3sVGwkLyfPq4f7Vep-ATZlWZkxFWDZHKCg9jJ9CVO_DXa46yg7YcEUIScObj9ECcZzLBJ9JGJ_vjMBcyNdZQDzZYRZoVV2e4LMCLAsUSElBe4JT7qV0Zotvs6-_MLc0lFLU8uxWFSm6KadpI-w9pY9f3sVFTPWtWhCHGzjo2eIht-uOVpBfIR1WcEwjoI_5CCEcKHx6alr3Uo9VLPdWBD5ESd8KR8XeoUCVgpGvsHBZcu1JaKUQ1iuicoEuFXTsl83B242MHIBN4lKMKqzP8bgcAUyyEREHjlIfD5qutobpt3gioVmsVt6g237Hb518JsoNEgYrPvekZ7bh23k39PJdsPQkPkC6LKWnLYqFip3sezsJH92MzwqIO4d3LMhb2a0C4c3KYp1uvoscEQ-PkpDR1NG35dX-yiFAa5gRI-rASBtFVlw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
821 B 294ms
293ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693831962183&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1546&pt=1650706199&tz=120&viewable=true&ddast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4e99d4830fdcb94b709fc933d292b37154386f86e909b12c2d70f04ec6a9e743

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:42 GMT
content-encoding: gzip
server: nginx
machineid: 1432
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET match
ads.betweendigital.com/ Frame 9C06 0
0

GET smwt256.gif
us.ck-ie.com/ Frame 39F2 0
0

GET cookie
cm.adform.net/ Frame 92D1 0
0

GET user-matching
ads.stickyadstv.com/ Frame 46EA 0
0

GET v1
match.sharethrough.com/universal/ Frame EF4B 0
0

GET
H2

200

751a0d0537a12dd49cd80bfb9d459c33c23cea0d9b3e567daac673a2d72a3cba Show response
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame A30C
Redirect Chain

https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
https://csync.smilewanted.com/set_partner_userid_get/smartyads/751a0d0537a12dd49cd80bfb9d459c33c23cea0d9b3e567daac673a2d72a3cba

0
406 B

281ms
281ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/smartyads/751a0d0537a12dd49cd80bfb9d459c33c23cea0d9b3e567daac673a2d72a3cba
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 80165f08780a0375-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 12:52:42 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Mon, 04 Sep 2023 12:52:42 GMT
Expires: 0
Location: https://csync.smilewanted.com/set_partner_userid_get/smartyads/751a0d0537a12dd49cd80bfb9d459c33c23cea0d9b3e567daac673a2d72a3cba
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 video10.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 271 KB
272 KB 258ms
258ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video10.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 3836ee0615887017d2a7c33c1e11ae18790475d24df2a920d3aa3ece704114ed

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:42 GMT
cdn-edgestorageid: 863
cdn-storageserver: DE-164
cdn-cachedat: 08/18/2023 10:38:04
cdn-pullzone: 829957
content-length: 277300
last-modified: Fri, 18 Aug 2023 08:17:58 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 636
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: bde5eb5bae3ef93e9d59b918a359dbe9
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4F6F 156 B
186 B 500ms
500ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=1965070006222643&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=E4E5ED9A-8C8A-4F9D-82BC-8A5220C53399&a3p=EhkKCnB1YmNpZC5vcmcYh4WCgqYxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIeFgoKmMUgAUgIIZBIZCgp1aWRhcGkuY29tGIeFgoKmMUgAUgIIZBIUCgVvcGVueBiHhYKCpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGIeFgoKmMUgAUgIIZA..&nel=0&eid=420706098%2C44750823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dlt=1693831951089&idt=5383&dt=1693831963289&cookie=ID%3Df9ed3c550e4b5e5c-22e363f666de0023%3AT%3D1693831956%3ART%3D1693831956%3AS%3DALNI_MbhPi_Lx4YtnDPZPXgSXaIUXyj9uA&gpic=UID%3D00000c6ef83ff7e2%3AT%3D1693831956%3ART%3D1693831956%3AS%3DALNI_MYtkc6IQPUlJs6FV160220h_mwajg&scor=2682526136495424&ged=ve4_td12_tt6_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-233-155-239.compute-1.amazonaws.com

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 910ms
234ms Fetch
application/json 3.233.155.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.155.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 04 Sep 2023 12:52:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 1055ms
380ms Fetch
application/json 3.233.155.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.155.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-155-239.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 04 Sep 2023 12:52:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4F6F 156 B
186 B 393ms
392ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=1965070006222643&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=E4E5ED9A-8C8A-4F9D-82BC-8A5220C53399&a3p=EhkKCnB1YmNpZC5vcmcYh4WCgqYxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIeFgoKmMUgAUgIIZBIZCgp1aWRhcGkuY29tGIeFgoKmMUgAUgIIZBIUCgVvcGVueBiHhYKCpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGIeFgoKmMUgAUgIIZA..&nel=0&eid=420706098%2C44750823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dlt=1693831951089&idt=5383&dt=1693831964507&cookie=ID%3Df9ed3c550e4b5e5c-22e363f666de0023%3AT%3D1693831956%3ART%3D1693831956%3AS%3DALNI_MbhPi_Lx4YtnDPZPXgSXaIUXyj9uA&gpic=UID%3D00000c6ef83ff7e2%3AT%3D1693831956%3ART%3D1693831956%3AS%3DALNI_MYtkc6IQPUlJs6FV160220h_mwajg&scor=749934840923320&ged=ve4_td14_tt8_pd14_la14000_er0.0.0.0_vi0.0.1200.1600_vp0_ts2_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
290 B 232ms
232ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bg3.co
Date: Mon, 04 Sep 2023 12:52:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 video11.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 399 KB
400 KB 140ms
140ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video11.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 3df08761fe0fd6a68a0ca3bf7bbe70785246bba94c314bf7cd4357426d8f3eaf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:52:45 GMT
cdn-edgestorageid: 752
cdn-storageserver: DE-383
cdn-cachedat: 08/18/2023 10:38:04
cdn-pullzone: 829957
content-length: 408900
last-modified: Fri, 18 Aug 2023 08:17:57 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 653
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: b11b2650de687e78e1d4ef732e68ce77
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
821 B 256ms
255ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693831965115&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1546&pt=1650706199&tz=120&viewable=true&ddast=V8whkCLAbEB-fNEnoMShOID86bJfQYlC4AAABgYID-AImYTBvXxrVbS0a20Vo0mSzXEo9tstaYPCvDzDBzGTbLISARk2nj2rh2a8nINlqLJpPlWuKxTdYak2dlmBlmLsNmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhGg6HT7XvV73-90lPs9c4_cr_DKHW-h6uqVOu1vyt_vcGqPrYfe5hU-7W_l3vTVHp1t6dNl9buXT7hY57G7h02F3a44Ou88teLrFTofd55b87T639OkWOexuicPvFrrc0tffrfa7NUenW_R6ujVG111oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoBnDgvs8hwUHofH6fD8AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DZMHDzWboEY6JFDQWYQQAAABA2FxS98gknaBiUeX__7_fCsAVAIAARTAgO-QsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMRwhF-TANEjGKv5hcQAGDNLyAAABt1U0D3ZgBO0CFoxWCwOgExOwAAAAB3_v____WA2Gbmcbk2HsPGudvYZpONa-OZeQarxcS3G-42k-0BPq23n70WUeizISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEU67BcDabOdcqw2bhFu0WI7dws5ysdRPbZGPzbDYLz2Iten1MF5fNNRzOvEgwQHEvkqdFOpF5TIONa7ZYDRazmcMychkWjoXHuVoZFqvVbrayiCWak0U6kV32tc3M43JtPIaNc7exzSYb18Yz8wxWi4lvN9xtJvuWazCczWbOtcqwWbhFu8XILdwsJ2vdxDbZ2DybzcKzWIteH9PFZXMNhzN_Y7bcDDeL5Wqxb8yWm-FmsVwt9h06w3f1ORuVZZXko9MsP2eX7eY0KFwGi_elPp2HBWNB-_scnSaP6FnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf5nALXU-31Gl3S_52n1tjdD3sPrfwaXcr_6635uh0S48uu8-tfNrdIofdLXw67G7N0WH3uQVPt9jpsPvckr_d55Y-3SKH3S1x-N1Cl1v6-rvVfrfm6HSLXk-3xui6C01vs0UsEZwu0onoZTxd1H_0EMvRXLIZzBWj2VwxnK0SAAAAAAAAAIAlmGa6CQAAAICTQQ03w8VqnQ5mMpsMdqvlArgIytIFDAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp8RxFqtljUAAAABbAAAAAHcdONN4FgU9____z8OAACAjBx6AAAA9PuAsgAAAAAAAPgVxGSyGe4fgAqxVqvV7cZarVZAg9iNNpPJBP7___8D!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4e99d4830fdcb94b709fc933d292b37154386f86e909b12c2d70f04ec6a9e743

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 12:52:45 GMT
content-encoding: gzip
server: nginx
machineid: 1405
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4F6F 156 B
186 B 382ms
382ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=1965070006222643&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=E4E5ED9A-8C8A-4F9D-82BC-8A5220C53399&a3p=EhkKCnB1YmNpZC5vcmcYh4WCgqYxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIeFgoKmMUgAUgIIZBIZCgp1aWRhcGkuY29tGIeFgoKmMUgAUgIIZBIUCgVvcGVueBiHhYKCpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGIeFgoKmMUgAUgIIZA..&nel=0&eid=420706098%2C44750823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffa-hui-jin-rong-chuang-xin-you-shi-zheng-yin-dan-xian-shang-pi-liang-rong-zi-dan-bao-he-zuo-mo-shi-tui-chu.html&dlt=1693831951089&idt=5383&dt=1693831965615&cookie=ID%3Df9ed3c550e4b5e5c-22e363f666de0023%3AT%3D1693831956%3ART%3D1693831956%3AS%3DALNI_MbhPi_Lx4YtnDPZPXgSXaIUXyj9uA&gpic=UID%3D00000c6ef83ff7e2%3AT%3D1693831956%3ART%3D1693831956%3AS%3DALNI_MYtkc6IQPUlJs6FV160220h_mwajg&scor=4045758853133427&ged=ve4_td15_tt9_pd15_la15000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS