www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

URL: https://vidverto.io/?utm_source=vidverto.io_branding&&utm_medium=www.bg3.co

URL: https://2mbxk5.llsdzktnxwnnr.com/
Title: Außensauna | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

URL: https://intouch.wunderweib.de/charlene-von-monaco-ihre-verwandlung-von-frueher-bis-heute-113992.html
Title: InTouch

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

URL: https://1cd39e.snzgdl.com/
Title: SUV Deals | Suchanzeigen | Gesponserte Links

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ri=b2dcd64101c544da99e1863d2def8327&sd=v2_0d48954546d7dec456b2d9eb3df62335_62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a_1694055962_1694055962_CNawjgYQ2YJdGLyw6uymMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a&it=text&ii=~~V1~~829268698882786042~~pGaya00Z6GPwGrhWoba54D-29Vc5HThHiOUIWgF477F9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kD7VbyU9qGbFCk3G1JTsLXxEXbuS8jkQX0nUuhwc1s0NWDKm0BxgajBRGTPXWjzHqym6c-n9v_EKnUJWUIcRxLR-biYdBshGEjhngTcA7WhmUUIdg9nBBaLpV63jgzC9eJpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=ada6bcac85e57ed7dae83115a9eafe1750ab4ad8f009&redir=https%3A%2F%2F1cd39e.snzgdl.com%3Fsubid1%3D23998236%26subid2%3D3673104457%26subid3%3D1524057---delimjuwe---palmate-bg3co%26subid4%3Dtaboola-GiBE7jK0uNIn2PejxAJ7HO8FJgiyHrhop4ktiKt5U4LW3yCE3l0o4N7z76Cni45g%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DKloten%253A%2BUnverkaufte%2BAutos%2Bwerden%2Bfast%2Bverschenkt%26click_id%3DGiBE7jK0uNIn2PejxAJ7HO8FJgiyHrhop4ktiKt5U4LW3yCE3l0o4N7z76Cni45g%26dpco%3D1%23tblciGiBE7jK0uNIn2PejxAJ7HO8FJgiyHrhop4ktiKt5U4LW3yCE3l0o4N7z76Cni45g&vi=1694055962684&p=ajaskagmbh-search-suvdeals-cr&r=1&tvi50=11900&lti=deflated&ppb=CNkB&cpb=EhIyMDIzMDkwNS00LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDEyODiA0o6nBUCy0A1I0IgQUOeS2wNY____________AWMIrUYQ_FwYMmRjCNcWENQfGCNkYwjL__________8BEMv__________wEYNWRjCNIDEOAGGAhkYwiWFBCeHBgYZGMImE0Q-GUYOGRjCO8DEIsHGAlkYwj0FBCeHRgfZGMIpCcQgzUYL2R4AYABAogByYKMSZABHJgBjrHq7KYx&cta=true
Title: Jetzt Suchen

URL: https://intouch.wunderweib.de/michelle-hunziker-von-frueher-bis-heute-so-sehr-hat-sie-sich-veraendert-113494.html
Title: InTouch

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

URL: https://carsandyachts.com/trending/hochzeitspannen-45-witzige-und-peinliche-foto-fails-weddingphot/
Title: Cars&Yachts

URL: https://mightyscoops.com/trending/promis-die-ohne-make-up-erwischt-wurden-und-beweisen-dass-kosmetik-nur-ein-weiterer-weg-ist-um-mehr-schonheit-ins-gesicht-zu-bringen-haraldmhtbde
Title: Mighty Scoops

URL: https://mx.investing.com/magazine/de/25-auto-hacks-damit-ihr-fahrzeug-wie-neu-aussieht/
Title: investing.com

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%205:
Title: Sponsored

URL: https://ecohouses-ch.com/
Title: Ökohäuser | Gesponserte Links

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ri=7ed5bbe4acb28dd7507ef07f90645b1d&sd=v2_0d48954546d7dec456b2d9eb3df62335_62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a_1694055962_1694055963_CNawjgYQ2YJdGLyw6uymMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a&it=text&ii=~~V1~~-7579499634732051541~~jgNd1ZeZ5RlHUmEp8kN_s6eZ0Fp92koZJQQapOX6Qv19_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l16xQ-F7zlBKXjBek9PAy_PSWDKm0BxgajBRGTPXWjzHqym6c-n9v_EKnUJWUIcRxLQyGrAv7QRKnJEtEzDwdriHUUIdg9nBBaLpV63jgzC9eJpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=fb28408a617bf8e7ea92fb2d42295cc64c83221d35cf&redir=https%3A%2F%2Fecohouses-ch.com%3Fsub1%3D25987440---delimjuwe---3705879345%26sub2%3D1524057---delimjuwe---palmate-bg3co%26sub3%3Dtaboola-GiBE7jK0uNIn2PejxAJ7HO8FJgiyHrhop4ktiKt5U4LW3yD_tF8o4vbb5c6fyhA%26network%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DKloten%253A%2BUnverkaufte%2B%25C3%2596koh%25C3%25A4user%2Bwerden%2Bfast%2Bumsonst%2Bverkauft%2521%23tblciGiBE7jK0uNIn2PejxAJ7HO8FJgiyHrhop4ktiKt5U4LW3yD_tF8o4vbb5c6fyhA&vi=1694055962684&p=ajaskagmbh-search-sedo-ecohouses-sc&r=14&tvi50=11900&lti=deflated&ppb=COQH&cpb=EhIyMDIzMDkwNS00LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE0MziA0o6nBUCy0A1I0IgQUOeS2wNY____________AWMIrUYQ_FwYMmRjCNcWENQfGCNkYwjL__________8BEMv__________wEYNWRjCJhNEPhlGDhkYwiWFBCeHBgYZGMI0gMQ4AYYCGRjCO8DEIsHGAlkYwikJxCDNRgvZGMI9BQQnh0YH2R4AYABAogByYKMSZABHJgBvLXq7KYx&cta=true
Title: Weiterlesen

URL: https://fqh1vk.llsdzktnxwnnr.com/
Title: Knieosteoarthritis -Behandlung | Gesponserte Links

URL: https://cdd1e2.zbrjtstrclnm.com/
Title: Schwimmbecken Whirlpool Angebote | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%207:
Title: Sponsored

URL: https://93f06b.zbrjtstrclnm.com/
Title: Kleines Elektroauto für Senioren | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%209:
Title: Sponsored

URL: http://trendscatchers.de/index.php/2023/02/24/drohnenaufnahme-luftet-500-jahre-altes-geheimnis-2/
Title: Trendscatchers

URL: https://trck.tracking505.com/cbf7a996-581f-45d6-afce-e345dc00cbae
Title: Abflussreinigung | Gesponserte Links

URL: https://mx.investing.com/magazine/de/superyachten-die-groessten-und-schoensten-yachten-der-welt/
Title: investing.com

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%2011:
Title: Sponsored

URL: https://intouch.wunderweib.de/camilla-parker-bowles-jung-114535.html
Title: InTouch

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=rec-reel-sc2-delta:Below%20Article%20Feed%20|%20Card%2012:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ri=761b36d957d821bb974e04fe58e199a7&sd=v2_0d48954546d7dec456b2d9eb3df62335_62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a_1694055962_1694055962_CNawjgYQ2YJdGLyw6uymMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a&it=text&ii=~~V1~~829268698882786042~~-HkEXjmjFLHj5Stclnp-4j-29Vc5HThHiOUIWgF477F9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kD7VbyU9qGbFCk3G1JTsLXxLu2p_FapL58U7V-zQVIzMWDKm0BxgajBRGTPXWjzHqym6c-n9v_EKnUJWUIcRxLR-biYdBshGEjhngTcA7WhmUUIdg9nBBaLpV63jgzC9eJpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=494a4789ad21aa77e4523326a8bb3314fc096acc328c&redir=https%3A%2F%2F1cd39e.snzgdl.com%3Fsubid1%3D23998236%26subid2%3D3673104457%26subid3%3D1524057---delimjuwe---palmate-bg3co%26subid4%3Dtaboola-GiBE7jK0uNIn2PejxAJ7HO8FJgiyHrhop4ktiKt5U4LW3yCE3l0oqJPcu_He0qp2%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DKloten%253A%2BUnverkaufte%2BAutos%2Bwerden%2Bfast%2Bverschenkt%26click_id%3DGiBE7jK0uNIn2PejxAJ7HO8FJgiyHrhop4ktiKt5U4LW3yCE3l0oqJPcu_He0qp2%26dpco%3D1%23tblciGiBE7jK0uNIn2PejxAJ7HO8FJgiyHrhop4ktiKt5U4LW3yCE3l0oqJPcu_He0qp2&vi=1694055962684&p=ajaskagmbh-search-suvdeals-cr&r=18&tvi50=11900&lti=deflated&ppb=CP8F&cpb=EhIyMDIzMDkwNS00LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDEyODiA0o6nBUCy0A1I0IgQUOeS2wNY____________AWMIrUYQ_FwYMmRjCNcWENQfGCNkYwjL__________8BEMv__________wEYNWRjCNIDEOAGGAhkYwiWFBCeHBgYZGMImE0Q-GUYOGRjCO8DEIsHGAlkYwj0FBCeHRgfZGMIpCcQgzUYL2R4AYABAogByYKMSZABHJgBjrHq7KYx&cta=true
Title: Jetzt Suchen

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbnails-vignette-la-delta:taboola-vignette:
Title: Sponsored

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 111

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 112

https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 114

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 127

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3De7248e25-f961-4798-9f3b-e0b9810aca6e%26p_id%3D23 HTTP 302
https://ad.vidverto.io/delivery/v2/sync?userid=e7248e25-f961-4798-9f3b-e0b9810aca6e&p_id=23

Request Chain 128

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=e7248e25-f961-4798-9f3b-e0b9810aca6e&gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-7519300271539803613 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=3d45481a-0d4d-53fa-9b2d-d842ffd4e65c&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
https://ad.vidver.to/delivery/v2/sync?userid=2fb390bf-5a2c-4484-b56f-eb35edf444e9&p_id=15

Request Chain 134

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LM8L6JZH-20-2HMZ&gdpr=0

Request Chain 135

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=39679304533846343

Request Chain 137

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABim2an1uaZtvh_Hbh7VnIsTTJsVIbWxZhEg

Request Chain 138

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=3292171889774844560

Request Chain 140

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=eufrq92tYhAKSzemskV5p9S8faVyifcj1EVZdj0qFaE

Request Chain 141

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUFFRDQxRkEtQjJERi00ODg5LUE4QjctNUY5QzRDNkI4QzIx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=9AED41FA-B2DF-4889-A8B7-5F9C4C6B8C21

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEKX0WF7s6zR08PZTNcE2cho&google_cver=1

Request Chain 143

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-326uacVE2uHwx4bm0jw007vS05u9zbyOVRPzPXA-~A

Request Chain 145

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=2fb390bf-5a2c-4484-b56f-eb35edf444e9&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-SU7.npJE2pmDlspT4vIHEZ_Kb8i1qSMbwGVyPw--~A&expires=5&ssp=onetag HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=2fb390bf-5a2c-4484-b56f-eb35edf444e9&gdpr=&gdpr_consent=&us_privacy=

Request Chain 146

https://ad.mox.tv/delivery/sync?userid=eufrq92tYhAKSzemskV5p9S8faVyifcj1EVZdj0qFaE&p_id=5 HTTP 301
https://ad.mox.tv/delivery/v2/sync?userid=eufrq92tYhAKSzemskV5p9S8faVyifcj1EVZdj0qFaE&p_id=5

Request Chain 161

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM8L6JZH-20-2HMZ HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM8L6JZH-20-2HMZ HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/92a9832a-47f5-3d43-9ab2-bed8a055770b?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-Ni_QGrlE2oVqDKGaz4HxovGkuzCc.sq2FMOwOsY-~A&redirect= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 170

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE04TDZKWkgtMjAtMkhNWg== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH9rL8FV18ZyPYxrZYCvL3A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE04TDZKWkgtMjAtMkhNWg==&google_push=

Request Chain 172

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_95ubDdFRg6DGvvwgKik2w&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_95ubDdFRg6DGvvwgKik2w

Request Chain 173

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/SlkmtIE8kGeWHqvbH3TK1Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-V.Rn83dE2oLQwTdMXm2jsSb1k7rCKufJpt.m3Q--~A

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAFoI-sQ6MiYgdmUb3XHHG4&google_cver=1

Request Chain 175

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_FnczBjVQ8afz5RcXOZwiw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_FnczBjVQ8afz5RcXOZwiw

Request Chain 176

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmM1ZTQ1MGVmZTcwMjA0MDQ1NmU3ZmEwYTg0YTJjMjliZGExMWYwNA

Request Chain 177

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM8L6JZH-20-2HMZ

Request Chain 191

https://pr-bh.ybp.yahoo.com/sync/taboola/62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-R3NEhU9E2oT3QJyXsLvO8XmsdSbuECEX3JwOwA--~A

Request Chain 199

https://pr-bh.ybp.yahoo.com/sync/taboola/62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-R3NEhU9E2oT3QJyXsLvO8XmsdSbuECEX3JwOwA--~A

Request Chain 211

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&rid=esp&cc=1

Request Chain 223

https://pr-bh.ybp.yahoo.com/sync/taboola/62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-R3NEhU9E2oT3QJyXsLvO8XmsdSbuECEX3JwOwA--~A

Request Chain 305

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4337281933061996131

Request Chain 309

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAUPu-ZLkLxT-v_mp5DvGs8&google_cver=1

Request Chain 345

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAJ8KV_iXQ56I4VOVdZvLk&google_cver=1

Request Chain 346

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPk.Hwps4db1PyEBsRYLpAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAJ8KV_iXQ56I4VOVdZvLk&google_cver=1&google_hm=2

Request Chain 353

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEB2I2vKvBSMOqgm3YfF72I0&google_cver=1&google_push=AXcoOmTqnDG28S6Yb204XOOeN3wzTwaMURH1nuoe0VBEn2iW9cmYJqR9EViYTWAwtcIgg9IL-2PFQjn0bQWYacpX4NA7qU2WEntO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Njk1MjM3NDEwNTE5MjA1Njk3Mg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB2I2vKvBSMOqgm3YfF72I0&google_cver=1

Request Chain 354

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHQ8W7mYZK_ko3iDFocumeE&google_cver=1&google_push=AXcoOmRlhmL0jNYiIuQRl3LIM_UQbfJVfBnOa-LRwiu-_eDCBA8LwhR1ieWN4BCKEQPEyfaqNVvhfxMJgo9wiE9QszMxgvDxSNI HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1b7fbd29e94f16e5&is_secure=true&networkId=14000&version=1&google_gid=CAESEHQ8W7mYZK_ko3iDFocumeE&google_cver=1&google_push=AXcoOmRlhmL0jNYiIuQRl3LIM_UQbfJVfBnOa-LRwiu-_eDCBA8LwhR1ieWN4BCKEQPEyfaqNVvhfxMJgo9wiE9QszMxgvDxSNI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJAbyedH82mQMf6x5LAAAAAAA&expiration=1694142368&google_cver=1&is_secure=true&google_gid=CAESEHQ8W7mYZK_ko3iDFocumeE&google_push=AXcoOmRlhmL0jNYiIuQRl3LIM_UQbfJVfBnOa-LRwiu-_eDCBA8LwhR1ieWN4BCKEQPEyfaqNVvhfxMJgo9wiE9QszMxgvDxSNI

Request Chain 355

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEH30XdT5QUk8oHqz8xujeY4&google_cver=1&google_push=AXcoOmS0olckX7GmeaEWta3VQxULdSOJejhtRt73f6Fiuv116PKm1awmrSKHM0lZ9ibkLPMfljjZW2XqZIHaLR5JElJ8QG2X7Hu1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS0olckX7GmeaEWta3VQxULdSOJejhtRt73f6Fiuv116PKm1awmrSKHM0lZ9ibkLPMfljjZW2XqZIHaLR5JElJ8QG2X7Hu1

Request Chain 356

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMKrTDYRJdPx8hYfuQBPRyY&google_cver=1&google_push=AXcoOmT2auvaE8JeCRHVjofi2tyX0crUCgk2jJiSF7iMk0w0Qi5cK3HgvCpfwOhtRjqM--oxhC1jb1jyLLErb9RpcEWsC3-0_cw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NTkxNDk3NTg2OTcyODkyMw%3D%3D&google_push=AXcoOmT2auvaE8JeCRHVjofi2tyX0crUCgk2jJiSF7iMk0w0Qi5cK3HgvCpfwOhtRjqM--oxhC1jb1jyLLErb9RpcEWsC3-0_cw

Request Chain 357

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKX0WF7s6zR08PZTNcE2cho&google_cver=1&google_push=AXcoOmSAHewk6IXoUx70-8QAgo8LcTxvU0kvgq0cOIdnoBZyTOTb7w8h0m2BwxY8o0WK2R2QSLchtHTZgr7SjrIfyutYVaNCL8ASZQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABim2aqz8qFE2NI_lVnrdGbEbH8G461wxnlA&google_push=AXcoOmSAHewk6IXoUx70-8QAgo8LcTxvU0kvgq0cOIdnoBZyTOTb7w8h0m2BwxY8o0WK2R2QSLchtHTZgr7SjrIfyutYVaNCL8ASZQ HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 358

https://trace.mediago.io/cs/google?google_gid=CAESEOTgCG8hFza1nJWngKsVjj4&google_cver=1&google_push=AXcoOmRb5yc-yUfU0-dRn5KYIE_dtAPH6hKTL62kfB-19BUIiiehC0dLJzNgGPcQ3EaA-5HF0CUV71zMeFfM3Cx8Lv4CLkS8ARPcyA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRb5yc-yUfU0-dRn5KYIE_dtAPH6hKTL62kfB-19BUIiiehC0dLJzNgGPcQ3EaA-5HF0CUV71zMeFfM3Cx8Lv4CLkS8ARPcyA&google_hm=9e63d14f98617828a3569f02d7516c22

Request Chain 359

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEB51HzEgmqaSM8kELpFYqyQ&google_cver=1&google_push=AXcoOmR7_J3hGvqu6yW4eopOIk5-KLKRn-nO1rjlt1Xiho2hzoHQ3zv4iN9ko8xoaef6AY3OweqDpVhVUtM6vPDFesRUoraOU4Xa HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=f7a4abee-178a-472e-a12b-e71f33e25b31&google_cver=1&google_gid=CAESEB51HzEgmqaSM8kELpFYqyQ&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmR7_J3hGvqu6yW4eopOIk5-KLKRn-nO1rjlt1Xiho2hzoHQ3zv4iN9ko8xoaef6AY3OweqDpVhVUtM6vPDFesRUoraOU4Xa&gdpr=${GDPR}

Request Chain 402

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEMHePH0DW7BoXjX1ywWXjpU&google_cver=1 HTTP 302
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEMHePH0DW7BoXjX1ywWXjpU&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=e6c5c12d1b1fd55b1a2f86ff9aef67a9&uid=e6c5c12d1b1fd55b1a2f86ff9aef67a9&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

Request Chain 428

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=2fb390bf-5a2c-4484-b56f-eb35edf444e9&google_hm=MmZiMzkwYmYtNWEyYy00NDg0LWI1NmYtZWIzNWVkZjQ0NGU5 HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKnoFisulWGrdh1TZKCj2IE&google_cver=1&ssp=themediagrid&bsw_param=2fb390bf-5a2c-4484-b56f-eb35edf444e9

Request Chain 429

https://hal900010.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=4b4aa4085c&subid=&uid=0a6dd807a658eccd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUrq3Hj75ZKyzKIm96wTjjYmgA5HB0Jtp-_CDktwP8C4QASDSzIEaYPXF_Y78A8gBCakC7-3G4tn-sT6oAwHIA5sEqgSMAk_QU8yLoEnH0Z6ayx0ZQ1MWC6ZM-UoGuTGi7bqT59XeJbIG4L7GZh2TVyNJbxf9C7jA9S3WpB_GC7x0DbLyyBePVIEZm3TdaBchc9rbOqTuTtJqbGdR2tcsE3wKbWlZAwuXZB8eoGThNdcT5LLbcROE_MLtnMovU5dPrEC7UZw2jseW7mUz2DGWbj2cUVo7XY-d6SHfWWO0B2zaDD8OfSiv04GzVBVcDOXCF5kYwvl5yoT73FNzJ_vwA4WUqdfXQaV-0RVOQjl37GuidUWJhjpch_f0yd1RsZOcV-Ar1656-221jM6ocyVR1QX0Zrq57jO17PCq1Rda0zHTsvzMQLnIJDWjfhcp8tJk5hrABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIrLr9oMKXgQMVid6aCh3jRgI0EAEYASAAEgJViPD_BwE%26num%3D1%26cid%3DCAQSOwBpAlJWLA01jQ5DM5PCc9jYjRie2ubnxZLnLkMyudWWPO8HskAcI4aQHfL_fLxlsfuw-rzspsb7ajRzGAE%26sig%3DAOD64_2CvIHCTUwfz1b1mdYwPyxSoXicng%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-D5C1UY_DAv2m5_hqPMD1GNbi5KRsi6k4IBMBFZEIurT48sQKR0LFIHTZuR0gf9VJHhg0FAMIXYssxNfVdzDcHYD4FbAu3leVp7GgfFT0QcH2BMKcv4PISsKySzBsGvwe2fyz6avWHyW7qAnv5GYB5_zs_DN3vSSHYBFHgtp8T9oQlj5mY%26cry%3D1%26dbm_d%3DAKAmf-B3KAte-1EhIpHfNqzdpLifr4ULAKPHuG7lzn8TqCN-MgW3Ts19xOlacuPDRHdvbVzwQZMufnhDnc9pCRDkGm6PN0HHV5gflgp9psOzMfNj83AebmiyagCAcX0LGFdhCrPLtPtajUgyIg32-LdY0t1ZjMOBX6r1aYOb9FFiNxPSrvXhgoq6GYO5XLjdv6uKpUCAhzx5rkNM-3s0ngJVYB03iiQK9q7faRAoKiq38uKmUhvJbT9RPxhYlvQDktoxOLWMN1K_R6OeSgyanEO-jE0nCPteA_PTt_og2pfaT6Z-xx40wI-dtuy3aGGSY2ljnxOkOV-GV6BqF-UnmUY5n6j3zJUJWdmCTMivfaT8Q6jQbD9dXWHrGLhvMYO19-FwV16RuGdloQrmNjl4CeQcuja0l0bPr6K04Bo0yKBTi8a9YDqIwxGFM5dr6HW6z7_CTGpJdYOOLazbz-MTiv2TuWgW97JLEmtBGfy6aSnVDc2pGuQCuZnUd9zHxj2zuxS4hFyQmW3tCX9iLukabl3pjFBr9EQhsI5YiOzVaXKkxW7jfWddCtUZAAuLgKaauwBkqktS0TBUzrgoGPMAb8lv7fiXoPinxWQpZGfN017vkUONdqEP-eA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=1586829713509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900010.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=4b4aa4085c&subid=&uid=0a6dd807a658eccd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUrq3Hj75ZKyzKIm96wTjjYmgA5HB0Jtp-_CDktwP8C4QASDSzIEaYPXF_Y78A8gBCakC7-3G4tn-sT6oAwHIA5sEqgSMAk_QU8yLoEnH0Z6ayx0ZQ1MWC6ZM-UoGuTGi7bqT59XeJbIG4L7GZh2TVyNJbxf9C7jA9S3WpB_GC7x0DbLyyBePVIEZm3TdaBchc9rbOqTuTtJqbGdR2tcsE3wKbWlZAwuXZB8eoGThNdcT5LLbcROE_MLtnMovU5dPrEC7UZw2jseW7mUz2DGWbj2cUVo7XY-d6SHfWWO0B2zaDD8OfSiv04GzVBVcDOXCF5kYwvl5yoT73FNzJ_vwA4WUqdfXQaV-0RVOQjl37GuidUWJhjpch_f0yd1RsZOcV-Ar1656-221jM6ocyVR1QX0Zrq57jO17PCq1Rda0zHTsvzMQLnIJDWjfhcp8tJk5hrABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIrLr9oMKXgQMVid6aCh3jRgI0EAEYASAAEgJViPD_BwE%26num%3D1%26cid%3DCAQSOwBpAlJWLA01jQ5DM5PCc9jYjRie2ubnxZLnLkMyudWWPO8HskAcI4aQHfL_fLxlsfuw-rzspsb7ajRzGAE%26sig%3DAOD64_2CvIHCTUwfz1b1mdYwPyxSoXicng%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-D5C1UY_DAv2m5_hqPMD1GNbi5KRsi6k4IBMBFZEIurT48sQKR0LFIHTZuR0gf9VJHhg0FAMIXYssxNfVdzDcHYD4FbAu3leVp7GgfFT0QcH2BMKcv4PISsKySzBsGvwe2fyz6avWHyW7qAnv5GYB5_zs_DN3vSSHYBFHgtp8T9oQlj5mY%26cry%3D1%26dbm_d%3DAKAmf-B3KAte-1EhIpHfNqzdpLifr4ULAKPHuG7lzn8TqCN-MgW3Ts19xOlacuPDRHdvbVzwQZMufnhDnc9pCRDkGm6PN0HHV5gflgp9psOzMfNj83AebmiyagCAcX0LGFdhCrPLtPtajUgyIg32-LdY0t1ZjMOBX6r1aYOb9FFiNxPSrvXhgoq6GYO5XLjdv6uKpUCAhzx5rkNM-3s0ngJVYB03iiQK9q7faRAoKiq38uKmUhvJbT9RPxhYlvQDktoxOLWMN1K_R6OeSgyanEO-jE0nCPteA_PTt_og2pfaT6Z-xx40wI-dtuy3aGGSY2ljnxOkOV-GV6BqF-UnmUY5n6j3zJUJWdmCTMivfaT8Q6jQbD9dXWHrGLhvMYO19-FwV16RuGdloQrmNjl4CeQcuja0l0bPr6K04Bo0yKBTi8a9YDqIwxGFM5dr6HW6z7_CTGpJdYOOLazbz-MTiv2TuWgW97JLEmtBGfy6aSnVDc2pGuQCuZnUd9zHxj2zuxS4hFyQmW3tCX9iLukabl3pjFBr9EQhsI5YiOzVaXKkxW7jfWddCtUZAAuLgKaauwBkqktS0TBUzrgoGPMAb8lv7fiXoPinxWQpZGfN017vkUONdqEP-eA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=1586829713509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 446

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBDXDpw79sW9vKWnV2N2hcc&gdpr=0&google_cver=1

Request Chain 447

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0 HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEIq6cI0-_N7gvz3pTmnX2gk&google_cver=1&gdpr=0

Request Chain 486

https://google.partners.tremorhub.com/sync?UIDF=CAESEOxhAuwE96Hw-8X5ZhfNEwo&google_cver=1&google_push=AXcoOmQHI52A6QffZXO-bmkBIVenfTl6qDxY8TLxSHHfP-5GSLrDc8lev7AC-mr12snIcuwMhCwZf3vSShCq3ICiebnRx4_suhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=Y2Q2NWE1N2NmNGQ2NDZjMzkxMTE0Y2U1NDQzZGZjMmU%3D&UIDF=CAESEOxhAuwE96Hw-8X5ZhfNEwo&google_cver=1&google_push=AXcoOmQHI52A6QffZXO-bmkBIVenfTl6qDxY8TLxSHHfP-5GSLrDc8lev7AC-mr12snIcuwMhCwZf3vSShCq3ICiebnRx4_suhY

Request Chain 536

https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=34312150dacc16e5&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIIkVm9b9lmAMmM8iLAAAAAAA&expiration=1694142370&nuid={OX_USER_ID}&is_secure=true

Request Chain 537

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=N63CmVFNwecMHVVM74x0NA==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 539

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=2fb390bf-5a2c-4484-b56f-eb35edf444e9&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 540

https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
https://creativecdn.com/cm-notify?pi=openx&gdpr=0&tc=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073053&val=F0thiCOTH5FqFIRNVNPN&pi=openx&gdpr=0&tc=1

Request Chain 541

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qM2SPq2cxWGzwcJmqp_ZYqvMljezy8Vlqcl8wbVZ

Request Chain 571

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/betweenx/3d45481a-0d4d-53fa-9b2d-d842ffd4e65c

Request Chain 577

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/16404eb5bf57c10c3c56537d6c7c9?gdpr_consent=&gdpr=0

Request Chain 581

https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/smartyads/660cf9f78ccaca9106d6c1bc235eb782037a25203d8da985becc638c29b9a0e5

594 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html Show response
www.bg3.co/a/ 53 KB
15 KB 1999ms
1096ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 60cadbbd8ffc9cc032893bf17671c6093a0e083ec8f7100c851e3fbc8df873c0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 07 Sep 2023 03:06:01 GMT
etag: "d367-OtLNsoPYfjuUKXjeVTzuiAuEfaA"
expires: Thu, 07 Sep 2023 03:21:01 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 481ms
88ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Sep 2023 03:06:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72941
x-xss-protection: 0
server: sffe
etag: "1fd4dd9eff57c430"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 07 Sep 2023 03:06:02 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 457ms
65ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74ef1dc879279b310d54c27709e0b28aa7d18b1f7c23b4f1733b03047d538f2c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Sep 2023 03:06:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9642
x-xss-protection: 0
server: sffe
etag: "02dd63e520ffd2e6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 07 Sep 2023 03:06:02 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
7 KB 440ms
66ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5302bfe1d93dd4e0efef96171eda6cc8a0a07b18d1ed21d428db1e49c397d33b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Sep 2023 03:06:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7559
x-xss-protection: 0
server: sffe
etag: "7e5f99ff05e5cd4c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 07 Sep 2023 03:06:02 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 604ms
216ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2949d0c59cd8b5cbc94f58e31dd69b486c3c6349a6e3526a06e82174dd18131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29370
x-xss-protection: 0
server: cafe
etag: 525 / 19607 / m202308310101 / config-hash: 12382979882546628262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:02 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 40 KB
15 KB 127ms
44ms Script
application/javascript 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Sep 2023 15:22:25 GMT
server: cloudflare
age: 2996
etag: W/"64f89931-a067"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 802bbbc27e200e97-MXP
expires: Thu, 07 Sep 2023 14:16:04 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

467ms
56ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1251
alt-svc: h3=":443"; ma=86400
content-length: 40188
last-modified: Mon, 28 Aug 2023 06:02:11 GMT
server: cloudflare
etag: "64ec3863-9cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qLdOkOsQKP5v9mM6OVCWkWClEaiGFsMxB9o1qVTSfcBg%2Fs%2B0sOrQCBbDfglMpwlqxstptpZTiMFRePfXfmUeNWTu0s36SmrE2yuHJj10%2B5fW0jWTmwndvp2YUyjO8t3fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 802bbbc98a433747-MXP

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 37 KB
11 KB 207ms
59ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF4) /
Resource Hash: db60cd2f2b5c0d51da4bad58fe024ac1ae76185dbdd587173925bfe7cda211d7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Thu, 07 Sep 2023 03:06:02 GMT
content-encoding: gzip
age: 45936
x-cache: HIT
x-client-device: desktop
content-length: 10580
x-ap-device: MOBILE
last-modified: Wed, 06 Sep 2023 14:06:02 GMT
server: ECAcc (frc/4CF4)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: DE
expires: Thu, 07 Sep 2023 04:06:02 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 662 KB
140 KB 944ms
357ms Script
application/javascript 184.24.77.69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-69.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 94fbae877ac9ccf349fb9534c36b97a6e6bb6adeba86ea4cc285842b560e16cd

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Thu, 07 Sep 2023 03:06:02 GMT
x-ap-device: DESKTOP
content-encoding: br
last-modified: Wed, 06 Sep 2023 22:24:57 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-ap-geo: CH
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=99, origin; dur=217, ak_p; desc="1694055962364_389467973_671809843_31585_1517_68_92_146";dur=1
expires: Thu, 07 Sep 2023 04:06:02 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 493 KB
53 KB 136ms
43ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1da8c9de4dd18fb2f600f2aaabe17fba093ff3e313b073bc5099775744e9590d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: B7ESEqt9U0d0JJqnlCaJeGglIiWiYfbN
content-encoding: gzip
via: 1.1 varnish
date: Thu, 07 Sep 2023 03:06:02 GMT
x-amz-request-id: QKW8BEW0A65GJSQK
age: 82
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 54035
x-amz-id-2: z6+wC52bI0N7QwPlilP89jR1Q0+18pSyTRYp9XLhTld/DJKMc91o03AHPf9FyEzapstmgq/xDkU=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Wed, 06 Sep 2023 15:17:43 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694055962.149114,VS0,VE1
etag: "b35382d57c6b5b9ac2f9d781f1578799"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 33
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
566 B 197ms
187ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12918656&u1=A4B105F7205E4F96ED58A16CDB9A1775&java=1&security=dd738f34&sc_snum=1&sess=c49b29&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&t=%E9%BE%8D%E9%B3%B3%E7%80%91%E5%B8%83%E6%AD%A5%E9%81%93%20%E7%AC%AC10%E8%90%AC%E9%81%8A%E5%AE%A2%E6%9C%89%E7%A6%AE%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2170&sc_rum_e_e=2182&sc_rum_f_s=0&sc_rum_f_e=2167&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://www.bg3.co
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 802bbbc2fe570e97-MXP
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 457ms
65ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:02 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e98"
vary: Accept-Encoding
x-hw: 1694055962.dop260.fr8.t,1694055962.cds137.fr8.hn,1694055962.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29880

GET
H2 200 impl.20230905-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 804 KB
167 KB 45ms
44ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 68c9b585e4b7bed0162034533ab90f9a0c90d308b059fddc9a21a483c6d065ab

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: DHSY4h5zVk1UjTokLGTmT4IpOCy1UIOB
content-encoding: br
via: 1.1 varnish
date: Thu, 07 Sep 2023 03:06:02 GMT
x-amz-request-id: KTJ5G1T2ZY79WG4Y
age: 5809
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 170225
x-amz-id-2: N19IwH4/N/0qjpx6UPvM4DrF7NvGmP8xnhrV6k24mww9BeCqS8cdgMqnU30S0hJvfiOoiWuNEek=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Tue, 05 Sep 2023 09:28:59 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694055962.272944,VS0,VE0
etag: "02e831e0d003d619395b9b4db0013950"
vary: Accept-Encoding
content-type: application/javascript
abp: 55
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 421

GET a7462d76a890705c0b03980269e391b2.jpg
static.bg3.co/imgs/202106/ 0
0

GET 8a281811a91194b12a4dff4fd84c90dc.jpg
static.bg3.co/imgs/202105/ 0
0

GET 51a1f1b038ffc6b9e2b0a8d6c790b634.jpg
static.bg3.co/imgs/202105/ 0
0

GET c437090ab98348ff31457865b7d27214.jpg
static.bg3.co/imgs/202106/ 0
0

GET b8feeec2c048a711bc78094f3bcfae70.jpg
static.bg3.co/imgs/202106/ 0
0

GET aca56c511b49ca1bffcfa750849a55b0.jpg
static.bg3.co/imgs/202106/ 0
0

GET 6ad73043e253cf6a650722ab7ebd2af4.jpg
static.bg3.co/imgs/202105/ 0
0

GET 568b561ca15446ca79bf9bac709e6d37.jpg
static.bg3.co/imgs/202105/ 0
0

GET e02ddae7ad8ac59693b96dff909b43f1.jpg
static.bg3.co/imgs/202111/ 0
0

GET 61a8a2b9329da15e822b27464936d8f5.jpg
static.bg3.co/imgs/202105/ 0
0

GET b988368e0871e5c3e78dab8985c7622d.jpg
static.bg3.co/imgs/202105/ 0
0

GET 2b683e0a9e4b9f10b6529d9a6cd73701.jpg
static.bg3.co/imgs/202105/ 0
0

GET d9548ecbce34d355ac038aa009f869bb.jpg
static.bg3.co/imgs/202305/ 0
0

GET 5589afb3316908c0c1c64e52bbc40df5.jpg
static.bg3.co/imgs/202105/ 0
0

GET 46831eb1c8e494f7cae0e8d9ba718ce4.jpg
static.bg3.co/imgs/202105/ 0
0

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 8 KB
4 KB 431ms
45ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:40 GMT
age: 119963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2968
x-xss-protection: 0
server: sffe
etag: "20a8808a3fce3085"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:40 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 82 KB
23 KB 435ms
49ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:40 GMT
age: 119963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23124
x-xss-protection: 0
server: sffe
etag: "91fba5c7cd59114d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:40 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 4 KB
871 B 470ms
84ms Fetch
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26ebac8b8d1247e5aa00ec53cd97a110c0b1edd887362c6d25ddab4570bb79f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 523
x-xss-protection: 0

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 435ms
41ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 202809
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 71 KB
18 KB 373ms
357ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=05%3A06%3A02.687&lti=deflated&data=%7B%22id%22%3A247%2C%22ii%22%3A%22%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1694013456733%2C%22vi%22%3A1694055962684%2C%22cv%22%3A%2220230905-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html%22%2C%22vpi%22%3A%22%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3021%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A646%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b7ac041135a39aabb8a3ab89d57e9b8dac374ae74528b7f722365ae954072ea0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 317
date: Thu, 07 Sep 2023 03:06:03 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 68957
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230076-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1694055963.719149,VS0,VE317
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 12 KB
4 KB 432ms
47ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:40 GMT
age: 119963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3948
x-xss-protection: 0
server: sffe
etag: "a02df160e36bd176"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:40 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 403 KB
127 KB 29ms
29ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 12:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52646
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129723
x-xss-protection: 0
server: cafe
etag: 14901160554504536944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 05 Sep 2024 12:28:37 GMT

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
799 B 57ms
56ms Image
image/jpeg 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1694055962850
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC2) /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Fri, 06 Sep 2024 03:06:03 GMT
date: Thu, 07 Sep 2023 03:06:03 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: ECAcc (frc/4CC2)
age: 1786239
etag: "60d2d6c2-277"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-client-device: desktop
content-length: 631
x-client-geo: CH

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 67ms
67ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:03 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1694055963.dop260.fr8.t,1694055963.cds137.fr8.hn,1694055963.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 floating-unit.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 96ms
96ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6b7babf84ce7797789a5680401cb436cdc9118988848a158ca54418412d1083

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: V1rselWEQkmv8ejM_YOT9pvQ4PsP3pyq
content-encoding: gzip
via: 1.1 varnish
date: Thu, 07 Sep 2023 03:06:03 GMT
x-amz-request-id: YMYSCWQ4HDFV88QA
age: 42737
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2474
x-amz-id-2: uc/TxTGKFcoM/JlekznaoFnw684uXNLIBkSY9K6l8dG1BXVc/d0aUPhpx7nxrtygWl9fxEaNMqY=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Wed, 06 Sep 2023 15:13:46 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694055963.252308,VS0,VE0
etag: "9b0b24e2992039edeafef2deb5f869d2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1507

GET
H2 200 taboola-vignette-new-scanning.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 44ms
44ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9da2d7a84e76c27b93b2c4cacf7d94664404afa4c832a51b61516c3e510467c8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: nyBLekRqWpLwFsYJ1PM2htL48qH2exXE
content-encoding: gzip
via: 1.1 varnish
date: Thu, 07 Sep 2023 03:06:03 GMT
x-amz-request-id: GG3SZN1QSGHYAPZ8
age: 42717
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8019
x-amz-id-2: o+B0AKbDwwOufquBUhKM603c+EpaE5eo//GnTgnjAMIFfA/OIdq8E/w8MrYBJjugsAxyTQGJywI=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Wed, 06 Sep 2023 15:14:06 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694055963.331972,VS0,VE0
etag: "fcf081c3f2e178fc5d019b3ef2860ee1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 44
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1119

GET
H2 200 distance-from-article.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
2 KB 52ms
52ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2667c5a21fcde467613da8c09a1137467ff3ddbefd3cd4a8cc9f1b794524fba

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: em2XoJWhDIGX2pPbKxuWmMDgPsr_r4ef
content-encoding: gzip
via: 1.1 varnish
date: Thu, 07 Sep 2023 03:06:04 GMT
x-amz-request-id: VB7GC7DNR3DBAGXN
age: 42750
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1133
x-amz-id-2: MwndNzSFMrfPZuXlmjg+CH3RvIMFhrFGJpJWlIU4n1N0LM64WpnV/AGfobY9J5d7i0GAmvKutRg=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Wed, 06 Sep 2023 15:13:35 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694055965.593432,VS0,VE0
etag: "0a16ddc5535f3ec9c04adb198a63ab57"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 40
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 19393

GET
H2 200 article-detection.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 53ms
53ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f149685a7ee57be9021e9195fe13705d2656c54b066f08be7c06a22c91b30585

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VYQg0KzRzVKgsOUVIwoGWUZcIizdfOKZ
content-encoding: gzip
via: 1.1 varnish
date: Thu, 07 Sep 2023 03:06:04 GMT
x-amz-request-id: F29PXCZ8HNKVHJH3
age: 42757
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1292
x-amz-id-2: v/a7T3HLPP9VJKIs/ZoINAzTkQ4zUgmrWpgtYsjY3+QlOMnzxtML84PR9LAS30+tHp6+1yAQ708=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Wed, 06 Sep 2023 15:13:28 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694055965.593435,VS0,VE0
etag: "a684a25a6af049d0fee39485c35b845e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 19313

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.2.9/ 127 KB
36 KB 236ms
57ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3aae61f075cc64d2d2a1918694af9db5df06c7a638c6162f5840c5618f59bd03

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:04 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 218434
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 36490
x-served-by: cache-fra-eddf8230123-FRA
last-modified: Mon, 04 Sep 2023 14:25:10 GMT
server: AmazonS3
x-timer: S1694055965.837980,VS0,VE0
etag: "fd7ae01836d3569c79370b947186fc34"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: zY8aCoBHNlS93pxqjFjaT-d-7We2oA4brP-hg1H22wJfPEM1hA9XIg==
x-cache-hits: 33136

GET
H2 200 feed-card-placeholder.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 37ms
37ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c0b56e48f5c453c09b9229d70e9e85aead182f70b1ff39245061bf60af6bc0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .8WMZOWcDpNm0.Ccx52jyM8r4MC6976_
content-encoding: gzip
via: 1.1 varnish
date: Thu, 07 Sep 2023 03:06:04 GMT
x-amz-request-id: 3KKZJT1BHCRVXYWY
age: 42744
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: k6bhlbvN6KLmcGsQRfjoz7YptQAdyVlsTRKrgkvp9A4tCI+2N2yMesYwCKScEwY2BQFGyzS5cgE=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Wed, 06 Sep 2023 15:13:40 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694055965.645885,VS0,VE0
etag: "a682091ea54d189e1c90f84edb66dc6a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 69
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 15268

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 60ms
59ms Image
image/svg+xml 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Thu, 07 Sep 2023 03:06:03 GMT
x-amz-request-id: CCG7A4WVWN5WJAVZ
age: 38
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694055963.165454,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 78
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 23

GET
H2 200 userx.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 67ms
66ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 659c04daa2a54bef52f7966dc3500b8e702c6c8cd1c4a3bf5516234d3fb10a74

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: s_CdpOrxd5OMAuEV0GJ7BKn.ddN4GAhu
content-encoding: gzip
via: 1.1 varnish
date: Thu, 07 Sep 2023 03:06:04 GMT
x-amz-request-id: J4VM1AJYK6QJHX3G
age: 42714
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: FIq2NZRhejRV5eG0EITjnAVmFsTjNMpRi7giTA5FIjJKU6MUOB1ZCrrt1gNGOY6UXpqajzBu4iw=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Wed, 06 Sep 2023 15:14:10 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694055965.661804,VS0,VE0
etag: "22ce59d71c04e51e63a2870100dee4d6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 78
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 5850

GET
H2 200 explore-more.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 52ms
52ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfb968ff7ebcfc502af4bee0e5b4fce1b3ddfc29b883947aa18737c7ddf4dc05

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: nTny9pOwUaN6ss1oAQu2PcehWgBYcg1r
content-encoding: gzip
via: 1.1 varnish
date: Thu, 07 Sep 2023 03:06:04 GMT
x-amz-request-id: NASXNJWVBD4GEBA1
age: 42746
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8803
x-amz-id-2: V0wstXoV0n2+bJL8i51/PcQ4dHD4ffSYa39uaMHin2aUHH5b6pD7SOELnFltwMEFSga3o5C2Ra0=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Wed, 06 Sep 2023 15:13:38 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694055965.661803,VS0,VE0
etag: "0da94878b067376092df0c027b53d238"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 94
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 8096

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 379ms
93ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi50=11900&lti=deflated&ri=1f8ff5eda7fd754739214df78f67e019&sd=v2_0d48954546d7dec456b2d9eb3df62335_62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a_1694055962_1694055962_CNawjgYQ2YJdGLyw6uymMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a&pi=/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&wi=8785670565999157411&pt=text&vi=1694055962684&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=05%3A06%3A03.100&id=79&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 07 Sep 2023 03:06:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 349ms
94ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi50=11900&lti=deflated&ri=1f8ff5eda7fd754739214df78f67e019&sd=v2_0d48954546d7dec456b2d9eb3df62335_62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a_1694055962_1694055962_CNawjgYQ2YJdGLyw6uymMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a&pi=/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&wi=8785670565999157411&pt=text&vi=1694055962684&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1694055963101%7D&tim=05%3A06%3A03.101&id=9512&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 07 Sep 2023 03:06:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 329ms
95ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi50=11900&lti=deflated&ri=1f8ff5eda7fd754739214df78f67e019&sd=v2_0d48954546d7dec456b2d9eb3df62335_62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a_1694055962_1694055962_CNawjgYQ2YJdGLyw6uymMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a&pi=/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&wi=8785670565999157411&pt=text&vi=1694055962684&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1694055963110%7D&tim=05%3A06%3A03.110&id=2958&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 07 Sep 2023 03:06:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 114ms
95ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi50=11900&lti=deflated&ri=1f8ff5eda7fd754739214df78f67e019&sd=v2_0d48954546d7dec456b2d9eb3df62335_62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a_1694055962_1694055962_CNawjgYQ2YJdGLyw6uymMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a&pi=/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&wi=8785670565999157411&pt=text&vi=1694055962684&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=05%3A06%3A03.149&id=9744&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 07 Sep 2023 03:06:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 113ms
94ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=05%3A06%3A03.158&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=1825&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 68271

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 216ms
213ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=05%3A06%3A03.164&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=4806&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 67973

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 222ms
219ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=05%3A06%3A03.183&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=430&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 67973

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 223ms
220ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=05%3A06%3A03.184&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5855&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 67973

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 223ms
221ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=05%3A06%3A03.198&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5018&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 67973

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 20 KB
7 KB 351ms
350ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=05%3A06%3A03.237&route=AM:IL:V&tvi50=11900&lti=deflated&data=%7B%22id%22%3A115%2C%22ii%22%3A%22%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_0d48954546d7dec456b2d9eb3df62335_62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a_1694055962_1694055962_CNawjgYQ2YJdGLyw6uymMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA%22%2C%22ui%22%3A%2262a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a%22%2C%22uifp%22%3A%2262a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a%22%2C%22lbt%22%3A1694013456733%2C%22vi%22%3A1694055962684%2C%22cv%22%3A%2220230905-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html%22%2C%22vpi%22%3A%22%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4128%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A646%2C%22mw%22%3A760%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d16b785e5e28e40decd71ba686e556b929f434f18ca4ee9462b2a84dd6745992

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 289
date: Thu, 07 Sep 2023 03:06:03 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 68960
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230076-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1694055963.283094,VS0,VE289
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_690%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 103 KB
104 KB 63ms
45ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_690%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 77dfcd4be914b9e59d398c8c45b4adde75246ba1aa5438b8b8373c7f80af3a6f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_690%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age: 2485322
edge-cache-tag: 461980016182532422853203095584589787985,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461980016182532422853203095584589787985,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 253
expiration: expiry-date="Sun, 13 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://cutepett.com/
content-length: 105596
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000052-IAD, cache-iad-kcgs7200053-IAD, cache-sna10720-LGB, cache-iad-kjyo7100107-IAD, cache-fra-eddf8230076-FRA
last-modified: Thu, 13 Jul 2023 10:47:27 GMT
server: nginx
x-timer: S1694055965.061608,VS0,VE2
etag: "208b5e98b1735467f15b4f9869c3cbb9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 6, 1, 0, 1

GET
H2 200 629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 76 KB
77 KB 65ms
65ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6378d47bbd6a1f775f532cb753cef86ae7c5dda82d0592ac896a73936dc9ccc3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age: 1794328
edge-cache-tag: 461980016182532422853203095584589787985,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461980016182532422853203095584589787985,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 241
expiration: expiry-date="Sun, 10 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://ibctamil.com/
content-length: 77796
x-backend-name: US_nlb106
x-served-by: cache-iad-kcgs7200159-IAD, cache-iad-kcgs7200159-IAD, cache-lga21978-LGA, cache-iad-kjyo7100056-IAD, cache-fra-eddf8230076-FRA
last-modified: Thu, 10 Aug 2023 20:02:04 GMT
server: nginx
x-timer: S1694055965.153571,VS0,VE1
etag: "71e7328a598628fe3e7dc8b93d19f889"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 1, 0, 1

GET
H2 200 eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 119ms
118ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e03662baae2a170203c136b546c40cd0503823becb15ab80629e544af9efe19

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age: 1471604
edge-cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 176
expiration: expiry-date="Mon, 18 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.freenet.de/
content-length: 18500
x-backend-name: CH_nlb801
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kiad7000064-IAD, cache-iad-kcgs7200024-IAD, cache-fra-eddf8230076-FRA
last-modified: Fri, 18 Aug 2023 15:33:27 GMT
server: nginx
x-timer: S1694055965.168139,VS0,VE1
etag: "0a2c75440724365af393e298015be867"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 26, 0, 1

GET
H2 200 c6239d26c1081015da8050230fbf269b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 30 KB
31 KB 119ms
118ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6239d26c1081015da8050230fbf269b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 06cad48c2acc8db6b29fb6d99765a9bc5bfa6d61ea4690a484612cd4d4265e3c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6239d26c1081015da8050230fbf269b.jpg
age: 5562476
edge-cache-tag: 587356268005097457686237049894664356422,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 587356268005097457686237049894664356422,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 128
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.jamaicaobserver.com/
content-length: 30980
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000074-IAD, cache-iad-kiad7000057-IAD, cache-chi-klot8100044-CHI, cache-iad-kcgs7200033-IAD, cache-fra-eddf8230076-FRA
last-modified: Tue, 13 Jun 2023 05:44:52 GMT
server: nginx
x-timer: S1694055965.168109,VS0,VE1
etag: "8664d86dacc63024c3a286ec8f3736ea"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 214, 1

GET
H2 200 f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 29 KB
30 KB 103ms
102ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c0de8d914cf413918e4f780b2c92d4ca961c20d87ab023c55b5b6b2cc1438af

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age: 3184737
edge-cache-tag: 413171760462916128786953021986728628513,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 413171760462916128786953021986728628513,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 305
expiration: expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sport1.de/
content-length: 29512
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100071-IAD, cache-iad-kjyo7100071-IAD, cache-sna10723-LGB, cache-iad-kcgs7200082-IAD, cache-fra-eddf8230076-FRA
last-modified: Sat, 15 Jul 2023 14:43:31 GMT
server: nginx
x-timer: S1694055965.168112,VS0,VE1
etag: "6cbb6d3f5c4a9ef4c1d57377b9b82231"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 11, 1

GET
H2 200 c7a71b0b9ab0365fbabecec7080dc93b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 90ms
89ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c7a71b0b9ab0365fbabecec7080dc93b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 887692f860423797ae7d8f9503ef4b3a311099c37a1256309f0f4d96f2bade5a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c7a71b0b9ab0365fbabecec7080dc93b.jpg
age: 2032247
edge-cache-tag: 480919811498816728279671218586071676573,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 480919811498816728279671218586071676573,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 229
expiration: expiry-date="Sun, 20 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.taste.com.au/
content-length: 9208
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000126-IAD, cache-iad-kjyo7100071-IAD, cache-lax10638-LGB, cache-iad-kiad7000047-IAD, cache-fra-eddf8230076-FRA
last-modified: Thu, 20 Jul 2023 02:08:12 GMT
server: nginx
x-timer: S1694055965.168097,VS0,VE1
etag: "562598fe80037f6933aaefdb345090ff"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 6, 1

GET
H2 200 f300735262828176e69f7dfe742c505d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 102ms
101ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f300735262828176e69f7dfe742c505d.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: eb059751d4be5a559f19058b9852cdaff99ee19478b2ed05b11637771879a5cd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f300735262828176e69f7dfe742c505d.jpg
age: 3052647
edge-cache-tag: 611701484025477812279880354079622096749,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 611701484025477812279880354079622096749,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 195
expiration: expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.fizzlefakten.de/
content-length: 16412
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000156-IAD, cache-iad-kcgs7200023-IAD, cache-sna10722-LGB, cache-iad-kjyo7100074-IAD, cache-fra-eddf8230076-FRA
last-modified: Sat, 15 Jul 2023 17:51:02 GMT
server: nginx
x-timer: S1694055965.168081,VS0,VE1
etag: "efaea8ce6164a6340428b482f85b2bfa"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 24, 1

GET
H2 200 629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 87 KB
88 KB 84ms
84ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fbbf4f8ecfd45e554e169f6ef4d672b2fd3bbc3a1a79728607a31f7395eba72

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age: 2560732
edge-cache-tag: 461980016182532422853203095584589787985,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461980016182532422853203095584589787985,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 210
expiration: expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.autoplus.fr/
content-length: 89246
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200145-IAD, cache-iad-kjyo7100071-IAD, cache-sna10725-LGB, cache-iad-kjyo7100170-IAD, cache-fra-eddf8230076-FRA
last-modified: Mon, 10 Jul 2023 13:45:40 GMT
server: nginx
x-timer: S1694055965.269266,VS0,VE1
etag: "ecebe3f0b20bc86f86907281770c8cb6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 4, 1

GET
H2 200 f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 31 KB
32 KB 117ms
116ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ddae47187a17644dbe7e02cdf7089521d014d35e172c5c068b16213702bd5c5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age: 2628506
edge-cache-tag: 413171760462916128786953021986728628513,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 413171760462916128786953021986728628513,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 321
expiration: expiry-date="Wed, 16 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tag24.de/
content-length: 31858
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200103-IAD, cache-iad-kiad7000057-IAD, cache-sna10739-LGB, cache-iad-kiad7000139-IAD, cache-fra-eddf8230076-FRA
last-modified: Sun, 16 Jul 2023 08:21:22 GMT
server: nginx
x-timer: S1694055965.272072,VS0,VE0
etag: "98191e2eef5b9be911ac38d0d3a74348"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 113, 2

GET
H2 200 eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 42 KB
43 KB 138ms
137ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ca8807fbc1da6011747cf687c91060ced3e90e0e6ff78da4813186f5fc09e54e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age: 1471604
edge-cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 480
expiration: expiry-date="Mon, 18 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.hoerzu.de/
content-length: 42778
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kiad7000064-IAD, cache-lga21931-LGA, cache-iad-kjyo7100053-IAD, cache-fra-eddf8230076-FRA
last-modified: Fri, 18 Aug 2023 15:33:27 GMT
server: nginx
x-timer: S1694055965.293875,VS0,VE1
etag: "0a2c75440724365af393e298015be867"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1345, 1

GET
H2 200 c6239d26c1081015da8050230fbf269b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 89 KB
89 KB 137ms
137ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6239d26c1081015da8050230fbf269b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 144cffc70f975998336fea786f4a312264c6349ef420acad7ce4bd944acda157

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 6
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6239d26c1081015da8050230fbf269b.jpg
age: 1836638
edge-cache-tag: 587356268005097457686237049894664356422,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 587356268005097457686237049894664356422,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 182
req-referer: https://fightingirishwire.usatoday.com/
content-length: 90640
x-request-id: f8e20d7e138b88e7986d766608022fc8
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000074-IAD, cache-iad-kiad7000057-IAD, cache-sna10729-LGB, cache-iad-kjyo7100043-IAD, cache-fra-eddf8230076-FRA
last-modified: Fri, 04 Aug 2023 00:31:40 GMT
server: nginx
x-timer: S1694055965.315644,VS0,VE6
etag: "8664d86dacc63024c3a286ec8f3736ea"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 51, 1

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 40 KB
10 KB 65ms
65ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:40 GMT
age: 119965
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10339
x-xss-protection: 0
server: sffe
etag: "6b0a8d436e5c7ad3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:40 GMT

GET
H2 200 feedback
feedback.adrecover.com/ARWebService/ 70 B
277 B 1027ms
144ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://feedback.adrecover.com/ARWebService/feedback?ts=1694055963328&adBlockedAA=false&packetId=00000001-0ce13992-26a1-4267-81ec-bea08573f239&siteId=43519&pageGroup=undefined&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&country=DE&platform=MOBILE
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
619 B 42ms
39ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1060
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2B5ep7IYWdIVqGNCtyi0AJ6HcoPbPxYJeiANA9z3cB%2FRHyUeAsxZxjYqG3K2stvFn20C36QbkOYVYucPVc7GKW6GHBeQ%2BB1pg9xoKthICv2LMOxc0kFSQy%2B7jB%2FZoXRM4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 802bbbcaeaa13747-MXP

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 640ms
176ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: d4a0049935eeb2b2d7c34a2bd20019316dd6b3e84d01b7bf1d46efa9180b4b89

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:03 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 617ms
171ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: d4a0049935eeb2b2d7c34a2bd20019316dd6b3e84d01b7bf1d46efa9180b4b89

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:03 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 533ms
223ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.524961841104352&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:03 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 526ms
217ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.8229223065005071&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:03 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 634ms
170ms Script
application/javascript 184.24.77.69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-69.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Thu, 07 Sep 2023 03:06:05 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: nginx/1.18.0
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1694055965635_389467973_671810680_732_1535_64_0_146";dur=1
content-length: 122286
expires: Fri, 06 Sep 2024 03:06:05 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
561 B 632ms
168ms Script
application/javascript 184.24.77.69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-69.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Thu, 07 Sep 2023 03:06:05 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1694055965818_389467973_671810682_52_1504_64_92_146";dur=1
content-length: 211
expires: Fri, 06 Sep 2024 03:06:05 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 769ms
305ms Script
application/javascript 184.24.77.69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-69.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Thu, 07 Sep 2023 03:06:05 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=9, origin; dur=0, ak_p; desc="1694055965818_389467973_671810681_941_982_64_0_146";dur=1
content-length: 18371
expires: Thu, 07 Sep 2023 04:06:05 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
318 B 281ms
77ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQwNTU5NjM0MzksInBhY2tldElkIjoiMDAwMEE3MDEtM2RkMGJiYTItZTJhZS00ZjNkLWFmY2UtMDU0ZWRmOWZlMmJiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2xvbmctZmVuZy1wdS1idS1idS1kYW8tZGktMTBtby15b3Uta2UteW91LWxpLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IkNIIn0%3D&c_b=3568.400001525879
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:05 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
364 B 282ms
78ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:05 GMT
server: nginx/1.18.0 (Ubuntu)
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 633ms
155ms Script
text/javascript 18.66.127.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.127.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-127-127.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 06 Sep 2023 03:41:04 GMT
x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 84302
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: ErRLvuEi33J2A-xyZl52_DXbnkl-q_HCXJxZNoQeTPo84T96csryxA==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 119 KB
26 KB 634ms
182ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 10:48:56 GMT
server: cloudflare
x-amz-request-id: PZWZRGMGZGC1FZZC
age: 1837
etag: W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 802bbbda78b04c49-MXP
x-amz-id-2: S58JdPqukaHa1PfPpov4GyEz83dr63BKbaJmuhDvlOSU38dLMdr4IM2RoJbb53yBIZS0UEGIoH8=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 702ms
253ms Script
application/javascript 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32520
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6deeskFZjg%2FJYSB%2BjzV4dHx1Pe2XJ1aB7WD%2B4HXPQ1vYZUZWl80bH2bWIrGK3ffC5VK58ai7t1RXZLyIhmt%2BxLCsuV50%2BqAAn4aPVWkl5zFqtlHR87kJcp1jlmcvJp283yY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 802bbbdacc932373-ZRH

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 899ms
260ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 02 Jan 1970 00:00:00 GMT
server: nginx
etag: W/"15180-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Sep 2023 03:06:06 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 200ms
40ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 04:27:21 GMT
content-encoding: gzip
age: 859124
x-guploader-uploadid: ADPycdvO63Bs2hpfvrq4P31AF9LvzTxHSA_jJUqYOnbEjFh1BfJWVElI9jTga5pYHwO5mvT4IwwwIh1cSCracbb_xVSxAQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 27 Aug 2024 04:27:21 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 73ms
73ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4223211401508245&correlator=3961033658979351&eid=31077649&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1694055963550&lmt=1694048763&adxs=220&adys=184&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&vis=1&psz=760x0&msz=760x0&fws=4&ohw=1600&ga_vid=1108116648.1694055964&ga_sid=1694055964&ga_hid=160236309&ga_fc=false&dlt=1694055961874&idt=1650&adks=3605545259&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73de3f60b418aad0aaaa1cb130926776789f2b634a9bfd6d41d6e390b195a6d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12464
x-xss-protection: 0
google-lineitem-id: 6344488284
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440076868
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F85C 6 KB
3 KB 487ms
40ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:04 GMT
expires: Fri, 06 Sep 2024 03:06:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 next-up-widget.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 80ms
80ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71e375d5444b117a25725466b97c277c7b7243523340f8ace4c58ad259f28982

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 16i_W0SfO4iu5HUNttGCzqfI5eyuaJk9
content-encoding: gzip
via: 1.1 varnish
date: Thu, 07 Sep 2023 03:06:05 GMT
x-amz-request-id: 5Z6D55KEA63Q4GDX
age: 42737
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: zbA9d3vwZFWk0ANy7tqhXOmmLnCfK5m/3x33rRTsy4bo2JGe2Az9RZf1dL8FcKvA8rZnXttJGN0=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Wed, 06 Sep 2023 15:13:49 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694055965.434847,VS0,VE0
etag: "206e75ae80c2530bd7615c594f84c2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 71
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1480

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 138ms
138ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi50=11900&lti=deflated&ri=1f8ff5eda7fd754739214df78f67e019&sd=v2_0d48954546d7dec456b2d9eb3df62335_62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a_1694055962_1694055962_CNawjgYQ2YJdGLyw6uymMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a&pi=/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&wi=8785670565999157411&pt=text&vi=1694055962684&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1709%7D%22%2C%22eventTime%22%3A1694055963581%7D&tim=05%3A06%3A03.581&id=250&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 07 Sep 2023 03:06:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 114ms
78ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQwNTU5NjM1OTksInBhY2tldElkIjoiMDAwMEE3MDEtM2RkMGJiYTItZTJhZS00ZjNkLWFmY2UtMDU0ZWRmOWZlMmJiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2xvbmctZmVuZy1wdS1idS1idS1kYW8tZGktMTBtby15b3Uta2UteW91LWxpLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3728.2000007629395
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:05 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 80ms
77ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQwNTU5NjM2MDYsInBhY2tldElkIjoiMDAwMEE3MDEtM2RkMGJiYTItZTJhZS00ZjNkLWFmY2UtMDU0ZWRmOWZlMmJiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2xvbmctZmVuZy1wdS1idS1idS1kYW8tZGktMTBtby15b3Uta2UteW91LWxpLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3735.7000007629395
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:05 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 109ms
109ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQwNTU5NjM2MTAsInBhY2tldElkIjoiMDAwMEE3MDEtM2RkMGJiYTItZTJhZS00ZjNkLWFmY2UtMDU0ZWRmOWZlMmJiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2xvbmctZmVuZy1wdS1idS1idS1kYW8tZGktMTBtby15b3Uta2UteW91LWxpLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfMzM2WDI4MF84NjFlMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfMzM2WDI4MF84NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZXJ2aWNlcyI6WzVdLCJhZFVuaXRUeXBlIjo4fV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3738.800003051758
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:05 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
18 KB 335ms
335ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4223211401508245&correlator=3674869815611406&eid=31077649&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1694055963618&lmt=1694048763&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1108116648.1694055964&ga_sid=1694055964&ga_hid=160236309&ga_fc=false&dlt=1694055961874&idt=1650&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_20_0_pv%26cluster_reporting%3Dchrome_DESKTOP_20_1_active_0_pv%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c%26faid%3Dfalse&adks=3412779558&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93e7a23cfcb976982dd262710fb0038ab55fc9338b902f815fb201255b60b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18105
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 38 KB
13 KB 90ms
89ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b19226cc2de5fc76b98a1e3b1c72f90f202f999b7bb6233d179d0425b41af37d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 19:36:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26992
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13570
x-xss-protection: 0
server: cafe
etag: 8322348364393239614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 05 Sep 2024 19:36:13 GMT

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 138ms
138ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=05%3A06%3A03.667&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-c-delta&llvl=2&id=2605&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 71738

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 110ms
110ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQwNTU5NjM1OTksInBhY2tldElkIjoiMDAwMEE3MDEtM2RkMGJiYTItZTJhZS00ZjNkLWFmY2UtMDU0ZWRmOWZlMmJiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2xvbmctZmVuZy1wdS1idS1idS1kYW8tZGktMTBtby15b3Uta2UteW91LWxpLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3830.400001525879
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:05 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 139ms
139ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&tvi50=11900&lti=deflated&ri=400bd645634b36a4c996a5ca36867a24&sd=v2_0d48954546d7dec456b2d9eb3df62335_62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a_1694055962_1694055963_CNawjgYQ2YJdGLyw6uymMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a&pi=/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&wi=8785670565999157411&pt=text&vi=1694055962684&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1694055963727%7D&tim=05%3A06%3A03.727&id=2377&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 07 Sep 2023 03:06:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 7dfe6a49a8b61d494f34e4fd5aac7fdb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 34 KB
35 KB 151ms
151ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7dfe6a49a8b61d494f34e4fd5aac7fdb.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 339e941a35c95122b2c0f10296717e1dc51a8afddf6d20f200079c6394e2c7bc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7dfe6a49a8b61d494f34e4fd5aac7fdb.jpg
age: 3675662
edge-cache-tag: 413707816656923655197623410313382541449,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 413707816656923655197623410313382541449,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 176
req-referer: https://www.tippsundtricks.co/
content-length: 34938
x-request-id: b07f7744eb5b323d6e2a6eb3e09dc7e0
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000100-IAD, cache-iad-kjyo7100165-IAD, cache-sna10737-LGB, cache-iad-kcgs7200039-IAD, cache-fra-eddf8230076-FRA
last-modified: Wed, 26 Jul 2023 13:47:52 GMT
server: nginx
x-timer: S1694055966.564113,VS0,VE1
etag: "81f4e03e0f3e7475c2cf126cdacd2653"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 3, 1, 16, 1

GET
H2 200 e5cd1439806ffe139e39474ce2d76534.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 25 KB
26 KB 75ms
75ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e361396300428cd3c7d4f259de28cd0c1b706d3fcd6a5e484efaf51a51fb87f0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
age: 3135810
edge-cache-tag: 371149999047074580014513752138842485437,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 371149999047074580014513752138842485437,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 85
expiration: expiry-date="Thu, 03 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.espn.com/
content-length: 26020
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200137-IAD, cache-iad-kiad7000100-IAD, cache-chi-klot8100098-CHI, cache-iad-kiad7000169-IAD, cache-fra-eddf8230076-FRA
last-modified: Mon, 03 Jul 2023 06:23:41 GMT
server: nginx
x-timer: S1694055966.564099,VS0,VE1
etag: "c7e57f0ab462fea0a7b18dfc573bbc2d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 10674, 1

GET
H2 200 fb9c0889-d34f-487d-9c69-b274f6286232__TvZ1uK2h.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 10 KB
10 KB 75ms
74ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/fb9c0889-d34f-487d-9c69-b274f6286232__TvZ1uK2h.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba37c2757fd3663d832c6076d5e517c7616f576c2d21cc38c971d7db2cb26fe0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/fb9c0889-d34f-487d-9c69-b274f6286232__TvZ1uK2h.jpg
age: 1842272
edge-cache-tag: 535230315467042934001966557376152201422,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535230315467042934001966557376152201422,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 504
req-referer: https://jvpnews.com/
content-length: 9734
x-request-id: ac854a059cb672df0b38e1b876c0a488
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000147-IAD, cache-iad-kcgs7200124-IAD, cache-lga21967-LGA, cache-iad-kcgs7200161-IAD, cache-fra-eddf8230076-FRA
last-modified: Wed, 16 Aug 2023 15:18:44 GMT
server: nginx
x-timer: S1694055966.564091,VS0,VE1
etag: "8a3badc7d59f4777ce98ac58b9241a60"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 1

GET
H2 200 f3dfc3928883145cfce1980d3287e6c8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 58 KB
59 KB 105ms
104ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3dfc3928883145cfce1980d3287e6c8.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6084b5b210f88dde77cbb72cddc8b6f3e23770996ec6510c423cd73605f4b94f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3dfc3928883145cfce1980d3287e6c8.jpg
age: 1871022
edge-cache-tag: 481661454649057562498571776999756631246,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 481661454649057562498571776999756631246,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 270
req-referer: https://www.larep.fr/
content-length: 59732
x-request-id: 0fd3903f6ce2ed9e44a1b8d572d304b3
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100160-IAD, cache-iad-kjyo7100033-IAD, cache-lax10641-LGB, cache-iad-kcgs7200047-IAD, cache-fra-eddf8230076-FRA
last-modified: Tue, 08 Aug 2023 05:43:13 GMT
server: nginx
x-timer: S1694055966.564082,VS0,VE1
etag: "74ad3b1d858cb962a55473a6476ecee3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 18, 1

GET
H2 200 03cad2af8f8bdaf368ad0aecb584bbbb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 34 KB
35 KB 125ms
125ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 95340d68557bff28d6455d5dd904ee2f72fe02b7f1fe156154079039d003fb19

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
age: 4015697
edge-cache-tag: 629278368362485812204278233016319296852,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629278368362485812204278233016319296852,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 240
expiration: expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.ratemyprofessors.com/
content-length: 34966
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000150-IAD, cache-iad-kjyo7100141-IAD, cache-chi-klot8100117-CHI, cache-iad-kjyo7100100-IAD, cache-fra-eddf8230076-FRA
last-modified: Sat, 15 Jul 2023 22:44:19 GMT
server: nginx
x-timer: S1694055966.618581,VS0,VE1
etag: "05686e725bd7c1ab25724df4bdd17390"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 4, 1, 122, 1

GET
H2 200 de-1-The-Drone-Mystery.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.trendscatchers.io/uploads/2023/02/ 18 KB
18 KB 97ms
94ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.trendscatchers.io/uploads/2023/02/de-1-The-Drone-Mystery.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 87c3a2933c4eaca3746bdedc2985171e0322b134bb7e80b481ed326df20ce94a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.trendscatchers.io/uploads/2023/02/de-1-The-Drone-Mystery.jpg
age: 2292211
edge-cache-tag: 470201885491821901672187928257210781572,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 470201885491821901672187928257210781572,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 108
expiration: expiry-date="Sat, 19 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.freenet.de/
content-length: 18284
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000129-IAD, cache-iad-kiad7000131-IAD, cache-iad-kiad7000169-IAD, cache-fra-eddf8230076-FRA
last-modified: Wed, 19 Jul 2023 16:52:09 GMT
server: nginx
x-timer: S1694055966.672612,VS0,VE1
etag: "89650134b81f39b559f851f18cb336ba"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 22, 1

GET
H2 200 nYim6X6SYHYMpRj.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/ 10 KB
10 KB 84ms
84ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/nYim6X6SYHYMpRj.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d52df9fabaed1fef20e9bcacbdafdaa0d0f6d07ef28c580fe47c0f14a0053ad3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/nYim6X6SYHYMpRj.jpg
age: 2809988
edge-cache-tag: 338166782886888119765135496302646930728,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 338166782886888119765135496302646930728,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 465
expiration: expiry-date="Wed, 16 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.footmercato.net/
content-length: 9756
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000025-IAD, cache-iad-kiad7000054-IAD, cache-chi-kigq8000128-CHI, cache-iad-kiad7000058-IAD, cache-fra-eddf8230076-FRA
last-modified: Sun, 16 Jul 2023 08:09:25 GMT
server: nginx
x-timer: S1694055966.689987,VS0,VE1
etag: "0adc8ec46c2767904c6ee865def1f1ec"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 286, 1

GET
H2 200 d996ee10e1555b16e08829da0a1d3e48.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 51 KB
52 KB 64ms
64ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d996ee10e1555b16e08829da0a1d3e48.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c12cb43d0f490fceecc224cfb0ca8f7b453b1ccb46b6378048eaf92ec9734097

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d996ee10e1555b16e08829da0a1d3e48.jpg
age: 1498554
edge-cache-tag: 546930035828335343796221201175469695478,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 546930035828335343796221201175469695478,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 195
expiration: expiry-date="Fri, 25 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.fizzlefakten.de/
content-length: 52610
x-backend-name: US_nlb102
x-served-by: cache-iad-kcgs7200057-IAD, cache-iad-kcgs7200057-IAD, cache-lga21948-LGA, cache-iad-kiad7000049-IAD, cache-fra-eddf8230076-FRA
last-modified: Tue, 25 Jul 2023 14:12:28 GMT
server: nginx
x-timer: S1694055966.710100,VS0,VE1
etag: "7a1d1227e5d2009febb0d28a4615767c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 18, 1, 1, 1

GET
H2 200 c463621448b754f72cde3a24bce6a684.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 35 KB
35 KB 157ms
155ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c463621448b754f72cde3a24bce6a684.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b5341612974a891bde43adf002e2bfa53d0874fb69afdcac4e4cd73ea187dfc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c463621448b754f72cde3a24bce6a684.jpeg
age: 2644654
edge-cache-tag: 572986981612921457322863674271668491606,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 572986981612921457322863674271668491606,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 244
expiration: expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.hoerzu.de/
content-length: 35344
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100080-IAD, cache-iad-kiad7000058-IAD, cache-iad-kjyo7100087-IAD, cache-fra-eddf8230076-FRA
last-modified: Mon, 17 Jul 2023 23:41:48 GMT
server: nginx
x-timer: S1694055966.725190,VS0,VE1
etag: "8d4bf42e02fbfe15a95c837722a4ed41"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 42, 1

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B04 0
0 70ms
68ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBxPrTH1KC-Bi2BYl7-yMh6f1qCRlcygGDmS76RGXvqb3gSfpHHbjI0gy73I6zHd4WPy3OHXYSuOOp5rr0Ys7kEiQKDG0o6UtXdM9lyzhaCqeKVfawCRoeXhXN7oi7H9JWtB7YrMGs2trQAeSIo9FgAswsXoO3FrQY0K7PoUwRDj-aGzcMnMTpiGsqJ9hFw-ileBSVAEXFWDtSQhjZpaoDbEIqp0NokhHzIH5gmuAHqC-yWMeY7aYpUVezLejVD3tSQlZy17UoSuDjHpx9kKR_rh3Th7DESkVSwbBi7hsorfqvj6avIFBRGrYTRc4Lbbwqlw&sai=AMfl-YSBswTi8-bS5t1jQr9ZplvQsZ68DWFvZKmlrShvPZfjLIxDY4SidxmD9OUh-8oXOq67qzcupOH5elm-jRurvmHLDLApQ4W_m2wYpLqlltmAv4fTuUoO7XrYhN8pQTfSoJjpJ11_qbHQd4BWwlM&sig=Cg0ArKJSzG7sH3pdT3BQEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 03:06:03 GMT

GET
H2 200 invocation.js Show response
ad.vidverto.io/vidverto/js/aries/v1/ 26 KB
8 KB 173ms
76ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:03 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 14:03:06 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64df7a1a-66bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 07 Sep 2023 04:06:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B04 181 KB
57 KB 445ms
55ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:04 GMT

GET
H2 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 213 KB
57 KB 107ms
106ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

851e04ab30d3036701fa3d2b2a3db761579f1319cda0819efb17a2d7cf3a2862

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:40 GMT
age: 119965
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57751
x-xss-protection: 0
server: sffe
etag: "df3f5bf96724b1a9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:40 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 9006 18 KB
8 KB 662ms
107ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

515013e943f5a6d42c708b234047a2f1e3d70f70d2a48f65df284bc5f9466eb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7900
x-xss-protection: 0
server: cafe
etag: 4796420852061909081
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:04 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 4E04 18 KB
8 KB 705ms
158ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4166c8388eb17656a755cc8e05c0d9517bda3a4df3f779d75238a9653b11f974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7900
x-xss-protection: 0
server: cafe
etag: 7617015419631044898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:04 GMT

GET
H2 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 79A4 714 B
616 B 41ms
33ms Document
text/html 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 364
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 802bbbcf0bcc3747-MXP
content-encoding: br
content-type: text/html
date: Thu, 07 Sep 2023 03:06:04 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuLAyBMdMptMidEhOPTKvPYH7ikyIhpYi8ZkHALJfheg2AuilIovBOm6QidQ7Uv%2FGPhzIGzAYIsbIUOS7ex8dIb98VdKvD%2BeUUm23%2BvbtQW%2Fvj%2BjSJe0YuPh2idAc2UIxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame ADFC
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

341ms
44ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 07 Sep 2023 03:06:04 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 07 Sep 2023 03:06:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
148 B

115ms
115ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date: Thu, 07 Sep 2023 03:06:06 GMT
Connection: close
Content-Length: 111
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H2 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame DB97 714 B
556 B 48ms
47ms Document
text/html 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 364
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 802bbbcf1bd13747-MXP
content-encoding: br
content-type: text/html
date: Thu, 07 Sep 2023 03:06:04 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CesmdK31t04MWw4HAjUzJF%2BNi6a9fGT11sly7wDUF9ny50ATVgRV7rKeDaYXAzBS%2BokskJ21JXqOTQ2wGqvdhxJbu991cu4rvhDGrMR%2BAUMY5P9uO1cLYvz6G1%2F71vEMdw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C4FD
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

342ms
45ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 07 Sep 2023 03:06:04 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 07 Sep 2023 03:06:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 impress Show response
ad.vidverto.io/delivery/ 53 KB
18 KB 118ms
118ms XHR
application/json 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&referrer=&async=1&uid=5593022872&gdpr=0&gdpr_consent=
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 72a2cb6565681897b77a0b0725b1abab7f378454b1ef4b41d6cc23befb4eafd1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 07 Sep 2023 03:06:04 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 79A4 99 KB
29 KB 157ms
156ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23be14af3c0f9175c605e7809f65e67c8b97d287c91ad15fe0fa84b41d43060e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29211
x-xss-protection: 0
server: cafe
etag: 756 / 19607 / 31077596 / config-hash: 12382979882546628262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:04 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame DB97 98 KB
28 KB 193ms
193ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20290619df116c6e4608d84058105e8335ae61ce43ea99eefc93ed25cf8b466b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28989
x-xss-protection: 0
server: cafe
etag: 203 / 19607 / 31077684 / config-hash: 12382979882546628262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:04 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 99AE 4 KB
2 KB 250ms
163ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

566e9dfeaf30a22019fc3bd4a20ab9bb75785719c8102595e0d372f81538bcee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1405
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 moxplayer.css
ad.vidverto.io/js/moxplayer/ 51 KB
8 KB 58ms
56ms Stylesheet
text/css 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:04 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-cbf7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 07 Sep 2023 04:06:04 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 358 KB
124 KB 698ms
129ms Script
text/javascript 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9848fd9c8e8d1002001cd245c2218c1c51d6e0aa9f543a0163e19bf6899af172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126091
x-xss-protection: 0
expires: Thu, 07 Sep 2023 03:06:06 GMT

GET
H2 200 inview.min.js Show response
ad.vidverto.io/js/ima2/2/ 5 KB
2 KB 156ms
155ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-1389"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 07 Sep 2023 04:06:05 GMT

GET
H2 200 vast-client.min.js Show response
ad.vidverto.io/js/ima2/2/ 59 KB
13 KB 236ms
235ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
content-encoding: gzip
last-modified: Fri, 21 Apr 2023 17:10:25 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6442c381-edf4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 07 Sep 2023 04:06:05 GMT

GET
H2 200 ima.min.js Show response
ad.vidverto.io/js/ima2/2/ 87 KB
23 KB 237ms
236ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/ima.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4dd0d73d5ecadb5b80d3e5a901564b14a90d3436e11f860795ab53098f24b1b7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 12:02:31 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64ec8cd7-15d84"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 07 Sep 2023 04:06:05 GMT

GET
H2 200 vidvertoplayer.js Show response
ad.vidverto.io/vidverto/player/ 129 KB
41 KB 329ms
328ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 07:44:44 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62fdedec-205ff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 07 Sep 2023 04:06:05 GMT

GET
H2 200 prebid.js Show response
ad.vidverto.io/js/achernar/ 318 KB
101 KB 343ms
343ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/achernar/prebid.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 098edf6f2f040b09a7f932e1824aa3295784a54fd3adf7d53daaf7398052a075

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
content-encoding: gzip
last-modified: Sun, 13 Aug 2023 19:44:06 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64d93286-4f6c3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 07 Sep 2023 04:06:05 GMT

GET
H2 200 invocation.min.css
ad.vidverto.io/vidverto/ 3 KB
850 B 68ms
66ms Stylesheet
text/css 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/invocation.min.css
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:04 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 16:53:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5fac1711-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2

200

sync
ad.vidverto.io/delivery/v2/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3De7248e25-f961-4798-9f3b-e0b9810aca6e%26p_id%3D23
https://ad.vidverto.io/delivery/v2/sync?userid=e7248e25-f961-4798-9f3b-e0b9810aca6e&p_id=23

0
151 B

135ms
132ms

Image
text/plain

185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/v2/sync?userid=e7248e25-f961-4798-9f3b-e0b9810aca6e&p_id=23
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.vidverto.io/delivery/v2/sync?userid=e7248e25-f961-4798-9f3b-e0b9810aca6e&p_id=23
date: Thu, 07 Sep 2023 03:06:06 GMT
cache-control: no-store no-transform
server: nginx
content-length: 161
content-type: text/html; charset=utf-8

GET
H2

200

sync
ad.vidver.to/delivery/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=e7248e25-f961-4798-9f3b-e0b9810aca6e&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=3d45481a-0d4d-53fa-9b2d-d842ffd4e65c&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
https://ad.vidver.to/delivery/v2/sync?userid=2fb390bf-5a2c-4484-b56f-eb35edf444e9&p_id=15

0
155 B

623ms
289ms

Image
text/plain

175.110.113.213
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidver.to/delivery/v2/sync?userid=2fb390bf-5a2c-4484-b56f-eb35edf444e9&p_id=15
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Server: 175.110.113.213 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-213.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:08 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: //ad.vidver.to/delivery/v2/sync?userid=2fb390bf-5a2c-4484-b56f-eb35edf444e9&p_id=15
date: Thu, 07 Sep 2023 03:06:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 favicon-16px.png
ad.vidverto.io/images/ 900 B
1 KB 328ms
326ms Image
image/png 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/images/favicon-16px.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ee0f3c3-384"
content-type: image/png
cache-control: max-age=604800, public, max-age=604800
accept-ranges: bytes
content-length: 900
expires: Thu, 14 Sep 2023 03:06:05 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/ Frame 79A4 404 KB
127 KB 49ms
48ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d592777a6d54b69a8e48ad9ef2b7abeb4c3fec5e8d88935956423d3dc8f069b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 18:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30532
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129934
x-xss-protection: 0
server: cafe
etag: 5804524590501581973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 05 Sep 2024 18:37:12 GMT

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
122 B 311ms
311ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi50=11900&route=AM%3AIL%3AV&lti=deflated&bulkSize=19
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 144
date: Thu, 07 Sep 2023 03:06:04 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 69064
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230076-FRA
pragma: no-cache
server: nginx
x-timer: S1694055964.390018,VS0,VE144
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/ Frame DB97 407 KB
129 KB 131ms
130ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

540dfacb5653359db263f2d751b3494596b42b5acae30bc379eec33e87ed40bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 10:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59360
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131474
x-xss-protection: 0
server: cafe
etag: 4360487527687814013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 05 Sep 2024 10:36:44 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 99AE 43 B
443 B 164ms
37ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x30 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:04 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x30 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Thu, 07 Sep 2023 03:06:03 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 99AE
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LM8L6JZH-20-2HMZ&gdpr=0

0
291 B

31ms
31ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LM8L6JZH-20-2HMZ&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LM8L6JZH-20-2HMZ&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 99AE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=39679304533846343

0
291 B

105ms
105ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=39679304533846343

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:04 GMT
an-x-request-uuid: 0ff33a4a-843d-47e1-845e-8541d224454e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=39679304533846343
x-proxy-origin: 84.227.169.20; 84.227.169.20; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 99AE 42 B
773 B 229ms
51ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=eufrq92tYhAKSzemskV5p9S8faVyifcj1EVZdj0qFaE
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 99AE
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABim2an1uaZtvh_Hbh7VnIsTTJsVIbWxZhEg

170 B
243 B

264ms
125ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABim2an1uaZtvh_Hbh7VnIsTTJsVIbWxZhEg

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABim2an1uaZtvh_Hbh7VnIsTTJsVIbWxZhEg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 99AE
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=3292171889774844560

0
291 B

111ms
111ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=3292171889774844560

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=3292171889774844560
date: Thu, 07 Sep 2023 03:06:04 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 99AE 0
0 166ms
41ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 99AE
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=eufrq92tYhAKSzemskV5p9S8faVyifcj1EVZdj0qFaE

43 B
479 B

766ms
186ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=eufrq92tYhAKSzemskV5p9S8faVyifcj1EVZdj0qFaE

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Sep 2023 03:06:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FMJ94ZZ8TCR3MEFS8QN0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=eufrq92tYhAKSzemskV5p9S8faVyifcj1EVZdj0qFaE
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 99AE
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUFFRDQxRkEtQjJERi00ODg5LUE4QjctNUY5QzRDNkI4QzIx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=9AED41FA-B2DF-4889-A8B7-5F9C4C6B8C21

0
291 B

79ms
78ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=9AED41FA-B2DF-4889-A8B7-5F9C4C6B8C21

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=9AED41FA-B2DF-4889-A8B7-5F9C4C6B8C21
date: Thu, 07 Sep 2023 03:06:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame 99AE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEKX0WF7s6zR08PZTNcE2cho&google_cver=1

0
291 B

37ms
37ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEKX0WF7s6zR08PZTNcE2cho&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEKX0WF7s6zR08PZTNcE2cho&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 99AE
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-326uacVE2uHwx4bm0jw007vS05u9zbyOVRPzPXA-~A

0
291 B

35ms
34ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-326uacVE2uHwx4bm0jw007vS05u9zbyOVRPzPXA-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-326uacVE2uHwx4bm0jw007vS05u9zbyOVRPzPXA-~A
date: Thu, 07 Sep 2023 03:06:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 99AE 70 B
149 B 244ms
61ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
onetag-sys.com/match/ Frame 99AE
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=2fb390bf-5a2c-4484-b56f-eb35edf444e9&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-SU7.npJE2pmDlspT4vIHEZ_Kb8i1qSMbwGVyPw--~A&expires=5&ssp=onetag
https://onetag-sys.com/match/?int_id=30&uid=2fb390bf-5a2c-4484-b56f-eb35edf444e9&gdpr=&gdpr_consent=&us_privacy=

0
291 B

182ms
181ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=2fb390bf-5a2c-4484-b56f-eb35edf444e9&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=2fb390bf-5a2c-4484-b56f-eb35edf444e9&gdpr=&gdpr_consent=&us_privacy=
date: Thu, 07 Sep 2023 03:06:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sync
ad.mox.tv/delivery/v2/ Frame 99AE
Redirect Chain

https://ad.mox.tv/delivery/sync?userid=eufrq92tYhAKSzemskV5p9S8faVyifcj1EVZdj0qFaE&p_id=5
https://ad.mox.tv/delivery/v2/sync?userid=eufrq92tYhAKSzemskV5p9S8faVyifcj1EVZdj0qFaE&p_id=5

0
156 B

80ms
79ms

Image
text/plain

175.110.113.205
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/v2/sync?userid=eufrq92tYhAKSzemskV5p9S8faVyifcj1EVZdj0qFaE&p_id=5
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 175.110.113.205 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-205.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.mox.tv/delivery/v2/sync?userid=eufrq92tYhAKSzemskV5p9S8faVyifcj1EVZdj0qFaE&p_id=5
date: Thu, 07 Sep 2023 03:06:04 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 194
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 9B04 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c19b7f130a7d6973c39853db2170d84de59564477d3d1a14f9209fb62993732

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B04 0
0 465ms
82ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8dmJda5544LG1yToEZTx8B6svH5gNONqRTelF1ckPUcOMxBDImrnqeQx7ygYgZAUvOk4Zb2mq18UmzRAYAGQC-CyKO5FBS1IhXD3VVdpWk50w5ih9TDQ5Mnph0Eu5MLexefhjTkCMzQgUVntjfS0hDnqhQGTu4bYpMroIn3UrlTMCH8v6NCJWkVIzs2Nwcfhc8uwUPMlLDodZaT0nB12XcOMLKn2YpzbM9ObUVpVt9W-L0HIORmSoX1p4qhLAT05IcLb9ddgCb8QSz8cqHztwUheGcBNyD2mudtGlACoz7QcJK8tKS0yvTdrrrP5Gp5-lPPGm&sai=AMfl-YSvcSEuDeHZgNK9zpucOQUF63y0SnTVKRoUoSkk8POnGb7LebQtVEN6IlkRW5UC4RBFCbIdSrih6XrFI-bmMdBE66V20zZKghfjTWNosUrmL8-Xc4BrG2FgUetPlrM0Jq6BgB20cjlLjDHUr9M&sig=Cg0ArKJSzE7seFJ6oR9wEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 03:06:04 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 79A4 492 B
336 B 74ms
74ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1154535318847761&correlator=113880129811127&eid=31076475%2C31077596%2C31077231&output=ldjh&gdfp_req=1&vrg=202308240102&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694055964476&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=ge15sbtrza6r&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=Infinity&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qOjcdewuI3jkVsT2ZD7RgcCqmWwmbayswwVzg04MCuGo1c5eeTHwgErHZKt5qsNHyvanxkrU89QO4Sq5pU0z4MRfvPs7_v_Hq6qsyWxiykwFiIfugBvcN8vXwd-0cHjGT6BCWGx28Q&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1105978206.1694055964&ga_sid=1694055964&ga_hid=452515239&ga_fc=false&dlt=1694055964026&idt=423&adks=64515409&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cffb75eef95378cbd0f722c1240a2db2f0bf4b4e0d709dfea341292a3d1a017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 79A4 15 KB
12 KB 97ms
96ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b251848387c728ccb818924d04bdf1bc4aed83f7aa3971e925bf43e8d3bff82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11852
x-xss-protection: 0

GET
H2 200 container.html Show response
746dbf17c51002b437df189985285799.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 89C4 6 KB
3 KB 64ms
42ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://746dbf17c51002b437df189985285799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:04 GMT
expires: Fri, 06 Sep 2024 03:06:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DB97 492 B
306 B 75ms
75ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1673794438791823&correlator=1523665717700730&eid=31077647%2C31077684&output=ldjh&gdfp_req=1&vrg=202309060101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694055964515&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=isym1k9ixion&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qOjcdewuI3jkVsT2ZD7RgcCqmWwmbayswwVzg04MCuGo1c5eeTHwgErHZKt5qsNHyvanxkrU89QO4Sq5pU0z4MRfvPs7_v_Hq6qsyWxiykwFiIfugBvcN8vXwd-0cHjGT6BCWGx28Q&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1986726994.1694055965&ga_sid=1694055965&ga_hid=1754933694&ga_fc=false&dlt=1694055964040&idt=453&adks=64515409&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2280f300c5f767c4757e782cc1a78c853c3373f357f834c3dd5a7f8c9a39cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DB97 15 KB
12 KB 85ms
85ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c914904664bb049cd1ec0a7a914d4b445c83a9e820a5f86e24677428e5991f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11765
x-xss-protection: 0

GET
H2 200 container.html Show response
2133101f50c4f34b7308261ba5cf3c6c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EEF3 6 KB
3 KB 73ms
43ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2133101f50c4f34b7308261ba5cf3c6c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:04 GMT
expires: Fri, 06 Sep 2024 03:06:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame ADFC 34 KB
10 KB 55ms
55ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1e3bcedb3332b5b7a2e29ca7fd39df17b25efa604de0ee0ffcbc8b025d4b81e9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Sep 2023 18:19:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54771
Connection: keep-alive
Content-Length: 10123
Expires: Thu, 07 Sep 2023 18:18:55 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C4FD 34 KB
10 KB 61ms
61ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1e3bcedb3332b5b7a2e29ca7fd39df17b25efa604de0ee0ffcbc8b025d4b81e9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Sep 2023 18:19:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54771
Connection: keep-alive
Content-Length: 10123
Expires: Thu, 07 Sep 2023 18:18:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9006 143 KB
49 KB 281ms
279ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0587f9baeaaa1f596e077f41a90b2afeaf24f4dc804e9c1720aa1398f87bcbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50499
x-xss-protection: 0
server: cafe
etag: 3829335602731922622
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:05 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 79A4 17 KB
7 KB 448ms
66ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 03:06:05 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DB97 17 KB
6 KB 431ms
75ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 03:06:05 GMT

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 259ms
257ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=IL:IL:V&tvi50=11900&lti=deflated&ri=400bd645634b36a4c996a5ca36867a24&sd=v2_0d48954546d7dec456b2d9eb3df62335_62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a_1694055962_1694055963_CNawjgYQ2YJdGLyw6uymMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a&pi=/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&wi=8785670565999157411&pt=text&vi=1694055962684&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22305%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=05%3A06%3A04.643&id=7030&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 07 Sep 2023 03:06:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame ADFC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM8L6JZH-20-2HMZ
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM8L6JZH-20-2HMZ
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/92a9832a-47f5-3d43-9ab2-bed8a055770b?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-Ni_QGrlE2oVqDKGaz4HxovGkuzCc.sq2FMOwOsY-~A&redirect=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
148 B

72ms
71ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date: Thu, 07 Sep 2023 03:06:06 GMT
Connection: close
Content-Length: 111
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4E04 143 KB
49 KB 329ms
327ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f10.1e100.net

Software

cafe /

Resource Hash

6758fea2f5abe6c4318d2ad99b4dd5f91f4b7ba839fc48b475acce05969bedd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50500
x-xss-protection: 0
server: cafe
etag: 1842589623232057824
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:05 GMT

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 491ms
64ms Stylesheet
text/css 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 03:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 02:26:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 03:06:05 GMT

GET
H2 200 spa-detector.20230905-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 185ms
183ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230905-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e016d3df93459256a6fe9e8138adba21bfba1589672c6149fb5bbde470580c20

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KEGvtegWzhSmJ0zyOWVzsjMEuOiRrSzx
content-encoding: gzip
via: 1.1 varnish
date: Thu, 07 Sep 2023 03:06:05 GMT
x-amz-request-id: 5Z1CHXFC88GT13TW
age: 42729
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 779
x-amz-id-2: 1R6YEO9Myr91tXufEJQPPNQ2KLQnJQ8K96AKA2aZIoxRcffRrKxm7cTEbrWPZe7wMn0nAh2HBz4=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Wed, 06 Sep 2023 15:13:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694055966.841505,VS0,VE0
etag: "f7cc4f6d837535cfe5c09f38624a17a0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 43
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 8339

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 258ms
257ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=IL:IL:V&tvi50=11900&lti=deflated&ri=400bd645634b36a4c996a5ca36867a24&sd=v2_0d48954546d7dec456b2d9eb3df62335_62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a_1694055962_1694055963_CNawjgYQ2YJdGLyw6uymMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a&pi=/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&wi=8785670565999157411&pt=text&vi=1694055962684&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=05%3A06%3A04.693&id=7577&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 07 Sep 2023 03:06:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 260ms
258ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&tvi50=11900&lti=deflated&ri=400bd645634b36a4c996a5ca36867a24&sd=v2_0d48954546d7dec456b2d9eb3df62335_62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a_1694055962_1694055963_CNawjgYQ2YJdGLyw6uymMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a&pi=/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&wi=8785670565999157411&pt=text&vi=1694055962684&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1694055964693%7D&tim=05%3A06%3A04.693&id=5486&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 07 Sep 2023 03:06:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 261ms
259ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=IL:IL:V&tvi50=11900&lti=deflated&ri=400bd645634b36a4c996a5ca36867a24&sd=v2_0d48954546d7dec456b2d9eb3df62335_62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a_1694055962_1694055963_CNawjgYQ2YJdGLyw6uymMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a&pi=/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&wi=8785670565999157411&pt=text&vi=1694055962684&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=05%3A06%3A04.695&id=5077&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 07 Sep 2023 03:06:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 261ms
259ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&tvi50=11900&lti=deflated&ri=400bd645634b36a4c996a5ca36867a24&sd=v2_0d48954546d7dec456b2d9eb3df62335_62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a_1694055962_1694055963_CNawjgYQ2YJdGLyw6uymMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a&pi=/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&wi=8785670565999157411&pt=text&vi=1694055962684&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1694055964696%7D&tim=05%3A06%3A04.697&id=465&llvl=2&cv=20230905-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 07 Sep 2023 03:06:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 260ms
258ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=05%3A06%3A04.714&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=5868&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 71305

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ADFC
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE04TDZKWkgtMjAtMkhNWg==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH9rL8FV18ZyPYxrZYCvL3A&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE04TDZKWkgtMjAtMkhNWg==&google_push=

170 B
188 B

43ms
41ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE04TDZKWkgtMjAtMkhNWg==&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE04TDZKWkgtMjAtMkhNWg==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame ADFC 70 B
148 B 147ms
62ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame ADFC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_95ubDdFRg6DGvvwgKik2w&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_95ubDdFRg6DGvvwgKik2w

43 B
479 B

288ms
287ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_95ubDdFRg6DGvvwgKik2w

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Sep 2023 03:06:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: N221KA5EZ2TQ4YAJ45V6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_95ubDdFRg6DGvvwgKik2w
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame ADFC
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/SlkmtIE8kGeWHqvbH3TK1Mn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-V.Rn83dE2oLQwTdMXm2jsSb1k7rCKufJpt.m3Q--~A

42 B
753 B

127ms
127ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-V.Rn83dE2oLQwTdMXm2jsSb1k7rCKufJpt.m3Q--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 07 Sep 2023 03:06:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-V.Rn83dE2oLQwTdMXm2jsSb1k7rCKufJpt.m3Q--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame ADFC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAFoI-sQ6MiYgdmUb3XHHG4&google_cver=1

42 B
753 B

51ms
51ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAFoI-sQ6MiYgdmUb3XHHG4&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAFoI-sQ6MiYgdmUb3XHHG4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame ADFC
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_FnczBjVQ8afz5RcXOZwiw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_FnczBjVQ8afz5RcXOZwiw

43 B
479 B

126ms
125ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_FnczBjVQ8afz5RcXOZwiw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Sep 2023 03:06:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6GW25CRWNC171D1QK9FZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_FnczBjVQ8afz5RcXOZwiw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ADFC
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmM1ZTQ1MGVmZTcwMjA0MDQ1NmU3ZmEwYTg0YTJjMjliZGExMWYwNA

170 B
232 B

42ms
41ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmM1ZTQ1MGVmZTcwMjA0MDQ1NmU3ZmEwYTg0YTJjMjliZGExMWYwNA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmM1ZTQ1MGVmZTcwMjA0MDQ1NmU3ZmEwYTg0YTJjMjliZGExMWYwNA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame ADFC
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM8L6JZH-20-2HMZ

0
647 B

755ms
268ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM8L6JZH-20-2HMZ
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9E183FAD96944E23AF6B29B23911C9BD Ref B: ZRHEDGE1906 Ref C: 2023-09-07T03:06:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYEvCQPDGK8ezkKSN59PQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM8L6JZH-20-2HMZ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5DC3 13 KB
5 KB 73ms
72ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 47055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:01:50 GMT
expires: Thu, 05 Sep 2024 14:01:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 13C7 829 B
766 B 575ms
94ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e7197ae9fb9e4511c68ed05f99d62a91a915c3429d90becf83e846deab8889d6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZJl-qPe_wycYggAMT9TXXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-ZJl-qPe_wycYggAMT9TXXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:05 GMT
expires: Thu, 07 Sep 2023 03:06:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C2AF 13 KB
5 KB 75ms
74ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 47055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:01:50 GMT
expires: Thu, 05 Sep 2024 14:01:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6666 829 B
1 KB 564ms
93ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8d779fb7bb8d658245d7eeb7992cfc40456ca3b47196419672163c95f94e0561

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TFcYV37-Kt4aotB0azqqeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-TFcYV37-Kt4aotB0azqqeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:05 GMT
expires: Thu, 07 Sep 2023 03:06:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 193ms
192ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Thu, 07 Sep 2023 03:06:05 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 1177
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1694055966.841491,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 80
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 1670

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 194ms
192ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Thu, 07 Sep 2023 03:06:05 GMT
x-amz-request-id: AXB48TVMJDNAM2N4
age: 6269
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694055966.841476,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 41
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1827

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 3CEF 577 B
477 B 109ms
100ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&cmcv=&pix=undefined&cb=1694055965185&uv=3334&tms=1694055965185&abt=adxLoadDist5-out_vB!aniview_inc_vA!dfrc_vA!expl_vE!iiqrc_vA!nonrv_vA!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6a7e0860-cdd7-4a1a-94ea-4a5c96a0c1c7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e4b0f9e14b8a9a3cdbe2ad38dfe2d6135c3e87e5d1a7d9bbb4a31a44f716d96b

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Thu, 07 Sep 2023 03:06:05 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230076-FRA
x-timer: S1694055965.242107,VS0,VE12

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 6FCD 439 B
525 B 294ms
87ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 20ae3ee739ff347b747b02412a84a6025da1cb8a25b0878ccb79ffb036cad1fa

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 07 Sep 2023 03:06:05 GMT
machineid: 3407
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
795 B 189ms
165ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694055965194&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1548&pt=-911142239&tz=120&viewable=true&ddast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vB!aniview_inc_vA!dfrc_vA!expl_vE!iiqrc_vA!nonrv_vA!t45!t45!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c569065c32a76fdabd354e28723483ab221a9db68fc807aa2970249b9920e8a

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Thu, 07 Sep 2023 03:06:05 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1413
x-cache: MISS
x-served-by: cache-fra-eddf8230076-FRA
pragma: no-cache
server: nginx
x-timer: S1694055965.261591,VS0,VE30
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 249ms
207ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&cmcv=&pix=31589837&cb=1694055965185&uv=3334&tms=1694055965185&abt=adxLoadDist5-out_vB!aniview_inc_vA!dfrc_vA!expl_vE!iiqrc_vA!nonrv_vA!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1694055959871.5!ts:1694055965185&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
content-length: 0
server: nginx

GET
H2 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5DC3 37 KB
15 KB 78ms
78ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:31:44 GMT

GET
H2 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame C2AF 37 KB
14 KB 109ms
109ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:31:44 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3CEF 70 B
148 B 129ms
129ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&cmcv=&pix=undefined&cb=1694055965185&uv=3334&tms=1694055965185&abt=adxLoadDist5-out_vB!aniview_inc_vA!dfrc_vA!expl_vE!iiqrc_vA!nonrv_vA!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6a7e0860-cdd7-4a1a-94ea-4a5c96a0c1c7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 3CEF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-R3NEhU9E2oT3QJyXsLvO8XmsdSbuECEX3JwOwA--~A

0
98 B

184ms
167ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-R3NEhU9E2oT3QJyXsLvO8XmsdSbuECEX3JwOwA--~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&cmcv=&pix=undefined&cb=1694055965185&uv=3334&tms=1694055965185&abt=adxLoadDist5-out_vB!aniview_inc_vA!dfrc_vA!expl_vE!iiqrc_vA!nonrv_vA!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6a7e0860-cdd7-4a1a-94ea-4a5c96a0c1c7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41140

Redirect headers

date: Thu, 07 Sep 2023 03:06:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-R3NEhU9E2oT3QJyXsLvO8XmsdSbuECEX3JwOwA--~A
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 9CBE 281 B
554 B 119ms
119ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&cmcv=&pix=undefined&cb=1694055965185&uv=3334&tms=1694055965185&abt=adxLoadDist5-out_vB!aniview_inc_vA!dfrc_vA!expl_vE!iiqrc_vA!nonrv_vA!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6a7e0860-cdd7-4a1a-94ea-4a5c96a0c1c7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 07 Sep 2023 03:06:05 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_3_4/infra/ 880 KB
144 KB 60ms
60ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 2733f4c9d329a470c14450dd885bf02219a19ee63d30c67439a250ebbabc107c

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1693922380
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: FPEQYM4MR0ZRP5J1
age: 133458
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1693922381
x-amz-meta-mode: 33188
content-length: 147123
x-amz-id-2: EBlzWPD6iKqbOB4H1z5wHohK8Wh0TTibYEfCs5fBpD2xxbylSU0TWKUB2Q0mV8JFlBxT6dJUGQc=
x-served-by: cache-fra-eddf8230123-FRA
last-modified: Tue, 05 Sep 2023 13:59:42 GMT
server: AmazonS3-br
x-timer: S1694055965.442403,VS0,VE0
etag: "38ea6c5249cc72e909660623b02bf7b8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 129859

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_3_4/assets/css/ 60 KB
8 KB 88ms
88ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_3_4/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1693922399
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: FPEY0CJZ5CP448HD
age: 133458
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1693922400
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: gVazDaezCRHQYY8kPxJDod2jVIgirHImf1myU/cjbP0xNs8QizH4a+tId0Tt1JKOHSNppWVNwEE=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Tue, 05 Sep 2023 14:00:01 GMT
server: AmazonS3-br
x-timer: S1694055965.452921,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 163151

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 5DC3 0
40 B 44ms
43ms Image
text/plain 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pnmpSw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9CBE 34 KB
10 KB 75ms
75ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1e3bcedb3332b5b7a2e29ca7fd39df17b25efa604de0ee0ffcbc8b025d4b81e9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Sep 2023 18:19:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54770
Connection: keep-alive
Content-Length: 10123
Expires: Thu, 07 Sep 2023 18:18:55 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame C2AF 0
38 B 91ms
91ms Image
text/plain 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GT4O-g
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6FCD 70 B
148 B 107ms
107ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 6FCD
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-R3NEhU9E2oT3QJyXsLvO8XmsdSbuECEX3JwOwA--~A

0
98 B

261ms
261ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-R3NEhU9E2oT3QJyXsLvO8XmsdSbuECEX3JwOwA--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 54742

Redirect headers

date: Thu, 07 Sep 2023 03:06:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-R3NEhU9E2oT3QJyXsLvO8XmsdSbuECEX3JwOwA--~A
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 6FCD 0
38 B 72ms
72ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
8 KB 165ms
164ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 131b7b6f2de2877da6acd13d298e826ca9f958e21b0795325f31a62120fe3807

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age: 1216075
edge-cache-tag: 461980016182532422853203095584589787985,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461980016182532422853203095584589787985,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 696
req-referer: https://www.newshub.co.nz/
content-length: 7746
x-request-id: f00da37abc7fb987ab04b5aad08798f0
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100142-IAD, cache-iad-kiad7000088-IAD, cache-lax10624-LGB, cache-iad-kcgs7200049-IAD, cache-fra-eddf8230076-FRA
last-modified: Thu, 10 Aug 2023 14:24:09 GMT
server: nginx
x-timer: S1694055966.931350,VS0,VE1
etag: "d0128170b80ae3f72d7f0bc017645d98"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 1

GET
H2 200 f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 235ms
235ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b6f86771624c80556823d18c77850c02dc5265fba52e3f1459b5de3d0519f79f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age: 2727862
edge-cache-tag: 413171760462916128786953021986728628513,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 413171760462916128786953021986728628513,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 75
req-referer: https://ziarulunirea.ro/burse-pentru-elevii-cu-media-10-la-bacalaurea-si-evaluarea-nationala-cati-bani-vor-putea-primi-elevii-cu-coronita-844864/
content-length: 4882
x-request-id: 1c3feebb02d1c47c4b9f5b558eb4d1fa
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000099-IAD, cache-iad-kjyo7100049-IAD, cache-chi-klot8100137-CHI, cache-iad-kcgs7200157-IAD, cache-fra-eddf8230076-FRA
last-modified: Fri, 28 Jul 2023 15:42:18 GMT
server: nginx
x-timer: S1694055966.015452,VS0,VE1
etag: "99f28a0677ecaf7b097db6c8ed4612ca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 29, 1

GET
H2 200 c6239d26c1081015da8050230fbf269b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 245ms
244ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6239d26c1081015da8050230fbf269b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8866a787aa61cd49ce61715bbf3dbc228a4ee54a5b4620d2352639191656cf69

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 07 Sep 2023 03:06:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6239d26c1081015da8050230fbf269b.jpg
age: 631702
edge-cache-tag: 587356268005097457686237049894664356422,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 587356268005097457686237049894664356422,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 226
expiration: expiry-date="Sat, 02 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.timesonline.com/
content-length: 9192
x-backend-name: CH_nlb802
x-served-by: cache-iad-kiad7000147-IAD, cache-iad-kiad7000133-IAD, cache-iad-kjyo7100076-IAD, cache-fra-eddf8230076-FRA
last-modified: Wed, 02 Aug 2023 03:58:57 GMT
server: nginx
x-timer: S1694055966.105394,VS0,VE1
etag: "6379892595102f50db8423f94f67e16f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 29, 1

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 9CBE 0
239 B 1071ms
225ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LM8L6JZH-20-2HMZ
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 0228ab361cece0438ff9eb16e4e5890e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 container.html Show response
baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AD27 6 KB
3 KB 68ms
65ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f10.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:04 GMT
expires: Fri, 06 Sep 2024 03:06:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 76ms
76ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 1830834
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1694055966.701159,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits: 108565

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.8/ 448 KB
85 KB 58ms
58ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.8/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: ab26e5fdc70f81dec778eb313ee86ff75d9f2c539e406790c1ca3e664838f1be

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1693904460
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: HYK8AJ9H52WB6KA4
age: 151456
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1693904472
x-amz-meta-mode: 33188
content-length: 86274
x-amz-id-2: t1lNyGed3NAQ57eXbmNV3qVCMiGjwwYQ92oCZvFfitu9WKbobo/2tqpNuGO2BTlGE6TqMOiZWNA=
x-served-by: cache-fra-eddf8230123-FRA
last-modified: Tue, 05 Sep 2023 09:01:13 GMT
server: AmazonS3-br
x-timer: S1694055966.710314,VS0,VE0
etag: "e792bcdfdedece52c8d382e55db7d6bd"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 104133

GET
H2 200 sync Show response
am-match.taboola.com/ Frame EB6F 577 B
662 B 146ms
144ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e4b0f9e14b8a9a3cdbe2ad38dfe2d6135c3e87e5d1a7d9bbb4a31a44f716d96b

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 07 Sep 2023 03:06:05 GMT
machineid: 3406
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 178ms
177ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&cmcv=&pix=31579697&cb=1694055965680&uv=3334&tms=1694055965680&su=3&abt=adxLoadDist5-out_vB!aniview_inc_vA!dfrc_vA!expl_vE!iiqrc_vA!nonrv_vA!t45!t45!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
content-length: 0
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 211ms
194ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Thu, 07 Sep 2023 03:06:06 GMT
via: 1.1 a6e32bd914015b20776b115cfb4ba692.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: MRS52-C1
age: 1298226
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1694055966.166846,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: IIclY0Hd02bh9imcq0tMJSCTDo5LewOaeFyq25cNLCQUuYWH0yvLeA==
x-cache-hits: 478680

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&rid=esp&cc=1

85 B
203 B

264ms
263ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&rid=esp&cc=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 9fb6eef8ec5f739328b375b070ad7777c6ecc6d3f6770046e964f22f139d1995

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-kGgS3WUIPDtaC/SNLExgbpdWeeY"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 07 Sep 2023 03:06:06 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.bg3.co
location: /esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
659 B 196ms
196ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Thu, 07 Sep 2023 03:06:05 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 16723
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1694055966.855664,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 89
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1944

GET
H2 200 css2
fonts.googleapis.com/ Frame AD27 4 KB
744 B 224ms
223ms Stylesheet
text/css 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com
URL: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 03:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 02:17:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 03:06:05 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame CC61 2 KB
2 KB 697ms
177ms Script
text/javascript 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=64444916;rtbwp=ZPk-GwAKNhIIVQsdAArK6BhIsnF0m3hqGHbX_w;rtbdata=hsWJvURaPVjBMur59dW7fH1tg9SQx77-gPH-MNuIMRk3_dgD0EA8JacYfuA4rRZcB0Zv1VhWI64La16hzRAvlTS4PsTUI3_2u31FYeQDZLwDcpdmP98Bf-yJEw4YVB6nDfj24XXHMf7bwBmBJ4WoiLQVyRM8A04dLKL0qqvfviXane5A2aKWPsRqzW-sBMwblQIPHjmY4M08HTgSjMAXM6534zhY_T4T_IaD9TdB6kSNP5NLxeJ0evjtO8RZ6SnaSluKhQXRb4TFUQ23DGegGC0o3aPKzugGQeEimShqzcc1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CKX9KGz75ZJLsKJ2W1PIP6JWrmAnGp9zvXL3ShYmvC8CNtwEQASAAYPXF_Y78A4IBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJCV7iA9k2DPuACAKgDAcgDAqoEvwJP0O3LZoxWdxDB-Ld0ypa70AgaUIsfs2FP1m7rolNFIKrf2Vo8ReI1rwZH5qoIGlj9f3r485EzcWh1BJIti7gH_ui0yRWsWZbobQ9QmavpA5EUTrjIL9Scr7fWFhbt60YAAzIUhOKvmcOJfOkfmnhDGcLTqacIRonRAq8B9-yA7m0ZW9oC1sp7cKChoSbzK9zuARjMh_KVdESWzYT3z801lz48d8qUFyM9ats4ENgAUQbZo9YPLtmTfirYXJ4kCgJDkEgAaYZ_5nVIgtw4iP1n0Uc_ICMjYlSId9dP42_i1avDGke6Tedagw91g_fSwhp7gGR2_sgRCvU6MrDwaS18DnKflZVuDmsGVAYcclENZ0C0gXjcF7iwHFgDSMEWB4SoCo8aLtXHwN1NLHyF5a4uBwM_EsZWjCERhTL1Gypn4AQBgAb63rTW5prY184BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_1sZN_qSYdBeDD0ENoVq6Jyvro4lg&client=ca-pub-8933329999391104&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

048fa887e495849e396d4f133087cf6c99fd47c46244921b9c705f5affaedea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1833
expires: -1

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame CC61 3 KB
1 KB 186ms
184ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame CC61 20 KB
8 KB 177ms
176ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CC61 24 KB
7 KB 179ms
178ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 14:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 564293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Aug 2024 14:21:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC61 181 KB
57 KB 433ms
432ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:06 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame AD27 20 KB
8 KB 253ms
253ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com
URL: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46657
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:08:28 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6666 0
0 248ms
247ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309060101&jk=1673794438791823&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 13C7 0
0 385ms
385ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240102&jk=1154535318847761&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame EB6F 70 B
148 B 184ms
183ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:05 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame EB6F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-R3NEhU9E2oT3QJyXsLvO8XmsdSbuECEX3JwOwA--~A

0
98 B

127ms
126ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-R3NEhU9E2oT3QJyXsLvO8XmsdSbuECEX3JwOwA--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 75695

Redirect headers

date: Thu, 07 Sep 2023 03:06:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-R3NEhU9E2oT3QJyXsLvO8XmsdSbuECEX3JwOwA--~A
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A71A 281 B
554 B 182ms
182ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 07 Sep 2023 03:06:05 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 110 KB
31 KB 249ms
249ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

sffe /

Resource Hash

71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:40 GMT
age: 119965
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32129
x-xss-protection: 0
server: sffe
etag: "d5ab003501cb3fb7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:40 GMT

GET
H2 200 nameframe.html
d-16120639991770309483.ampproject.net/2308242321000/ 0
0 708ms
156ms Other
text/html 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-16120639991770309483.ampproject.net/2308242321000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 569ms
59ms Script
application/javascript 91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 14 Sep 2023 03:06:06 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
119 B 221ms
204ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230123-FRA
date: Thu, 07 Sep 2023 03:06:06 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
319 B 454ms
117ms XHR
text/plain 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 07 Sep 2023 03:06:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 79A4 0
0 174ms
174ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240102&jk=1154535318847761&bg=!3d6l3pHNAAa6D61Rmg87ADQBe5WfOGxWBW2TLqFA-0PoEVei4bJqy2z83A2t1w0u9IqnFFgneSkdFFHYgEVT2awqIpZwAgAAAK5SAAAACGgBB5kC0hq7Fed_X1e0bSB53ZuFfU6ufyQ9agmzoAOZPCQYMxthu1gdQAxwlmT893er8M2dnueGZRg9Vr9AofHBQHPL8AbI6fr8QZh5BRENBc5cSu1UCQ5Dos1UWhXzfURdj7FnCAJpDGA8mhs5nzQ2BISGEWg-0EceuIngOUCe9tbLMbm6hgTwisLe75YbzOuJree9uwGJsEQV4cPL9HdZEvwDNfy5yq6ckvKsxP3stcVZOXDOhAViNj95Rw5Pe8A4JqKlunOSFAeUQKpFVK3xxikYMPr8F-zKLedSlMHV1cGNHWTISNiB9wOp3Xt3gbsxFGr0-rlRWizOJz4-kNBGwAQkPs1l2f8dt7iL5Z3M3Z8h8vqAcjfRLifadywC6N-Ulz88S45B-tXwTNMx92vJtzGRTRI-CFO0bh-4wtZRVkWfEA-KcyJJi85uTzVZVrmwQosHGIKm5MfZTn2rPho7qq2S-R3OsWz8Hi6yA_58rVGixTB2PzFU3Kh_9lpR3Apd1mIlA0jswXFFKb-NtPboz-61g319pLyn1Y0d7mwU0NGbBF-BD1Z0h9kuCYDfB0rOsbaTWylIwcrQfFsS0jr9LgVTjQrkVzLQV0_VzwEDpP5CCyCmGKeKFElOE-GbmsKKQBWY-Qek7qM00gnHqBZtBMdufNlJwQw0Hh1WttzeRlYDkRhWPDXnko1YfFObRXBFzAipW5pyAjYcg3UwtLw3iWq9jqKDDXE9QM78gg0XHofgLOS9AZHbaepBG-xuzV7ElaSALbg7rziKfoOpJ1WNI9icjqKnlAPXouT_W2sWUX24fFf08HSwWFz1wrNkAFJ4GaqDuoq2lJCyUjq6_Iz2BlMAzn_Yq_V4Qp8JTEDQ80hvP5ez70LzBRBc9Sq1UmwpGu4Z-dCItr5gSw9ao2wN9toEEiChQ-YGR-1ADFwT257wq8f3fNv1y7Y8AlvOc8DTBG4OI4JZ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A71A 34 KB
10 KB 164ms
164ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1e3bcedb3332b5b7a2e29ca7fd39df17b25efa604de0ee0ffcbc8b025d4b81e9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Sep 2023 18:19:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54769
Connection: keep-alive
Content-Length: 10123
Expires: Thu, 07 Sep 2023 18:18:55 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 855ms
76ms XHR
application/json 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230907

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04a42cbe9a6dd17d6cf3d91423b737b86978d0e6c89af47c15eb483b95dd03c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 39918
x-jsd-version: 1.0.1805
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1677-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"63b-GwcUUHsE0TI1eRkE0LsE6H5eMI8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMHpmblPyfIpFxFlEWAsnO8vIUSyLHDV3eZxa1avjnUrmdHKrqvDoEKN7y%2FzgOmVcWS5PL9grFoatZoqpDhTTNyFzALbSN%2BEm%2BwWwXv9uUhhPMf4V4rg4kmr%2B0sfoUV5pXc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 802bbbe1096e24c6-ZRH

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
189 B 603ms
79ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=29054954082&lsavail=0

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 07 Sep 2023 03:06:05 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 451ms
225ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 099f30ab8aa30cfa63f42185288c4d0a6b1e443343517fd58f8f5be2eb8d953c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Thu, 07 Sep 2023 03:06:06 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
493 B 906ms
614ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 07 Sep 2023 03:06:06 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 981 B
780 B 464ms
173ms XHR
application/json 52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=8300
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
306 B 421ms
185ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 802bbbddf81fbaa3-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
153 B 448ms
230ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 7021b5d0fca3bb70d9f8990242f35f622659609ccd450f0bd04b057a7f3d32dc

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
145 B 331ms
114ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 07 Sep 2023 03:06:06 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
273 B 426ms
177ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 07 Sep 2023 03:06:06 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 9
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
7 KB 327ms
326ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

5c8f607a01aef54b2171111f517ac14a4409a992effbcfb66869e59e9d2cbdcf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
an-x-request-uuid: 25b9323a-290a-4734-8dd7-0dced2b0d057
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.227.169.20; 84.227.169.20; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
497 B 184ms
184ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-18-158-32-241.eu-central-1.compute.amazonaws.com

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
636 B 451ms
207ms XHR
application/json 18.158.32.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&tmax=3000

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.32.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
accept-ch: sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch
x-auction-status: 29, 29, 29, 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
468 B 475ms
61ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: f2c21af2248e320575256ec36ccf2c0d6143886fb79e6333f55352957b682ecb

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/1.128.0
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 14 KB
7 KB 788ms
229ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=4245b428-b757-4fac-991b-fdc448545eae%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E9%BE%8D%E9%B3%B3%E7%80%91%E5%B8%83%E6%AD%A5%E9%81%93%E7%AC%AC10%E8%90%AC%E9%81%8A%E5%AE%A2%E6%9C%89%E7%A6%AE&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=6fad37e7-d5ca-4d13-acd0-da46b5b966e2&l_pb_bid_id=359de06bb4bf7c4&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=6fad37e7-d5ca-4d13-acd0-da46b5b966e2&rp_maxbids=1&slots=1&rand=0.8265474256227672
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 69938e889083fc7f4faf7d5b0522ed83265ca95e9bf179f830984ab7cbaaa5c3

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 25 KB
11 KB 434ms
228ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad2e858d5a4ec7406fb1b2ea287032e3208c58d34f49aa3426418fa40fea388

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnGH%2FsTrcdU4irg10kwSQHXJ38tfukIXGbS5mR0p2M6%2FbgvuDsXHVOt5hBUL8heLl4biRtUc%2FUBXteFzXr3z9IZp5oAlfBXlkhvDOJLv8xMjnA8bzpYIJe%2FvB6uKx2T3po1ihOJ4"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 802bbbddafd70219-ZRH
alt-svc: h3=":443"; ma=86400
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
545 B 406ms
200ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52991b66a27d82aafa019b6e3e8680d42df877608160a3a9458d881f2ed71a3a

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyR0bu72PEAZdeF9hc7Fe6rp4QMw%2FujklPoXw1G0aRj1ixghoSezsJ0bbiuvOHounkrrbySO%2BupDlqT%2BvUH%2B8yFJBanPbeJPR4HXNBemrODVoiRAQiLoJ9%2B1Yk4incOdit4F7N31"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 802bbbddafd80219-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 3 B
453 B 409ms
174ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 5
content-length: 3
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 21 KB
11 KB 725ms
226ms XHR
application/json 3.74.86.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.86.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-86-69.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0f624078af72ade867ddaa78ac4f1ddc02631501a544ae705e6737f1f34b90fa

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 07 Sep 2023 03:06:06 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 11150

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DB97 0
0 246ms
246ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309060101&jk=1673794438791823&bg=!vr2lvfLNAAa6D61Rmg87ADQBe5WfOKfdZFfl-dWL-YjZUJ3VQcPRR-pIsfHlE73y_caukG-TweT3VyJMmEMuq28d9H_kAgAAALFSAAAABWgBB5kCyBZ6tdVsr4p74X2QxuWPMiOJsjn7NVBPQpzNEGSCrSkK8TR2bwW63HVGymQLsbWDv1KbVd2NjjWFwjQtOPjdUtw_qRqHmzH9YjsQNadassd7KDEUIDpYwp_VzOidGYllnWYk8k6skBo8oIv8ttQ78-72RNW0XJzaHtucxfaO81eSnCqU2CVgJMfwbdMYiF5qEcsENWvfm3E1Do4bJeVdQ0D6iAWSfEYMYy1MlAtknkds9m-JDelieWAgT9nCOsEV13r55KxZXXnryaO7OFJDYKkbdvae4SAZ56U3bktX8eFAVWQswQ7C76S6N-BiFeJIijdyzTKcXzT8KwEHLtmIwt90tK1QCDwAlEjILochWwx1jOehvXW-M8CvVMPc3OvJuyguCOFYRiif3O9yP-PrmNIqVNcGttlqHiERb6FRP7YzUECq4xu6AbLmG6LetofQefkX1IzZtnW-7_6VTALotVfJd4neKVN2O4f8W5OCWM0LcrdRehcot368R4prE7n4CmJUZGANW9BntNsCdfEDzkOGutc-xnFtc2P5qJ-UX6Nly0KrlrvTpAl-eNZAlo3f3t_FccF7yPyu9tXDA-zZQsIi3IDCzVOXgzxYd55kU85-q25P-8RdDuWYwhQPBUNHJnilT9KIKSqTVqxg6R9g5V94iOVS_IiRDFYIJ-vsldmneSbwtzcoKibD2q9VI_eIGimDCsMPpactrgeXIIhisAEOdcXPKngJUVpycKSI_ErF9F0nrLLLb8l76iTi-LwEjip2aG82yJedJvBtm1HWJrOo6F1H95snFRhF3dJtdTqwsQ_40uPuNsRLn3onPhzjcs1yFIsW5pk3hc-h70YNdZxYvnv7I6j6g4_ia-N42LC507rUr7q1ppUGqf5ZioClcYNNgUXq9Z30aEgmEcHO3TNd7ggxqHFiqNJuD3aKPliw6P5u49njCbE
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/ Frame 9006 377 KB
128 KB 164ms
164ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

163551a573a2260071f7f3de36da839c6e3109591dd15d15071b235ea2b30297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131238
x-xss-protection: 0
server: cafe
etag: 17901607742850708216
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/ Frame FDCE 10 KB
5 KB 498ms
47ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 16073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 22:38:13 GMT
etag: 8554266389219770021
expires: Wed, 20 Sep 2023 22:38:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 571ms
156ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=62a46a06-a9d0-43e2-b8bb-2b6d9fe1ee94-tuctbf2c39a&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Sep 2023 03:06:06 GMT
cache-control: no-store
server: nginx

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/ Frame 4E04 377 KB
128 KB 135ms
134ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77f462a5bf7cb919179b13bc88dd00ea3eaa2afb0f5ec9573f4da86766b8dbd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131229
x-xss-protection: 0
server: cafe
etag: 16132183864100045931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:06 GMT

GET
H2 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 2 KB
939 B 124ms
123ms Fetch
application/json 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:49 GMT
age: 119957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "13417016125ec007"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:49 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 733ms
297ms Fetch
application/json 172.64.197.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.197.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 05 Sep 2023 17:42:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSTl54L%2BC%2FrFRLVT3%2F29jtr0t%2BuJ6yJalUuP3MmAd3gAPzW4V0dNyrm%2BM3Vkgb1IQQO5Opxg9d6QXDLvglPsLcucRaTOdNLv7EBFjGJG%2FTOvE%2B53%2FwGBETLTPNhOHtvnELl9r3jIVeI6erQomg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 802bbbe119a72bb9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtag.json Show response
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 3 KB
1 KB 123ms
122ms Fetch
application/json 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:49 GMT
age: 119957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "2053776e7f80c73d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:49 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 50D7 15 KB
6 KB 188ms
179ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:06 GMT
server: Kestrel
server-processing-duration-in-ticks: 243669
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 9006 210 B
551 B 667ms
135ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

65550c4bfdaea37e8d3a33e3de5d65de2c559e4d29248cacbcb1e92094649a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F380 26 KB
12 KB 580ms
431ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964592&bpp=1540&bdt=1227&idt=1847&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=2&ga_vid=1808553781.1694055966&ga_sid=1694055966&ga_hid=1892573693&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1246&biw=1600&bih=1200&isw=336&ish=280&ifk=2574231912&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077559%2C44769661%2C21065725&oid=2&pvsid=192097958015919&tmod=317346804&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z4cgrncr6h6c&btvi=1&fsb=1&dtd=1862

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f45aed84bab868a0a3f9cc695b220c5653d186a7f38853b1718b4c992c9ea55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12422
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 645ms
107ms Fetch
application/json 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/630/s1.adform.net/ Frame CC61 36 KB
17 KB 236ms
56ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=64444916;rtbwp=ZPk-GwAKNhIIVQsdAArK6BhIsnF0m3hqGHbX_w;rtbdata=hsWJvURaPVjBMur59dW7fH1tg9SQx77-gPH-MNuIMRk3_dgD0EA8JacYfuA4rRZcB0Zv1VhWI64La16hzRAvlTS4PsTUI3_2u31FYeQDZLwDcpdmP98Bf-yJEw4YVB6nDfj24XXHMf7bwBmBJ4WoiLQVyRM8A04dLKL0qqvfviXane5A2aKWPsRqzW-sBMwblQIPHjmY4M08HTgSjMAXM6534zhY_T4T_IaD9TdB6kSNP5NLxeJ0evjtO8RZ6SnaSluKhQXRb4TFUQ23DGegGC0o3aPKzugGQeEimShqzcc1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CKX9KGz75ZJLsKJ2W1PIP6JWrmAnGp9zvXL3ShYmvC8CNtwEQASAAYPXF_Y78A4IBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJCV7iA9k2DPuACAKgDAcgDAqoEvwJP0O3LZoxWdxDB-Ld0ypa70AgaUIsfs2FP1m7rolNFIKrf2Vo8ReI1rwZH5qoIGlj9f3r485EzcWh1BJIti7gH_ui0yRWsWZbobQ9QmavpA5EUTrjIL9Scr7fWFhbt60YAAzIUhOKvmcOJfOkfmnhDGcLTqacIRonRAq8B9-yA7m0ZW9oC1sp7cKChoSbzK9zuARjMh_KVdESWzYT3z801lz48d8qUFyM9ats4ENgAUQbZo9YPLtmTfirYXJ4kCgJDkEgAaYZ_5nVIgtw4iP1n0Uc_ICMjYlSId9dP42_i1avDGke6Tedagw91g_fSwhp7gGR2_sgRCvU6MrDwaS18DnKflZVuDmsGVAYcclENZ0C0gXjcF7iwHFgDSMEWB4SoCo8aLtXHwN1NLHyF5a4uBwM_EsZWjCERhTL1Gypn4AQBgAb63rTW5prY184BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_1sZN_qSYdBeDD0ENoVq6Jyvro4lg&client=ca-pub-8933329999391104&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
last-modified: Thu, 15 Jun 2023 10:58:46 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 24 Aug 2023 15:08:02 GMT

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
318 B 143ms
142ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi50=11900&route=IL%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 70
date: Thu, 07 Sep 2023 03:06:06 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 68987
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230076-FRA
pragma: no-cache
server: nginx
x-timer: S1694055967.541950,VS0,VE70
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
497 B 42ms
42ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-18-158-32-241.eu-central-1.compute.amazonaws.com

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
138 B 350ms
349ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: ffc6def8528a296c8ecb55de104d3e15bc536c98e193ce4aea249c9050c678fb

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
41 B 58ms
58ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 07 Sep 2023 03:06:06 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 13 KB
7 KB 146ms
145ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1fab49a3a97c28efe2257ea91f3581511e4c61139c75dcf33776bbd78568c4b

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeetbwwDp3ZuP1Nej%2FaOSJou2wusu%2F0E8I71BPSRCFR6LADqPeFdN9VpCQT3daT3KtAUkUsYr88cNb%2BBT4y0Y%2FN7e8YeMsw7HvSBzSGyTRO0SFF9O%2F05xETpuiscErQz4UJBj13g"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 802bbbdef95e0219-ZRH
alt-svc: h3=":443"; ma=86400
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
314 B 131ms
131ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48981bbb5a956af22f7759de70dee99ebb37a7768b65c8df31387326c5d95ff3

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGNZ39NOYg3OarJHK1asaIaFFSIuQY9TlhzS3zIj4UOCxcgVQ3mki%2BdTASmpjuf8A9ZT%2FvH%2BpP%2BGzaPrmlVavsy%2BAZL2xbpFJ8tb0rnpBQnyIIFtdSnkQjpxF9K1WmdB3%2FObPyfQ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 802bbbdef9600219-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
311 B 120ms
120ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48981bbb5a956af22f7759de70dee99ebb37a7768b65c8df31387326c5d95ff3

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeP%2BR9EVCAlGwarKe9b8sPfL7ZNtL9LBHBwT7wO%2BOCsWrhpbPXAGbK3%2FnwIw5RFwgcTBiladcdunssG2ayRHHlnkwBOxmd9agE6WFPlGqOcw3eO56k%2BmQDeQGQq3zzUzfaymzG1Y"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 802bbbdef9610219-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 adreq Show response
ads.servenobid.com/ 981 B
779 B 135ms
135ms XHR
application/json 52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=3727
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
469 B 76ms
43ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: f9f5bc33009a3f1c2f51e1bef34283d4b8c6abff2661331e74f1c5639e210fa3

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/1.128.0
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 15 KB
7 KB 344ms
228ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=2&alt_size_ids=1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=4245b428-b757-4fac-991b-fdc448545eae%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E9%BE%8D%E9%B3%B3%E7%80%91%E5%B8%83%E6%AD%A5%E9%81%93%E7%AC%AC10%E8%90%AC%E9%81%8A%E5%AE%A2%E6%9C%89%E7%A6%AE&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=d36cb94f-901e-423d-80b9-8b19be62e619&l_pb_bid_id=644795bf4af1beb&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d36cb94f-901e-423d-80b9-8b19be62e619&rp_maxbids=1&slots=1&rand=0.01576506571378644
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 765e585cf2029f613a68a8f215e99616b67b93576c9ba33bc7d2be347d16f5d6

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 2 KB
902 B 346ms
346ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f12f68d98dbf0b4a43768f5d8e49d6f82c1e261fb831963a414350f58c4cd8f

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 449
expires: Thu, 07 Sep 2023 03:06:06 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 3 B
138 B 99ms
98ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 7
content-length: 3
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
134 B 60ms
55ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 07 Sep 2023 03:06:06 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
587 B 55ms
50ms XHR
application/json 18.158.32.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&tmax=3000

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.32.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
accept-ch: sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness
x-auction-status: 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 13 KB
7 KB 251ms
247ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

edd69d94edea604cfedb1c59e46c7909c4a75d739cc9a19a3e89da4d9f3ef467

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
an-x-request-uuid: 5c81fbb0-67a0-4a16-afec-a269f01bf803
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.227.169.20; 84.227.169.20; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 90ms
87ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 802bbbdf2899baa3-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
813 B 212ms
209ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4f7d570b2a916c771d6360f637e840203029e45e0203fd2e00b954747aa40e1b

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Thu, 07 Sep 2023 03:06:06 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
188 B 307ms
251ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=83193737555&lsavail=0

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 07 Sep 2023 03:06:05 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 21 KB
17 KB 364ms
250ms XHR
application/json 3.74.86.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.86.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-86-69.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ec6eb8535018509726bafcad38def549c0eb877528bea2b2968146d7f8579a64

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 07 Sep 2023 03:06:06 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 16646

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 4E04 210 B
267 B 576ms
170ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

d3db0024426970eb2cd1c481104123b81211e60c0f25325a1b8e7ae993b7e95f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F524 127 KB
39 KB 490ms
460ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964653&bpp=1587&bdt=1316&idt=1910&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=1&ga_vid=771548045.1694055967&ga_sid=1694055967&ga_hid=295874071&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2048974205&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076838%2C44795922%2C31076996&oid=2&pvsid=893971139118720&tmod=1366410584&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kr0v7rbj6mki&fsb=1&dtd=1922

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b77386d8d0fd260d0ce9901a3dc2c76af5d0b8b569769992ad5600bb8dbe09b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 50D7 433 B
557 B 53ms
52ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0545072ac8628987a7266b8f45897df0d4ef2e34476d5dba29abed8494eaef23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:06 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1308893
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
497 B 55ms
54ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 2A26 572 B
800 B 276ms
88ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 6a9894330a0de9bdd8a568823c26373ccbe613063aaceb271e7d0f28c5e22e36

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 373
content-type: text/html
date: Thu, 07 Sep 2023 03:06:06 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 video_playlist.js Show response
ad.vidverto.io/vidverto/player/ui/js/ 111 KB
32 KB 83ms
82ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 08:21:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62fdf69b-1bc07"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 07 Sep 2023 04:06:06 GMT

GET
H2 200 video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 61 KB
9 KB 109ms
107ms Stylesheet
text/css 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
content-encoding: gzip
last-modified: Sun, 28 Feb 2021 22:32:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"603c1a08-f52f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 bridge3.588.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8A49 721 KB
231 KB 74ms
73ms Document
text/html 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 199831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236614
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 19:35:35 GMT
expires: Tue, 03 Sep 2024 19:35:35 GMT
last-modified: Mon, 04 Sep 2023 19:31:10 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 693ms
233ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Sep 2023 03:06:07 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DD25 40 KB
14 KB 136ms
136ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 02:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 07 Sep 2023 03:47:40 GMT

GET
H2 200 video
ad.vidverto.io/delivery/rtb/ 0
0 195ms
195ms Image
text/xml 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/rtb/video?data=GoKljzRTT0mthatV%2BkZAkqJgpXtHPUzv4UbBrSyS0945zcQtOor8iTopZz1XzoFGFWCTtEfI6K%2FxpsU5DfsoPQVCuHfeHNxkf4aQdjybbJLpbJR%2B9ner%2BCMVCSEFNWfZUCv6dHsab9h54BQfmmHH8r9riZqQBhv5zc81r%2BdglqImq45KEMgASt5FSfHs5O3HhQPxfBYNb%2FHsqPiwBkgbdaMcTZRXqo9S%2F82B1I6FxuNFAZfbrhiG%2Bj%2BPVbfUYYu1nlW%2BlGMXU12tooCCcV%2Fc1OlX006aUGXKToVCukb0vX3XRspi4UQapru8RJfUm1KXJ9pALdFO4pF07xVrVGohtM0p4EEEYFRYVqsLQf0ol1NuvRd1u5t2jG2QVsz78si%2Bj5LxSf5qPPInARo%2FPlfLhQkJTqkuZMacyzyn%2BnABorNpqOBN81Vn4sY55CfdGk7cI6%2BFubIADFDoJ7dDgJdjcWNSdzs6Jb0IEUz8kXdi0WB55jRW3%2Bu4Q%2FuRC3eIwFIL5DUB4%2Fx4%2Fnxi%2Fk5AWh3rEAw3zotCGtbdwoeKVKHu%2ByXs2PV%2BAHyvDnPdhQahCMbT
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/2E0WvoT2YF9F0XWFQsJfAg:1694059564/1327/video/1812/ 80 KB
0 401ms
108ms Media
video/mp4 212.8.250.43
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/2E0WvoT2YF9F0XWFQsJfAg:1694059564/1327/video/1812/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.43 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 07 Sep 2023 03:06:07 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:01 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd35-101b90c"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-16890123/16890124
Connection: keep-alive
Content-Length: 16890124

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
633 B 753ms
292ms Script
application/javascript 18.66.97.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 02:17:16 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: HNUB7wm0ElCF-G84XsyJsb3bCNOroPcUsDfZRDxuags9oUWLsu85pA==

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame CC61 7 KB
4 KB 155ms
155ms Script
text/javascript 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=64444916;rtbwp=ZPk-GwAKNhIIVQsdAArK6BhIsnF0m3hqGHbX_w;rtbdata=hsWJvURaPVjBMur59dW7fH1tg9SQx77-gPH-MNuIMRk3_dgD0EA8JacYfuA4rRZcB0Zv1VhWI64La16hzRAvlTS4PsTUI3_2u31FYeQDZLwDcpdmP98Bf-yJEw4YVB6nDfj24XXHMf7bwBmBJ4WoiLQVyRM8A04dLKL0qqvfviXane5A2aKWPsRqzW-sBMwblQIPHjmY4M08HTgSjMAXM6534zhY_T4T_IaD9TdB6kSNP5NLxeJ0evjtO8RZ6SnaSluKhQXRb4TFUQ23DGegGC0o3aPKzugGQeEimShqzcc1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CKX9KGz75ZJLsKJ2W1PIP6JWrmAnGp9zvXL3ShYmvC8CNtwEQASAAYPXF_Y78A4IBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJCV7iA9k2DPuACAKgDAcgDAqoEvwJP0O3LZoxWdxDB-Ld0ypa70AgaUIsfs2FP1m7rolNFIKrf2Vo8ReI1rwZH5qoIGlj9f3r485EzcWh1BJIti7gH_ui0yRWsWZbobQ9QmavpA5EUTrjIL9Scr7fWFhbt60YAAzIUhOKvmcOJfOkfmnhDGcLTqacIRonRAq8B9-yA7m0ZW9oC1sp7cKChoSbzK9zuARjMh_KVdESWzYT3z801lz48d8qUFyM9ats4ENgAUQbZo9YPLtmTfirYXJ4kCgJDkEgAaYZ_5nVIgtw4iP1n0Uc_ICMjYlSId9dP42_i1avDGke6Tedagw91g_fSwhp7gGR2_sgRCvU6MrDwaS18DnKflZVuDmsGVAYcclENZ0C0gXjcF7iwHFgDSMEWB4SoCo8aLtXHwN1NLHyF5a4uBwM_EsZWjCERhTL1Gypn4AQBgAb63rTW5prY184BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_1sZN_qSYdBeDD0ENoVq6Jyvro4lg&client=ca-pub-8933329999391104&adurl=;js=1;adfxid=1x;6344;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.bg3.co

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7b99add3143f2caa2c1a83047567bf03c0cbe9dc470f1c3227acae1b51b24622

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3247
expires: -1

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 18 KB
19 KB 713ms
96ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 06:17:50 GMT
x-content-type-options: nosniff
age: 420497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18684
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:24:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 06:17:50 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 19 KB
19 KB 748ms
132ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 04:55:47 GMT
x-content-type-options: nosniff
age: 425420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18956
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 04:55:47 GMT

GET
H2 200 logo.svg
ad.vidverto.io/vidverto/player/ 414 B
551 B 101ms
100ms Image
image/svg+xml 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/player/logo.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:06 GMT
last-modified: Wed, 04 May 2022 14:39:21 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "62729019-19e"
content-length: 414
content-type: image/svg+xml

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/2E0WvoT2YF9F0XWFQsJfAg:1694059564/1327/video/1812/ 12 KB
0 324ms
77ms Media
video/mp4 212.8.250.43
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/2E0WvoT2YF9F0XWFQsJfAg:1694059564/1327/video/1812/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.43 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 07 Sep 2023 03:06:07 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:01 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd35-101b90c"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-16890123/16890124
Connection: keep-alive
Content-Length: 16890124

GET
H2 200 bridge3.588.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9443 721 KB
231 KB 57ms
54ms Document
text/html 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 199831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236614
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 19:35:35 GMT
expires: Tue, 03 Sep 2024 19:35:35 GMT
last-modified: Mon, 04 Sep 2023 19:31:10 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 51B1 40 KB
14 KB 95ms
94ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 02:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 07 Sep 2023 03:47:40 GMT

GET
H2 200 auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 70 B
317 B 149ms
149ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9sb25nLWZlbmctcHUtYnUtYnUtZGFvLWRpLTEwbW8teW91LWtlLXlvdS1saS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtM2RkMGJiYTItZTJhZS00ZjNkLWFmY2UtMDU0ZWRmOWZlMmJiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6ImZjYWQ4NzRkLTdlZWMtNDMxMS05NDVmLTMxZTQ2MDk5ODQ3ZSIsInRpbWVPZkF1Y3Rpb24iOjE2OTQwNTU5NjYxMTEsImJpZHMiOlt7ImNwbSI6MC4wNCwiYWRJZCI6IjkzNTVlMTFmYjliNTY2YSIsIm9yaWdpbmFsQ3BtIjowLjA0LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjE2OCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQwNTU5NjY3MTB9LHsiY3BtIjowLjE0NjE2MiwiYWRJZCI6Ijk0OGNjNzA1MjBiNDA4OSIsIm9yaWdpbmFsQ3BtIjowLjE0NjE2MiwiYmlkZGVyIjoiYXBwbmV4dXMiLCJyZXZlbnVlIjowLjAwMDE0NjE2MTk5OTk5OTk5OTk3LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjoyOTUsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MDU1OTY2ODQ0fSx7ImNwbSI6MC4wNSwiYWRJZCI6Ijk3YmZlMzUzMjg0ODgwNCIsIm9yaWdpbmFsQ3BtIjowLjA1LCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwNSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MzYwLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDA1NTk2NjkwNX0seyJjcG0iOjAuMSwiYWRJZCI6Ijk5ZThkMWQ2OWM4YmYzYSIsIm9yaWdpbmFsQ3BtIjowLjEsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjozNjMsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MDU1OTY2OTA5fSx7ImNwbSI6MC4xLCJhZElkIjoiMTAwZWFkMmRhMzZlOGI2ZCIsIm9yaWdpbmFsQ3BtIjowLjEsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjozNjQsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MDU1OTY2OTEwfSx7ImNwbSI6MC4xLCJhZElkIjoiMTAxMWUyZDEwMzg1YzNiNSIsIm9yaWdpbmFsQ3BtIjowLjEsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjozNjQsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MDU1OTY2OTEwfSx7ImNwbSI6MC4zLCJhZElkIjoiMTAyNzAyZWM5MDlhMmYyZiIsIm9yaWdpbmFsQ3BtIjowLjMsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAzLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjozNjQsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MDU1OTY2OTEwfSx7ImNwbSI6MC4wMjM1NjIsImFkSWQiOiIxMDMwM2YxNThkYmU1NmRlIiwib3JpZ2luYWxDcG0iOjAuMDI3NzIsImJpZGRlciI6ImFkbGl2ZXRlY2giLCJyZXZlbnVlIjowLjAwMDAyMzU2MiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDE4LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDA1NTk2Njk2OX1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJ0ZWFkcyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiMTAyNzAyZWM5MDlhMmYyZiIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAzfV0sImNvdW50cnkiOiJDSCJ9&c_b=7102.400001525879
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 /
track.adform.net/jsmetrics/ Frame CC61 43 B
208 B 112ms
112ms Image
image/gif 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/jsmetrics/?sid=756&rid=10188&cid=12197&adfserve=246&asset=241&deviceType=Desktop

Requested by

Host: baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com
URL: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 18 Nov 2022 14:39:11 GMT
server: nginx
etag: "6377990f-2b"
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 2A26
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4337281933061996131

43 B
106 B

79ms
71ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4337281933061996131
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4337281933061996131
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 2A26 43 B
855 B 205ms
205ms Image
image/gif 52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b02d34d8-e461-c333-2a67-9b6c54a6856e

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Sep 2023 03:06:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DK7WHG91RS787NY4CVRJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 2A26 70 B
148 B 97ms
96ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=e8fb48a5-f8cb-78c9-ea69-19fb3c954e8e&gdpr=0
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 2A26 170 B
188 B 71ms
70ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzQ5NDliNmYtMzFiYy0yNjZkLWZmODktNDM0MmY2Nzc4MGVl

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 2A26
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAUPu-ZLkLxT-v_mp5DvGs8&google_cver=1

43 B
180 B

294ms
272ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAUPu-ZLkLxT-v_mp5DvGs8&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAUPu-ZLkLxT-v_mp5DvGs8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 460ms
459ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4223211401508245&correlator=2418772024774009&eid=31077649&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&arp=1&abxe=1&dt=1694055967042&lmt=1694048767&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=1108116648.1694055964&ga_sid=1694055964&ga_hid=160236309&ga_fc=false&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&dlt=1694055961874&idt=1650&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_20_0%26cluster_reporting%3Dchrome_DESKTOP_20_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.30%26hb_ap_adid%3D102702ec909a2f2f%26hb_ap_bidder%3Dteads%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c%26faid%3Dfalse&adks=3374688892&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18639250463774400eae6c07a921fdae9cdd12f244f1cc2a082e6f4dcbfb5f1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11967
x-xss-protection: 0
google-lineitem-id: 5221734875
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440838530
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 70 B
317 B 68ms
66ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9sb25nLWZlbmctcHUtYnUtYnUtZGFvLWRpLTEwbW8teW91LWtlLXlvdS1saS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtM2RkMGJiYTItZTJhZS00ZjNkLWFmY2UtMDU0ZWRmOWZlMmJiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJhOTNhMWQwMi03OGYwLTQ5ODctYTkzYi03ZGZiMTgxYjU5YzgiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk0MDU1OTY2MDc2LCJiaWRzIjpbeyJjcG0iOjAuMjIzNTI1LCJhZElkIjoiODkxZWQ4OTM4ZWY2MWNkIiwib3JpZ2luYWxDcG0iOjAuMjIzNTI1LCJiaWRkZXIiOiJhcHBuZXh1cyIsInJldmVudWUiOjAuMDAwMjIzNTI1LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjozMzcsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MDU1OTY2NDI5fSx7ImNwbSI6MC4wNCwiYWRJZCI6IjkxMzBhNjY5YzBhZGVhZCIsIm9yaWdpbmFsQ3BtIjowLjA0LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ1MSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQwNTU5NjY1NTJ9LHsiY3BtIjowLjA0LCJhZElkIjoiOTJkZTYxNDM0NmI4ODY3Iiwib3JpZ2luYWxDcG0iOjAuMDQsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwNCwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDUyLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDA1NTk2NjU1M30seyJjcG0iOjAuMDIzNTYyLCJhZElkIjoiOTYzMzQwNzU4MDRhYTA1Iiwib3JpZ2luYWxDcG0iOjAuMDI3NzIsImJpZGRlciI6ImFkbGl2ZXRlY2giLCJyZXZlbnVlIjowLjAwMDAyMzU2MiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NzcyLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDA1NTk2Njg3OH0seyJjcG0iOjAuMDYsImFkSWQiOiI5ODE5NzcyZjJiYTg5ZmYiLCJvcmlnaW5hbENwbSI6MC4wNiwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDU5OTk5OTk5OTk5OTk5OTk1LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo4MDksInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MDU1OTY2OTA2fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6ImFwcG5leHVzIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI4OTFlZDg5MzhlZjYxY2QiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMjIzNTI1fV0sImNvdW50cnkiOiJDSCJ9&c_b=7183.900001525879
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F380 42 B
173 B 99ms
98ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AiZvzfle_uug_6NUadx2RnTHZAma3cXfSP41CJ62ruD-1YzHpalrjfQSpgxjNvGhIR60HdI-fX4wDgKtQlvku2hUKIhNvJWWsAuWl_IuVDfqaJHhE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964592&bpp=1540&bdt=1227&idt=1847&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=2&ga_vid=1808553781.1694055966&ga_sid=1694055966&ga_hid=1892573693&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1246&biw=1600&bih=1200&isw=336&ish=280&ifk=2574231912&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077559%2C44769661%2C21065725&oid=2&pvsid=192097958015919&tmod=317346804&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z4cgrncr6h6c&btvi=1&fsb=1&dtd=1862

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F380 0
56 B 99ms
98ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3234175079205439404&x=1&ct=77

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F380 86 KB
30 KB 210ms
206ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame F380 3 KB
1 KB 188ms
186ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame F380 20 KB
8 KB 187ms
185ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F380 0
0 136ms
134ms Image
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGof18kFZd7PNUTbEbKe8hSoCNYmvY85KiuSZ2Qjf7XPCkw4BZyTWfcRqriIxTwNZHsMub50Gf0iELvEPnmAWK2phjoA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964592&bpp=1540&bdt=1227&idt=1847&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=2&ga_vid=1808553781.1694055966&ga_sid=1694055966&ga_hid=1892573693&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1246&biw=1600&bih=1200&isw=336&ish=280&ifk=2574231912&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077559%2C44769661%2C21065725&oid=2&pvsid=192097958015919&tmod=317346804&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z4cgrncr6h6c&btvi=1&fsb=1&dtd=1862
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F380 181 KB
57 KB 174ms
171ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:07 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 410ms
409ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4223211401508245&correlator=1159393531224534&eid=31077649&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&arp=1&abxe=1&dt=1694055967103&lmt=1694048767&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&ga_vid=1108116648.1694055964&ga_sid=1694055964&ga_hid=160236309&ga_fc=false&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&dlt=1694055961874&idt=1650&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_20_0%26cluster_reporting%3Dchrome_DESKTOP_20_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.22%26hb_ap_adid%3D891ed8938ef61cd%26hb_ap_bidder%3Dappnexus%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c%26faid%3Dfalse&adks=3805778231&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f10.1e100.net

Software

cafe /

Resource Hash

b71c3ee434524359c84c7be9a5289b2f04f01dde1373c70e4512e7a313264318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11945
x-xss-protection: 0
google-lineitem-id: 5221339636
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138294466153
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F524 14 KB
1 KB 151ms
151ms Stylesheet
text/css 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964653&bpp=1587&bdt=1316&idt=1910&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=1&ga_vid=771548045.1694055967&ga_sid=1694055967&ga_hid=295874071&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2048974205&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076838%2C44795922%2C31076996&oid=2&pvsid=893971139118720&tmod=1366410584&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kr0v7rbj6mki&fsb=1&dtd=1922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 02:18:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 03:06:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame F524 2 KB
973 B 112ms
112ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964653&bpp=1587&bdt=1316&idt=1910&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=1&ga_vid=771548045.1694055967&ga_sid=1694055967&ga_hid=295874071&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2048974205&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076838%2C44795922%2C31076996&oid=2&pvsid=893971139118720&tmod=1366410584&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kr0v7rbj6mki&fsb=1&dtd=1922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:08:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame F524 23 KB
9 KB 278ms
276ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964653&bpp=1587&bdt=1316&idt=1910&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=1&ga_vid=771548045.1694055967&ga_sid=1694055967&ga_hid=295874071&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2048974205&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076838%2C44795922%2C31076996&oid=2&pvsid=893971139118720&tmod=1366410584&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kr0v7rbj6mki&fsb=1&dtd=1922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:08:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame F524 3 KB
1 KB 284ms
283ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964653&bpp=1587&bdt=1316&idt=1910&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=1&ga_vid=771548045.1694055967&ga_sid=1694055967&ga_hid=295874071&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2048974205&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076838%2C44795922%2C31076996&oid=2&pvsid=893971139118720&tmod=1366410584&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kr0v7rbj6mki&fsb=1&dtd=1922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame F524 20 KB
8 KB 110ms
110ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964653&bpp=1587&bdt=1316&idt=1910&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=1&ga_vid=771548045.1694055967&ga_sid=1694055967&ga_hid=295874071&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2048974205&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076838%2C44795922%2C31076996&oid=2&pvsid=893971139118720&tmod=1366410584&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kr0v7rbj6mki&fsb=1&dtd=1922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F524 0
0 286ms
285ms Image
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS47UEETaqaZIVH6Gng8fnoJCd5K60YA5xe5p9Wgl8aBA7tqqQecHCATDpcB4W-iZEOSYm7FwfJzTzfizekevAjt1Wwhg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964653&bpp=1587&bdt=1316&idt=1910&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=1&ga_vid=771548045.1694055967&ga_sid=1694055967&ga_hid=295874071&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2048974205&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076838%2C44795922%2C31076996&oid=2&pvsid=893971139118720&tmod=1366410584&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kr0v7rbj6mki&fsb=1&dtd=1922
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F524 181 KB
57 KB 287ms
285ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964653&bpp=1587&bdt=1316&idt=1910&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=1&ga_vid=771548045.1694055967&ga_sid=1694055967&ga_hid=295874071&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2048974205&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076838%2C44795922%2C31076996&oid=2&pvsid=893971139118720&tmod=1366410584&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kr0v7rbj6mki&fsb=1&dtd=1922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:07 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame F524 36 KB
15 KB 515ms
85ms Script
text/javascript 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964653&bpp=1587&bdt=1316&idt=1910&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=1&ga_vid=771548045.1694055967&ga_sid=1694055967&ga_hid=295874071&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2048974205&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076838%2C44795922%2C31076996&oid=2&pvsid=893971139118720&tmod=1366410584&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kr0v7rbj6mki&fsb=1&dtd=1922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F899 478 B
354 B 185ms
184ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNUwIxBihQiLwz-CDLPM66aIy7V1VRBkkvB-FuRYxaEwSBIejhHAUmDFxOlBOv-BVb2lH78nTigQNHRux4gNsnLziC80lA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964592&bpp=1540&bdt=1227&idt=1847&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=2&ga_vid=1808553781.1694055966&ga_sid=1694055966&ga_hid=1892573693&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1246&biw=1600&bih=1200&isw=336&ish=280&ifk=2574231912&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077559%2C44769661%2C21065725&oid=2&pvsid=192097958015919&tmod=317346804&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z4cgrncr6h6c&btvi=1&fsb=1&dtd=1862
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:07 GMT
expires: Thu, 07 Sep 2023 03:06:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Standard Show response
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame CC61 85 KB
36 KB 296ms
296ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 503c0fd739e2c69fc08a8112e40b4f97e3affd4177b565f58cf8473bc4833c6c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: gzip
last-modified: Thu, 15 Jun 2023 10:58:46 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 24 Aug 2023 15:08:04 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DD98 1 KB
740 B 280ms
279ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964653&bpp=1587&bdt=1316&idt=1910&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=1&ga_vid=771548045.1694055967&ga_sid=1694055967&ga_hid=295874071&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2048974205&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076838%2C44795922%2C31076996&oid=2&pvsid=893971139118720&tmod=1366410584&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kr0v7rbj6mki&fsb=1&dtd=1922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 65360
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 08:56:47 GMT
etag: 48472445140208031
expires: Thu, 07 Sep 2023 08:56:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 j66NXJ6Gv4UBtUcsLM4Lybiaiupggp4YBr4STq9tSA%2BBah%2B5BbE8sd2c8elVbZjywX%2BiIozI%2Fah%2FYgrZ3cAF%2FLARzD27IkaPZ3bv%2FueMG44Hz3SWTQNC%2Fu0WR0R7RS29cm8rqikj5ohlD4wyMAwmKo7ve8UD391e4vHeJspvteuAP59vb9gL0... Show response
ad.vidverto.io/delivery/video/pod/ Frame 8A49 45 KB
19 KB 302ms
302ms XHR
text/xml 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/video/pod/j66NXJ6Gv4UBtUcsLM4Lybiaiupggp4YBr4STq9tSA%2BBah%2B5BbE8sd2c8elVbZjywX%2BiIozI%2Fah%2FYgrZ3cAF%2FLARzD27IkaPZ3bv%2FueMG44Hz3SWTQNC%2Fu0WR0R7RS29cm8rqikj5ohlD4wyMAwmKo7ve8UD391e4vHeJspvteuAP59vb9gL0aAR8Nd%2FSSGNL79hj7FukzfFS%2FcoRsFCUgVZmaSLz0zTla%2BK%2FARH9GnNVVdSCP3%2FMqigjjFJus9HyPFqikSxAWp1UdlA1GGxy4QD0wGFOQUqgtUP0SpGHlJbXwO0GhIapsy%2FVVPYAphEFafpaZDsEr2waX6LYebFdnUZeyZGTmsJhCBWBOczXVoLugHXSjaQYRmAjop9%2BiGg3XbWcka0WQUm%2BFfOJDzG8G4Eraw9dEiZuCLNKX1WPkxSAvGBojRbrdKgteSY9cdaHN%2FGo261SERLaTciP1v2bRx6bOet2%2Bml4wZ4X598%2FkynofsGOlWsKLEYmuSRoGEvYfED9glabSPBUiEhwAf4%2FdHUKnPepqunDcy9FkbB6Eo%2Bslk5xsGc9eHKephYd63XW6RYKlFNAqwepWbFzq%2Fp370Aw1WzyNPXnA6gH2l20gHyy2HW9snyaIHK3CNlOm3DrH%2FO6GZ9nigqFifQXMQn1VZell8gGmKMPDnnfhFKCzhwJ2jV8FchXxNzvRarXN9BbV0mI63%2FR4rsHbDZ8IPY%2FX7T%2Bm4oJuWrXEcX%2FWc0Ibg%3D?bids=%7B%7D
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 27c656a5018ed0c4c57bbffffeffcec17d980e40fa83ea548549afc75e1f5ed5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8

GET
H2 200 data=6TJSV4bruRneWFluTWwwEkZbPzIN-QxJ6-utsruMOmmfNku7zanE6Lgs5aU20jau_uzMNzSbfLqRTBiBEi-5o1w
mts0.google.com/vt/ Frame F524 36 KB
36 KB 623ms
158ms Image
image/png 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=6TJSV4bruRneWFluTWwwEkZbPzIN-QxJ6-utsruMOmmfNku7zanE6Lgs5aU20jau_uzMNzSbfLqRTBiBEi-5o1w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964653&bpp=1587&bdt=1316&idt=1910&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=1&ga_vid=771548045.1694055967&ga_sid=1694055967&ga_hid=295874071&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2048974205&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076838%2C44795922%2C31076996&oid=2&pvsid=893971139118720&tmod=1366410584&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kr0v7rbj6mki&fsb=1&dtd=1922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

92dc5ebbda805eaa246fc8b4ecf24e84e59a782ac75ed37c02e3afb789c31503

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=51
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36373
x-xss-protection: 0
x-server-version-bin: CggIBBCdgdunBg==
server: scaffolding on HTTPServer2
etag: 083cbfee0502f92f
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Thu, 07 Sep 2023 04:06:07 GMT

GET
DATA 200
OK truncated
/ Frame F524 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F524 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F524 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F524 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 404 L2EvbG9uZy1mZW5nLXB1LWJ1LWJ1LWRhby1kaS0xMG1vLXlvdS1rZS15b3UtbGkuaHRtbA==.json Show response
cdn.adpushup.com/42753/ 555 B
876 B 651ms
651ms XHR
text/html 184.24.77.69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvbG9uZy1mZW5nLXB1LWJ1LWJ1LWRhby1kaS0xMG1vLXlvdS1rZS15b3UtbGkuaHRtbA==.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-69.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Thu, 07 Sep 2023 03:06:07 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=5, origin; dur=372, ak_p; desc="1694055967438_389467973_671811113_37681_1301_39_0_219";dur=1
content-length: 555
expires: Thu, 07 Sep 2023 04:06:07 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/2E0WvoT2YF9F0XWFQsJfAg:1694059564/1327/video/1812/ 238 KB
239 KB 373ms
75ms Media
video/mp4 212.8.250.43
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/2E0WvoT2YF9F0XWFQsJfAg:1694059564/1327/video/1812/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.43 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 912a5d971a91fa00887fd85e3ef500b031f2f89c93ab9668c5e66d6cdf5a3f3d

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=16646144-

Response headers

Date: Thu, 07 Sep 2023 03:06:07 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:01 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd35-101b90c"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 16646144-16890123/16890124
Connection: keep-alive
Content-Length: 243980

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
303 B 672ms
241ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E9%BE%8D%E9%B3%B3%E7%80%91%E5%B8%83%E6%AD%A5%E9%81%93%20%E7%AC%AC10%E8%90%AC%E9%81%8A%E5%AE%A2%E6%9C%89%E7%A6%AE%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.6109934999409448&gjid=0.37947125717426644&_r=1&a=1321&z=0.297354542330176&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E854 603 B
112 B 542ms
541ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-39474196282253303608&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2921&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=1925001321&ga_hid=160236309&dt=1694055966418&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&bdt=4544&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 672ms
176ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=1321&cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&dr=&dt=%E9%BE%8D%E9%B3%B3%E7%80%91%E5%B8%83%E6%AD%A5%E9%81%93%20%E7%AC%AC10%E8%90%AC%E9%81%8A%E5%AE%A2%E6%9C%89%E7%A6%AE%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1694055967&sct=1&seg=1&_et=1000&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 738ms
165ms Ping
text/plain 108.177.15.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&aip=1&sid=1694055967&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wr-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F524 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ab86eca0cb9ecbc277848a8021844339079349e9cbaa29769f499215d9588e2

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame F899 170 B
188 B 228ms
225ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNUwIxBihQiLwz-CDLPM66aIy7V1VRBkkvB-FuRYxaEwSBIejhHAUmDFxOlBOv-BVb2lH78nTigQNHRux4gNsnLziC80lA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F899
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAJ8KV_iXQ56I4VOVdZvLk&google_cver=1

43 B
774 B

68ms
67ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAJ8KV_iXQ56I4VOVdZvLk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNUwIxBihQiLwz-CDLPM66aIy7V1VRBkkvB-FuRYxaEwSBIejhHAUmDFxOlBOv-BVb2lH78nTigQNHRux4gNsnLziC80lA
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bmn0PqOUe7UsQSMyaMTBVhowOLpg1VtsG%2FL%2F3JWnaP%2BbnhAoflWCOSgd9WZtAhElBaBQf9IO%2BgYGx7YfkhUiRjH3L88%2BIeLdWVixMoSt9SJG3XSKgldHXPFcWxTcZlQeIrSKe9B%2B6nS5Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 802bbbe5583901eb-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAJ8KV_iXQ56I4VOVdZvLk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F899
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPk.Hwps4db1PyEBsRYLpAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAJ8KV_iXQ56I4VOVdZvLk&google_cver=1&google_hm=2

43 B
734 B

252ms
251ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAJ8KV_iXQ56I4VOVdZvLk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNUwIxBihQiLwz-CDLPM66aIy7V1VRBkkvB-FuRYxaEwSBIejhHAUmDFxOlBOv-BVb2lH78nTigQNHRux4gNsnLziC80lA
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7wULNG%2Bx%2BTmupl5x8Jl34HU1tir5XX3R3NmVRuF9b8S35OJxaRuGCiT%2FDk4TYJVCp3TCz8Uf3JU3TINlgFTMKbrdvV3trYH5qPh9C9oikSrsZ2vaAdbcmhep4AsIipF%2B4Lm%2Bkytr1OdWw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 802bbbe88a6c01eb-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAJ8KV_iXQ56I4VOVdZvLk&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F380 0
56 B 129ms
128ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7837288841920&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F380 0
56 B 153ms
153ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7837288841920&version=m202307240101&ct=77&x=1&cor=3234175079205439500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F380 15 KB
12 KB 91ms
90ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BwdoUkma-1ZlIzsNJJg1TXD1QZE5vlIwvnRwtOEb-bs4lIxJMMMVvF-3DkGrwC_QdnUNj1w-nlcKCjPGuzJz8qJCn255VPAG0xIxvETuJ6qlkl5ZoI3M_5RxRBvpdiIY5EZaWzuoX15ngWN90p_Jb33TVcewePy3q6pQM_0VDlZ08GuW0&cry=1&dbm_d=AKAmf-BpY6o1s63iYpz_SwqWitzhxA6RhiDQcHrL22dt69kUZAJ1ziEZ2HjEwoaoHJBxnw9F6L5OEif4Smvnio93RW6xYaWyhl4Q_VInrAaiRRpZMY6wAIV5l6gbHrl1pbAtkqCvx11y32F2bokK4r1uDYcGeIYhB7BchN-t71wFT2_K7pQGUXIrHADCK-POzs6gnbDYARAwkZbOWXe1Y5zZAyWNtn_XMDHia7VgeMmKTrQqHNWjbXe_jytScmvNes5NoehlFyTUg5Y6ZmIKLpDhpdzrKoEOMleYg2EwKrVKQ76sUMZ0CaZ6eXjXHlW_ig9NtVeVg5vwQMKpE68CzoHIaprZClTq30HLerSWpyG742UJR8Iyw8XWqHTvMUx9OFCZk-VcIUcWzVVzqj3zs7_rWOs00rAAMHzxYY2PREQrXzYTQlnmZVG9mxVnaFGTqvXyOW4OnIUyjJ3OcuqVe5NDNQlkJp2_mmAnWGTJeG8vOoWpWUUNX9RZX4VAX6O76i8Cs9Vh3EhdZCS7-OPo2MGVe0dRWNklRp04CQOqzyQteC1PYrqGDhdvNVNjpYCf3frwnFHSsP34gs4yQR8BnhpiMLOv_gNRVvE70XeTmX57VCU5OUbXFgn62jAF-c_MZR1uCNhPMMIM6R_Y9Bf_hUfg7x0-7RibcoxjRucZ9uOcoF546Z6vOP2JJsPqbV1tiE2QfryFcRh-keJzkjUt3CHk2j6qyufaeAOnjCipC_vR18PdPeAaL3rlo0LBvIvBMrRXN-YGDjsYPSl0s5DA9MKVmzlqgPE_Mf7auh7zV3PJfqWp0d-5GOMegF2ahL2Q51TFcH4LMvzYPttIa0cY2tuViN3kH-aDjGr6vkBXAdsPjMbjAgVDtqqSvWADcevclG8HQcT5KftDN8v_ox-wHlWZtMXLj-hJxD4VP4HVSDGVXP7A71SQTG9Ek4z7OIcpdREeBieVqvfin5_mUOhiLFQBLLDZ8eJurfMHd1EdzPJk_8Gh38EzMsMnDUXc5GcKBOW7lHJlPrmO7xGgxeckbrMNCA8byEtHbYfV1YdYgjBCfZmorL1FS0WakRpjGeSRYSC3_gqolZmI5B3hvTfdyUxWvCsTX_iVfFUbSABrcvaLJxsI02QmBAMk4RHOAXQY3Hc8kFn3YGJe2BAXUA5C0gaFOBCGjCZx4HEDayQq6dyCKsXnl-jpYLADvOHAyagQVzbYQJhwoNK4zB6WDnayI3e9pG-41xCCNDw6QxebAIGeyrhe4sFSeUpB8LNt1YCR_PkwOvuH7L9-SWLya8pUVWz-BPmwAtqK6t4hQ2eJozKdYwyWLtU1xJHZz_4-93L647dJVE8H0fiStRByatrzDBLDr1-HECVV4aV1DSDyCV-6S7IT2xtuu8cdRn5zxUQxZxHLL59zt0vcJFMKBo6-gFuJV-ba0Qo7tZ8PuKOltm3Zbi2Hds_8ofD3o0ilPPGKUGgpemNmtFy9E5O5rd7YS_ykV0kpUGqIVkkXidTzXFAsDlUars58oYMSmEvugAfjlyAxxuqLkCrfPQvqbGHRxUypScvftnCghiDAWyQSlgi3xhNPbjgJD4IEwrLM85Ab1uUOMFjhA8tXVq2ASxciVndiiBSpJoNNvm33PU1A79_XuqMbPszr6-gKCimwbyhz3Dvjk0pWMqyJQ0sRuyrVGTxq1IVu0V_X6Hekmo4cK9u5Z47Wxx5He2_tz5gsHlX19xlu5QU5k9om-i1W6P9OecFdfQIgcoCrR1BcZuEwyowp66jF92A7AuPvXf4hZq9rZn4eITkiJSzhTsS2gzl5kDjTkDBgU_Mz80LiMV2VPCj7Ea_dskVlHdXY_xwuToznnRX5HTKBh0X2ol5A6j7gq1adj3BWZ1S66aGC8qbhTDl6BSBdGoHMIrLkK34v9SQT8jNozaqzZsRefkB5FIddwenEMXD2u2C_chKwScGY4hDABRlJhLt24ViCW5c8uLHj29el8IjGDUXKyQ2sNVskIs8DHkxHu2wQ2FvTixCamTxYiDQYEikp5xzWBqnH5UPtIRNpE6PlRng0-J-1fWeTyImzLvtrU-hnlr_zdh6rZpYCPKT6f1M6u4s4HUi4ZFiweZZiwYHsgtpYuC-wRc1nLcyi7HdOTaW8Pj881jGDAER4cKLAgCUFtTkEzCG_TJlUnigUrJPVvG1IxArIM-59yHrcq7s7DZnL2X1GXuwDuVuNGnkjZriqTumyyTlJYu7BYj2zktbPPqHzCLnPibAARSx_hyOs0KUVUEvZP_smtP3J-g-9SAGq_z6qDtgxqhLoConWiVoeo65ieVwKqLZocEGGuBjNV2IdmIYivlDzD4-5_eTh3NVZR5JJc7HsxW5r2q0WndJoaiyoMf6B-l6J8L13GcwplI890-S0rVqGvuR9_q9-SwFmAK322cqmTXUrCyF3W2WCFBqcdncywW0nwV80tS-FeTWwiDauvBNmIdf2xdIr79FK_rGCpiC9pl8-FWac0SjJBvobG_ug5nNi8w4IuiJFXGH1OUwYuTQHqNgaEvrRwQokWWiNTfJU2zpXco6g6DsvnVvM1O0PAVa7lbIQ0Lp985Y5IqniFk7iuCAS5AlHG6DpED314bVVsEYXkwhpX2AINuSGiSBguBshR1V1RMCqyTZrdmMxkB-RaIji6AbETiWru9aBqKPGGZQMmvFDPcJos557jkv5Sgj0hQP4VVWPcuvGV07qj3gnPBIPqHXrgEkDZT2ryJw62YTtJ6XTQrv1aG5zRWPtd-yg2Icm4zv637BFvz8JftV9JSuHZTFILjRBK6xIlIjAMH3zFcMyGtJS1LYs7Py99DJJka3AKXH3zsZ8Lua8yOlkBmhfq8wnNImbwct2Gov_H_wMZJICZspC6p8gNHq7cw4w4rASv-XLinshQNJzPbhn4onoKz0AqV3pbo8lP0-W5oy2FiP_gBTnf2tjjrdSPFXmYKCVR9bd7jeimjnjj7DNqwQ5t0csB95X0uHeMRpWbQ_98k26tbSrhJTk5wM8kXOwImR1JXNy1nC1QlkqhYsx2Ty4SF8JnzZD5TWjWNRdqFTaKdnSlmWbXYXnGurUNvaOi2OUakN0sxUzE3oBd2Iw5qeaYIF2NYQpCxdDowi0rLu1bQGMgdHjLdpPN6Aa1fV-tyKwxxbCJvbN3EY2QFDv_ymNNhfFVdQ0fSpAfP7PBXd81QUXrAXQAYDj_uKcDeT0r9HlXm65_4pSWdWVwTGYW3tA_R2A2x4raJGS31jZbgKG8eed5IZiYPibZvSs9Fe5KW5spRLl3RrHmPxIZrARNo4LXGME51nL5VwGi2OUR14ycu7cqtKkl45U5u-V1RMKFxMlq37GTz1czsUr7naTi4QajAm-BxPIIy0XjXXxwYDYzW6hsnIXIQtFDC9KhaFOSLfDptU9bU90hQuTEum5Qmr3PqVVpKpAuUGPzNDTYeep4LtNh2QCvsQXJCII4Wi-z7VgOuivAUki9CNzI2EXEM5xK73d7AUFmoP2M_fRzMUDJQR0YfRqwRW99iUfIiHd2BJz47fwQGlTI7lS07A0uPFyT_ciXcRZywIj1iLWwqW_RwsxQX5S9Rh7pD0IFrG1ncJ02Ct9WsOCNmGSLZ4jnnwCK0o9CRXqvY-lGa-2lwUhy1Aqk36tVNA_yubB2mpfR_KCe--bgSy7201AhrObRakkgv0TvkrfZGzHc4d2VZIXfet7h3cc6rXTSQNL0e_uxhF_42GkByBLEz2NFL9Y-B3cESMBNJr-SjnDjfGaigTpK9zk5juVgn0Lc57ryUyXRWIPvKIUzkx2c75rc7JYG0RlUxm0js4fdyRsJw52CgoZN0OsM5njzHrhE7aQNTgnwqfjW9pQGQpwc_Thwx9D725a-LDG91LNpwo&cid=CAQSOwBpAlJWLA01jQ5DM5PCc9jYjRie2ubnxZLnLkMyudWWPO8HskAcI4aQHfL_fLxlsfuw-rzspsb7ajRzGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=3234175079205439500&adk=627576174&idt=348&cac=0&dtd=39

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfd443ccec6005ac182b2aaa7103e80cf868c6ff818ae25d7e144024c25fb1af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964592&bpp=1540&bdt=1227&idt=1847&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=2&ga_vid=1808553781.1694055966&ga_sid=1694055966&ga_hid=1892573693&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1246&biw=1600&bih=1200&isw=336&ish=280&ifk=2574231912&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077559%2C44769661%2C21065725&oid=2&pvsid=192097958015919&tmod=317346804&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z4cgrncr6h6c&btvi=1&fsb=1&dtd=1862
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11700
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame CC61 35 B
625 B 86ms
85ms Ping
image/gif 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=64444916&csi=ntFOCenEOhX8t2ydEP4Fg3D0x14jV67M9c_6Ay0YNA7rygPkIxxfk17z4v4aaf8Tz8H92tYU-n5UPm0bqHhLXWQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 58867631.jpg
s1.adform.net/Banners/58867631/ Frame CC61 30 KB
30 KB 90ms
90ms Image
image/jpeg 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/58867631/58867631.jpg?bv=2
Requested by: Host: baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com
URL: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: efd5204fc6bbce9df8ae0ce9186784aa8a1a8546e908fcb637b69241dc635629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://baf0004ad86077aec7cf7c2aa46712ea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
last-modified: Fri, 05 May 2023 13:47:57 GMT
server: nginx
x-amz-request-id: tx000009a4a6d6faf865c2e-0064f8f71b-32959ea8-default
etag: "601c7267c863558b1dc671ed01a0b474"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30526

GET
H2 200 pixel;r=1930640502;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uh...
pixel.quantserve.com/ 35 B
371 B 65ms
55ms Image
image/gif 91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1930640502;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1762153581-1694055966723;pbc=4245b428-b757-4fac-991b-fdc448545eae;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1694055967508;tzo=-120;ogl=;ses=520b32c9-7c8e-463a-96aa-18429694e7f4;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame DD98
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEB2I2vKvBSMOqgm3YfF72I0&google_cver=1&google_push=AXcoOmTqnDG28S6Yb204XOOeN3wzTwaMURH1nuoe0VBEn2iW9cmYJqR9EViYTWAwtcIgg9IL-2PFQjn0bQWYacpX4NA7qU2WEntO
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Njk1MjM3NDEwNTE5MjA1Njk3Mg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB2I2vKvBSMOqgm3YfF72I0&google_cver=1

43 B
398 B

49ms
47ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB2I2vKvBSMOqgm3YfF72I0&google_cver=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB2I2vKvBSMOqgm3YfF72I0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD98
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHQ8W7mYZK_ko3iDFocumeE&google_cver=1&google_push=AXcoOmRlhmL0jNYiIuQRl3LIM_UQbfJVfBnOa-LRwiu-_eDCBA8LwhR...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1b7fbd29e94f16e5&is_secure=true&networkId=14000&version=1&google_gid=CAESEHQ8W7mYZK_ko3iDFocumeE&google_cver=1&google_push=AXcoOmRlhmL0...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJAbyedH82mQMf6x5LAAAAAAA&expiration=1694142368&google_cver=1&is_secure=true&google_gid=CAESEHQ8W7mYZK_ko3iDFocum...

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJAbyedH82mQMf6x5LAAAAAAA&expiration=1694142368&google_cver=1&is_secure=true&google_gid=CAESEHQ8W7mYZK_ko3iDFocumeE&google_push=AXcoOmRlhmL0jNYiIuQRl3LIM_UQbfJVfBnOa-LRwiu-_eDCBA8LwhR1ieWN4BCKEQPEyfaqNVvhfxMJgo9wiE9QszMxgvDxSNI

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJAbyedH82mQMf6x5LAAAAAAA&expiration=1694142368&google_cver=1&is_secure=true&google_gid=CAESEHQ8W7mYZK_ko3iDFocumeE&google_push=AXcoOmRlhmL0jNYiIuQRl3LIM_UQbfJVfBnOa-LRwiu-_eDCBA8LwhR1ieWN4BCKEQPEyfaqNVvhfxMJgo9wiE9QszMxgvDxSNI
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD98
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEH30XdT5QUk8oHqz8xujeY4&google_cver=1&google_push=AXcoOmS0olckX7GmeaEWta3VQxULdSOJejhtRt73f6Fiuv116PKm1awmrSKHM0lZ9ibkLPMfljjZW...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS0olckX7GmeaEWta3VQxULdSOJejhtRt73f6Fiuv116PKm1awmrSKHM0lZ9ibkLPMfljjZW2XqZIHaLR5JElJ8QG2X7Hu1

170 B
188 B

125ms
124ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS0olckX7GmeaEWta3VQxULdSOJejhtRt73f6Fiuv116PKm1awmrSKHM0lZ9ibkLPMfljjZW2XqZIHaLR5JElJ8QG2X7Hu1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964653&bpp=1587&bdt=1316&idt=1910&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=1&ga_vid=771548045.1694055967&ga_sid=1694055967&ga_hid=295874071&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2048974205&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076838%2C44795922%2C31076996&oid=2&pvsid=893971139118720&tmod=1366410584&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kr0v7rbj6mki&fsb=1&dtd=1922

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 07 Sep 2023 03:06:07 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: FD00630590554F3CB4832E7683F5713C Ref B: ZRHEDGE1906 Ref C: 2023-09-07T03:06:07Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS0olckX7GmeaEWta3VQxULdSOJejhtRt73f6Fiuv116PKm1awmrSKHM0lZ9ibkLPMfljjZW2XqZIHaLR5JElJ8QG2X7Hu1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYEvCQt+XoFQuDqp4veVw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD98
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMKrTDYRJdPx8hYfuQBPRyY&google_cver=1&google_push=AXcoOmT2auvaE8JeCRHVjofi2tyX0crUCgk2jJiSF7iMk0w0Qi5cK3HgvCpfwOhtRjqM--oxhC1jb1jyLLErb9...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NTkxNDk3NTg2OTcyODkyMw%3D%3D&google_push=AXcoOmT2auvaE8JeCRHVjofi2tyX0crUCgk2jJiSF7iMk0w0Qi5cK3HgvCpfwOhtRjqM--oxhC1jb1jyLLErb9RpcE...

170 B
188 B

153ms
153ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NTkxNDk3NTg2OTcyODkyMw%3D%3D&google_push=AXcoOmT2auvaE8JeCRHVjofi2tyX0crUCgk2jJiSF7iMk0w0Qi5cK3HgvCpfwOhtRjqM--oxhC1jb1jyLLErb9RpcEWsC3-0_cw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964653&bpp=1587&bdt=1316&idt=1910&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=1&ga_vid=771548045.1694055967&ga_sid=1694055967&ga_hid=295874071&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2048974205&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076838%2C44795922%2C31076996&oid=2&pvsid=893971139118720&tmod=1366410584&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kr0v7rbj6mki&fsb=1&dtd=1922

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NTkxNDk3NTg2OTcyODkyMw%3D%3D&google_push=AXcoOmT2auvaE8JeCRHVjofi2tyX0crUCgk2jJiSF7iMk0w0Qi5cK3HgvCpfwOhtRjqM--oxhC1jb1jyLLErb9RpcEWsC3-0_cw
Date: Thu, 07 Sep 2023 03:06:07 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

/
onetag-sys.com/match/ Frame DD98
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKX0WF7s6zR08PZTNcE2cho&google_cver=1&google_push=AXcoOmSAHewk6IXoUx70-8QAgo8LcTxvU0kvgq0cOIdnoBZyTOTb7w8h0m2BwxY8o0WK2R2QSLchtHTZgr7...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABim2aqz8qFE2NI_lVnrdGbEbH8G461wxnlA&google_push=AXcoOmSAHewk6IXoUx70-8QAgo8LcTxvU0kvgq0cOIdnoBZyTOTb7w8h0m2BwxY8o0WK2R2QSLchtHTZgr...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
291 B

48ms
47ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD98
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEOTgCG8hFza1nJWngKsVjj4&google_cver=1&google_push=AXcoOmRb5yc-yUfU0-dRn5KYIE_dtAPH6hKTL62kfB-19BUIiiehC0dLJzNgGPcQ3EaA-5HF0CUV71zMeFfM3Cx8Lv4CLkS8A...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRb5yc-yUfU0-dRn5KYIE_dtAPH6hKTL62kfB-19BUIiiehC0dLJzNgGPcQ3EaA-5HF0CUV71zMeFfM3Cx8Lv4CLkS8ARPcyA&google_hm=9e63d14f9861...

170 B
188 B

60ms
58ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRb5yc-yUfU0-dRn5KYIE_dtAPH6hKTL62kfB-19BUIiiehC0dLJzNgGPcQ3EaA-5HF0CUV71zMeFfM3Cx8Lv4CLkS8ARPcyA&google_hm=9e63d14f98617828a3569f02d7516c22

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRb5yc-yUfU0-dRn5KYIE_dtAPH6hKTL62kfB-19BUIiiehC0dLJzNgGPcQ3EaA-5HF0CUV71zMeFfM3Cx8Lv4CLkS8ARPcyA&google_hm=9e63d14f98617828a3569f02d7516c22
date: Thu, 07 Sep 2023 03:06:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
content-type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD98
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=f7a4abee-178a-472e-a12b-e71f33e25b31&google_cver=1&google_gid=CAESEB51HzEgmqaSM8kELpFYqyQ&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

198ms
198ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=f7a4abee-178a-472e-a12b-e71f33e25b31&google_cver=1&google_gid=CAESEB51HzEgmqaSM8kELpFYqyQ&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmR7_J3hGvqu6yW4eopOIk5-KLKRn-nO1rjlt1Xiho2hzoHQ3zv4iN9ko8xoaef6AY3OweqDpVhVUtM6vPDFesRUoraOU4Xa&gdpr=${GDPR}

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=f7a4abee-178a-472e-a12b-e71f33e25b31&google_cver=1&google_gid=CAESEB51HzEgmqaSM8kELpFYqyQ&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmR7_J3hGvqu6yW4eopOIk5-KLKRn-nO1rjlt1Xiho2hzoHQ3zv4iN9ko8xoaef6AY3OweqDpVhVUtM6vPDFesRUoraOU4Xa&gdpr=${GDPR}
date: Thu, 07 Sep 2023 03:06:07 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DD98 0
12 B 74ms
72ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KCOf-op235LGsYV6VNSkklxsQuuvrDPtNTE5arfJc8xgJvndV7vJ-y6SZFuIoshRlh2oOfhAgF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964653&bpp=1587&bdt=1316&idt=1910&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=1&ga_vid=771548045.1694055967&ga_sid=1694055967&ga_hid=295874071&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2048974205&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076838%2C44795922%2C31076996&oid=2&pvsid=893971139118720&tmod=1366410584&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kr0v7rbj6mki&fsb=1&dtd=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 csi
csi.gstatic.com/ Frame 8A49 0
225 B 1296ms
446ms Ping
image/gif 64.233.176.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lm8l6ltc&c=7588704214663&slotId=3794352107331.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.176.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yw-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5087 0
0 119ms
119ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbjfLOFj5fGFa_4lAxHiIvCwHSrCZee5IueRKHcmZidaPFg8dhjM95AgffDRfNQq5qi1tVhH5wT8NJEH_w7oYTyH_bmro_wYziRNXSsp8nYxvnWIh17Mz0jgI2jgI-Yopoo2T6610UuhVTPBMSa0B7GwqmisMWU9eFfaHYwWYJnIR2lv4T_BZ7-s3UtGcq-2YlXCuMZtb2_Cem7TZZ6mYBxldcdTXVpKtOsuacKLiWyMMxQdLUnoWVKRuGxj1QKQkCOXOwaEpKAYUdhJr4jBwNOfSdXwBNa77QFAn45d2PwEpWwh0Jc61GP3Z567f7yoG8&sai=AMfl-YQZ3b0RwEYCvjkdUTOHMBuEO9y5IeK4q6x_X2o9rTSUgSmdeVgQOBQN9csOzDDCpzpV15VYmYXBsM8Jl10WOA8neccjVUB7QoswMU1r6t5zh5JIyXWyIb8ypPn0qA&sig=Cg0ArKJSzK3zqwjieR5MEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 1249ms
294ms Fetch
application/json 3.233.144.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.144.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 03:06:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 d36cb94f-901e-423d-80b9-8b19be62e619_09c9c2b2-aa44-48bd-8cb5-aa80eb21eaf5 Show response
a.teads.tv/hb/ad/ Frame 5087 4 KB
3 KB 115ms
114ms Script
application/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/ad/d36cb94f-901e-423d-80b9-8b19be62e619_09c9c2b2-aa44-48bd-8cb5-aa80eb21eaf5
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 73381ca3b9b1d5480a04dfa1378d8c34d0435d5ef87eacbc9161f50aa3b37870

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 2444
expires: Thu, 07 Sep 2023 03:06:07 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 1234ms
297ms Fetch
application/json 3.233.144.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.144.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 03:06:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 blacklist_script.js Show response
tagan.adlightning.com/iponweb-ab/ Frame C3B1 55 KB
23 KB 403ms
119ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/iponweb-ab/blacklist_script.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00f1a04a545c2e4267c144c668c8100aa6561a42f0110dc15f6285104199a5f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: CK6kNkDQx1BbhRj_BZwD8NvH8kdmsrF1
content-encoding: gzip
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
date: Thu, 07 Sep 2023 02:55:32 GMT
x-amz-cf-pop: FRA60-P4
age: 636
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 23489
x-amz-meta-git_commit: c25b203
last-modified: Wed, 06 Sep 2023 17:10:35 GMT
server: AmazonS3
etag: "cbdc66800886d5293ae12150bc6f704e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: GIAJshnF8K1tB8QaUJOpDhzFFgi9Ht0d7eVuOIS4XcmvEOFMwS02Jw==

GET
H2 200 blocking_script.js Show response
tagan.adlightning.com/iponweb-ab/ Frame C3B1 78 KB
30 KB 483ms
199ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/iponweb-ab/blocking_script.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc689cb7110fe0a58c2530c30dba9e2778113f5219c7af0c0bfbd1405c313676

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FgraXPN4chcOJ35obLZ1IIZC5KhaD82s
content-encoding: gzip
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
date: Wed, 06 Sep 2023 17:11:53 GMT
x-amz-cf-pop: FRA60-P4
age: 46342
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29707
x-amz-meta-git_commit: e09f10f
last-modified: Tue, 13 Jun 2023 18:07:50 GMT
server: AmazonS3
etag: "0ece746d71ce88010a7a947522eb11ac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: IeTKnT1RitcsBJOVZtaVbyrkkckZvNdax-XxF025N5gTl_Q1FXUu0Q==

GET
H/1.1 200
OK https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCefh1Hj75ZMmkK86U9fgPzfqX4Abn6cObabzLtovSD5EvEAEgg____3mH2D1xf...
media.grid.bidswitch.net/imp/9-IDAmlk0yA6v4z3ITXaApoKCX5ErZmg6S7flDxP-4e_4Fp4CN6PJecCswSzvEVI6EI4Cs6ItCLG9JFBDAqsILDpFSSvsXRTx6XcXAH2lzqz45agZPlemxZf8cZEgv7gDaRfO9aGBmrFSmC4KYdPgNfztZ9yETPg1TqwjG-A... Frame C3B1 43 B
196 B 651ms
242ms Image
image/gif 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.grid.bidswitch.net/imp/9-IDAmlk0yA6v4z3ITXaApoKCX5ErZmg6S7flDxP-4e_4Fp4CN6PJecCswSzvEVI6EI4Cs6ItCLG9JFBDAqsILDpFSSvsXRTx6XcXAH2lzqz45agZPlemxZf8cZEgv7gDaRfO9aGBmrFSmC4KYdPgNfztZ9yETPg1TqwjG-Ad_VF5KldBKX3LcJt5r5aAruUnO2ghgmfoGmdlUw5Zt0awY-5F4Vb-Upl5Jskg9uMtrlffRbC7nbcSF0GQHMUpZvJYBMRSGvifjXegzlgO70GmmyDp-khzvbs0rS9cRoNJ1s2NG64Yy8ev4Zwt_6aGuZKULscFiX8mZMz3VrZdeslQj8IpjAKna2qNXd61n1U4pMI0Rtc5bHJNQrxiQ199RpGE3JTTkYfSQ0lkHyo-843bqHGTe3l9_m_jU8SNjShc1lIUJB-c-SDm6_NjB3Zp_rg3vnx1q8DnGjBtFzsvggU-QwvZq2SGdyoCTJzzJGjbLHEmuruVkXZdqT2LYIurU8zEaXAormmOi4_DkThSiFCrUCp8HISiI7OIqhy5zUbXQx79nFUV_ch48DVw74P4d-WkCW3Dg4DbtRIpYbIswD045I1n8eorQwFJ4aUVtfaOMyXsY9xkGZb9GtkdyF6m220qA36UtjPumtetzqWr0vq9i8zqtRSGHhASm3LZk_9C3rFKeRCJojRCPow0vIbyYQOBp8QfR809hGh01yTWjEqb_nEq9wNEXCY5yUR_fxQZiUFwYs2ICh9gGx942X0muMF0SyA70HZjG5isEeiHANxIux_3CtuoQu-vm3WrJetpUJTOtSzz9NN80tqNwbpyTN6ISXLg34WMp-YqSGgrNFJ1FKftKX8x8S9AmiOv_A6xS6QnryIbcbYHilkocKlekPAUOM3tDXM3Pg11QWqadL3D4Rp6VN8GwzrQkxjk7zlWSgc3JTPMXaZN4YLWWqfnXrTm9k48psn8vY0xakBZ9yPnsDPvnvzd3pag_PjtW35zDxba723VcrCbTjGf1_nqAVJSZHs5QT-dwkOZ5wxnIm0hd0K5_TeLL20qYOGn8CMYBUX4K4slW-6XJSebwnAKH-_rsufhEEswD8/billingq8wT3JTEQPJtreKruMKrIdkwGxjKlEdH8Rztdm1LPOPw_bvF/https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCefh1Hj75ZMmkK86U9fgPzfqX4Abn6cObabzLtovSD5EvEAEgg____3mH2D1xf2O____APIAQmpAu____txuLZ____rE-qAMByAObBKoEiAJP0Dex4ufO86RO7RZqXG8wkEO3C57yjSWovxl7bbMiU6rXSzMAlrKlN67F1yGhwQnt-JW____KCylaK96LkCRYhwsx4RdURXr4rmRCt8spd4wG3uX6ObmOomtbHyP2MWHMEiELj20ZeEzosCGgT8QFT652ITpY77AakroPxJ7RnE9tL-zAIFTsmEVDGEJRtwCXmgCfWDHhuPUnMRCzTNvhdU-5N8btA55gBsaF8cMr9XlujBk6QczTWTMLVNGFtI2WSlV6gmd4c-78wdszRNe0T7qhMbb4FI7YoVh7VICnfKY6uLgc6vLRuhMkJvTQ5lnG4uGyQTWhXktPxCp____Jf6hj-VjYBmRPlgUdbABOrbvY38A-AEA4gFsZ____m____T2SBQYIAxABGAGSBQYIGxABGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH____p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQjPEBGI2uiMYB0ggUCIBhEAEYXzICigI6AoBASL39wTryCBRiaWRkZXItdGhlbWVkaWFncmlkX5oJHGh0dHBzOi8vd3d3LnNvYmVyYmVybGluLmNvbS-ACgTICwGwE5W10Q7IE8mL2t8D0BMA2BMD2BQB0BUBgBcBshcICgYIABIAGAA__Jsigh__RhhgZR5Y1HNQ__Juach____m__R__EUACH__F__Jase__R2__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSMgBpAlJWFnPB8____gmAYd2H9uo6NicW-kyVbzmD9H____f53fcq2YxGlFkOKxYXvP2Tkdp1WPGAE_Bff0xDkiy6A6wZ3j19H3poojrq4sl2hGmziXxcQeZ1h08etHNQAezYPM-d6LYH-5tUC2VjYWBzpuX__UOyxW8nMEZEueTt7sLP0FwqQSMedhy4a-6alek0g__cBdRu-oXWbQtv6eOLsLNwVsrfuWg191vvPDp6WCXY__vcZaBjkMbhEwJrVDXfI1gvTpQTBiX9srU4pfrKlrPEZW7vzqdNqG0VyF1cKITnncVmSHfPdIFyHcgmfj45THYsPK2fSzSGQ-EezlYpjutKRuJg__lKfP5-LZqp2__654jOua1mF1vu4yWkaf__pN9YJZQ14dXig5UF0dap5__pcPqNcBupep52yvF__m0ZHxxu83eiS1uPKaBqReI2VHhCf2f02E2__K__tMpvgAaEBc3sKM3hcsdeehWLHa7i5fqsT6UMVNVxxEW__rZz16Ir4__b7n6h8Hc2xw0k7mTvLnejZThsOw9XORxJejzyZJRVwwXWlwePGK1MVjuBWIfLLd__TWGD1j4TDlT4kFDt11aePmjvMgLcqt80cn5bvYkQR-MDxfQtDT013ndbpIX8CaFAhKk__kJzDkDJJLYdIZplE__Tjq2JCY7LXwxDFr3kegumRdeNAxit76oOr__v23IU55SoX__3kyX3kNgNJ__f88TxaXgLl0Ys5oGNdCF8j42i28jdD5XDXts4DiQ-Rol8f-NtttgAhtEWgW1OJy-79YZ2wZ7STBvN8RH5dkcqMptdlhL__rl-uWkvVnWtf0Y0Fwnb3cQksJnEEVoeoUmHqlfJemLE3dfCt-0GEMKOp7ZR2MkTyxBgaeEot5J8tidJlmZSdjd0IdcGiA8WkEjPWgG18XNPVcLQwdTsDlBR0L1lCuy5A56Yl-OtQPBcHdAMrAxJmXawgfYGv61g4t5hzfx1J0b3AmCQdKUt0S7QD4HMxAkyqLMBgWuID2OMkUxU6MnOvzay__LOj64TbbRac6ueOY1__HRTFTddQZ6KPhD0R9IbZTpbq0GrUu__WVEDbwip4Mq-NV3L__gS5Qm7cLOnrzNuJFviyrDspWeuBKXnwYyWF6wl0Xs2b__n5ihhdUVpiHq9BAfIZLaiQzW-grDjpaF2SjeBq__nBdSeZC0UcD2nTkRHi5j45zaNZKZR__xkHH3ftCk__PnIssqYt9PCQy4OsrAe4SB7C__-h8vy__B4gQkkhFkWzKhGcizGXaX7Zq7ZFuAcZq2ZN812K5jA7GT8uF8yRpYV1xdpL0k08QrA_B
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 43
Content-Type: image/gif

GET
H2 204 cookie-overlap
grid-mercury.criteo.com/notifications/ Frame C3B1 0
122 B 1056ms
404ms Image
text/plain 178.250.7.62
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=bg3.co&bid_id=d761273e-c91a-424b-bafb-ec2ce7e483fd&ads_txt_id=GJXPHY&has_bsw_id=1&bid_price_usd=0.02772

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.62 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 1206ms
272ms Fetch
application/json 3.233.144.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.144.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 03:06:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5087 181 KB
57 KB 51ms
51ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:07 GMT

GET
H2 200 aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 67ms
67ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9sb25nLWZlbmctcHUtYnUtYnUtZGFvLWRpLTEwbW8teW91LWtlLXlvdS1saS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtM2RkMGJiYTItZTJhZS00ZjNkLWFmY2UtMDU0ZWRmOWZlMmJiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiYmlkcyI6W3siYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDMsInJlc3BvbnNlVGltZSI6MzY0LCJuZXR3b3JrUmVsYXRpb24iOjF9XSwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJ3aW5uZXIiOiJ0ZWFkcyIsIndpbm5lck5ldHdvcmtSZWxhdGlvbiI6MSwid2lubmluZ1JldmVudWUiOjAuMDAwMywid2lubmVyQWRVbml0SWQiOiIxMDI3MDJlYzkwOWEyZjJmIiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOls1LDNdLCJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiIzMjB4NTAiLCJwcmViaWRBdWN0aW9uSWQiOiJmY2FkODc0ZC03ZWVjLTQzMTEtOTQ1Zi0zMWU0NjA5OTg0N2UiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=7704.700000762939
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 66ms
65ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9sb25nLWZlbmctcHUtYnUtYnUtZGFvLWRpLTEwbW8teW91LWtlLXlvdS1saS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtM2RkMGJiYTItZTJhZS00ZjNkLWFmY2UtMDU0ZWRmOWZlMmJiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiYmlkcyI6W3siYmlkZGVyIjoiYWRsaXZldGVjaCIsInJldmVudWUiOjAuMDAwMDIzNTYyLCJyZXNwb25zZVRpbWUiOjQxOCwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoiYWRsaXZldGVjaCIsIndpbm5lck5ldHdvcmtSZWxhdGlvbiI6MSwid2lubmluZ1JldmVudWUiOjAuMDAwMDIzNTYyLCJ3aW5uZXJBZFVuaXRJZCI6IjEwMzAzZjE1OGRiZTU2ZGUiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzUsM10sInNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6IjMwMHg3NSIsInByZWJpZEF1Y3Rpb25JZCI6ImZjYWQ4NzRkLTdlZWMtNDMxMS05NDVmLTMxZTQ2MDk5ODQ3ZSIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=7723.5
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9D34 0
0 208ms
208ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrtjrYJY8cZQSXOpQh6gnuOYKooHGbo-w6zi7S4RAcoexbQzXMlsvvi1KG0fOZAIDgOsDrfjOyIC6wx-opm4ixF9D2Lo0pge7NN_51paDyh8XfsIEk5znqSRwYe7k79GLmxOVyFkUmBlLHxbPnRiEaroQWQMFxFrZKCalbbH7EAryqfuEUeHJYmYuR4pYva9EHWNpIVKeGZN1EWBUXsjUQMTn6M9SEau0OLl075gQqqbbFyhm5zfuvO7TizOPsJgP565ZGlQpDJhKpo7BHUp0eFsXQkh1xxJDrsO9QgjAxS1BW5XCo5_syDifQNJIkJsxR&sai=AMfl-YSX4gRnA7CZut_wxWc26hp7rMBQQlNAbEBVVmsRwmAEwzxHJUuQZ8_CYqZ1NeS8L0FVKJiO3QHe_BK6ZbLV-5Szqee6lrAXo6pfOZj8EizF4c1ZoYVdUMaxkIpMqw&sig=Cg0ArKJSzO8yecHU7eAEEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 1331ms
420ms Fetch
application/json 3.233.144.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.144.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 03:06:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H/1.1 200
OK appnexus-html5-lib-host.min.js Show response
acdn.adnxs.com/html5-lib/host/1.4.0/ Frame 9D34 11 KB
4 KB 485ms
163ms Script
application/javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/html5-lib/host/1.4.0/appnexus-html5-lib-host.min.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4d30543ac6e90772e81a0884755c1ec57baacc83daac73fa91e30682c82d13dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Unused62: 8096267
Date: Thu, 07 Sep 2023 03:06:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 May 2018 13:47:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5b0570ea-2b85"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 3768
Expires: Fri, 08 Sep 2023 03:06:09 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 9D34 80 KB
28 KB 499ms
169ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Wed, 10 Jul 2024 11:56:20 GMT
Date: Thu, 07 Sep 2023 03:06:08 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 4979388
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21944-LGA, cache-fra-eddf8230047-FRA
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
X-Timer: S1694055968.038492,VS0,VE0
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 5, 1869718

GET
H2 200 it
fra1-ib.adnxs.com/ Frame 9D34 0
645 B 172ms
145ms Image
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.bg3.co%252Fa%252Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&e=wqT_3QL9C_TTAf0FAAADANYABQEInvzkpwYQ0qzL5bvAx_4rGMfSsp3gg75GKjYJAjEnbNXM0z8RYemZ9HaczD8ZAAAAoJmZuT8hKdQuAVMh1z8pi8OZX80B4D8xAAAAQOF6hD8w8uzGCjj9XEC5XEgCUK7Gq9kBWLm0igFgAGi1kbMBeN2HBoABAYoBA1VTRJIBA1VTRJgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDU4OTc2OTEsIDApO3VmKCdpJywgNzQzNzQ3NywgMCk7dWYoJ2cnLCAxODQ4NzYxNSwgMCk7dWYoJ3MnLCAyNzY0MzgwNTUsIDApO3VmKCdyJywgNDU1Nzk1NTAyLCAwKTuSAtkEIXlIVFptUWpBOEx3WkVLN0dxOWtCR0FBZ3ViU0tBVEFBT0FCQUFFaTVYRkR5N01ZS1dBQmcxd0pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFHb0FRR3dBUUM1QWNLMmxmQ2ZndHdfd1FHbmhVWEt4UUhnUDhrQkFBQUFBQUFBOERfWkFUb0daSzkzZi13XzRBR2wtY1VEOVFINEZHUV9tQUlBb0FJQnRRSUFBQUFBdlFJQQE48Ex3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0pHQWdpTVFBUmdDTFpxWm1ULWlBeGNJbjV1b0l4QUNHQUV0QQFR8FJESUhaR1ZtWVhWc2RLSUREZ2lSZ0lJakVBc1lBaTJhbVprX3VnTUpSbEpCTVRvMk5UYzM0QU80UklBRTJaamlDNGdFMjVqaUM1QUVBWmdFQWNFRQFXCQEIREpCCQkFARgyQVFBOFFRBQwFAURJZ0ZzVE9ZQmFlNDZJTUJxUVUFFxxBQUR3UDdFRg0NARAEQkIBNxxFQXpNX01feQkoGGdMOExuUDkyKAAAWgUoAQHAUEFfNEFYbWhnUHdCYi15NkFqNEJkdjc1d0tDQmdORFNFYUlCZ1NRQmdHWUJnQ2hCZwE1BEFBATggcUFZRXNnWWtDAXQNAQBFHQwARx0MAEkdDKh1QVlLmgKZASF2aFIzMWdqQThMd1pFSzdHcTlrQkdMbTBpZ0VnQUNnQU1RDVaIUEFfT2dsR1VrRXhPalkxTnpkQXVFUkpPZ1prcjNkXzdEOVINKhBBQUFCWgEGCQEEQmgJCAEBBEJwAQYJAQRCeAkIAQEQQjRBSWs1gPDeOEQ4LtgCAOACjepa6gJGaHR0cHM6Ly93d3cuYmczLmNvL2EvbG9uZy1mZW5nLXB1LWJ1LWJ1LWRhby1kaS0xMG1vLXlvdS1rZS15b3UtbGkuaHRtbIADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYA_TAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODQuMjI3LjE2OS4yMKgEALIEEAgAEAQY2AUg-gEoATAAOAK4BADABADIBADSBA8xMTgzMyNGUkExOjY1NzfaBAIIAeAEAfAEroGGIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBZqeBPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBvmPAdoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB92HBtIHDRVlASYI2gcGAV7wbRgA4AcA6gcCCADwB4KEDYoIRwpDAAABim2apTAr_R4DvLLWUon5cvQ3S02w0n_ZUlv7ruyRJjbQordOxHwggzcUMwT8np3PNbXlA4Hceog73J12i32ZVBABlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=85a2f84f8f80fb5494d9b754f2070dcdebfb0d6f

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
an-x-request-uuid: 15c1805f-64a3-494a-8638-0c2c4a22c136
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.227.169.20; 84.227.169.20; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 1292ms
391ms Fetch
application/json 3.233.144.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.144.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 03:06:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1FA0 267 B
167 B 177ms
175ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWSVy_pLHstxeNpuSYEaC6kf4a4QYA3lkeTzFwwgRts2n8NJYQdM6MXQIjaHBhptY2jGiFaxNHr8k6J-18ZOuaBtiLv6g

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 101
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1727 86 KB
30 KB 236ms
233ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:07 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 1727 25 KB
10 KB 1076ms
440ms Script
application/javascript 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 124538
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ip%2FZJhqp87jZIUPBP9GqYzrzjuOTUySZNOkZSjB4cQreRG0bvN772nE0h%2F82K3DkDj%2BfJQtFYK51T8eeLeCpSqtR%2FmQKGWIpr5c%2FKFNx3vVJnKpwlZKjR5E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 802bbbeb3a940e11-MXP
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Sep 2023 16:30:20 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1727 42 B
107 B 182ms
179ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BK7hiGr1YRNfKFmJ2QaMiLACdJV462uoBdXrSX9ZkBucO8ecMGgBR4MTCN3LxwIAivSc9OwL4WtkFIYf1avCpRqYW9MPhu0wBW4tfRq_-XqXiU7uk

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1727 0
56 B 183ms
180ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13474155012308392424&x=8&ct=77

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2c6a19cf-ffd9-478b-aa72-1ac5c5575b56
beacon-ams3.rubiconproject.com/beacon/d/ Frame 1727 43 B
227 B 1247ms
52ms Image
image/avif 213.19.162.47
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/2c6a19cf-ffd9-478b-aa72-1ac5c5575b56?oo=0&accountId=20616&siteId=395958&zoneId=2209398&sizeId=2&e=6A1E40E384DA563B7BEF17CFD39F146B673D3FD4D7779FF38FB84D0FF9D6107021E1C9ACE86C024AF4105C2581F603E06256DD5F63730948AC14342D5B3019628F304E94AA070E3C9D433DB3EBF167A67A8136C33BC5AD45E5526541046C5F35A4E2727122876D92D327EAE45C5E968EECCAA1B1B682C811B675BBDE970C22D04E6FC96756E5E5714103DA9D628FEFF83DE1573BE0F8E681A492E3E4BD1D823BF0BBA59AC54650EBF3B2AA7A35B8A2FFADCB2CB284D93C62CDA10306204D320B

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.19.162.47 , United Kingdom, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 1316ms
427ms Fetch
application/json 3.233.144.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.144.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 03:06:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D34 181 KB
57 KB 137ms
135ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:07 GMT

GET
H2 200 aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 117ms
116ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9sb25nLWZlbmctcHUtYnUtYnUtZGFvLWRpLTEwbW8teW91LWtlLXlvdS1saS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtM2RkMGJiYTItZTJhZS00ZjNkLWFmY2UtMDU0ZWRmOWZlMmJiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiYmlkcyI6W3siYmlkZGVyIjoiYXBwbmV4dXMiLCJyZXZlbnVlIjowLjAwMDIyMzUyNSwicmVzcG9uc2VUaW1lIjozMzcsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6ImFwcG5leHVzIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAyMjM1MjUsIndpbm5lckFkVW5pdElkIjoiODkxZWQ4OTM4ZWY2MWNkIiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiNzI4eDkwIiwicHJlYmlkQXVjdGlvbklkIjoiYTkzYTFkMDItNzhmMC00OTg3LWE5M2ItN2RmYjE4MWI1OWM4IiwiaGVhZGVyQmlkZGluZ1R5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=7747.700000762939
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 117ms
117ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9sb25nLWZlbmctcHUtYnUtYnUtZGFvLWRpLTEwbW8teW91LWtlLXlvdS1saS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtM2RkMGJiYTItZTJhZS00ZjNkLWFmY2UtMDU0ZWRmOWZlMmJiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiYmlkcyI6W3siYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDU5OTk5OTk5OTk5OTk5OTk1LCJyZXNwb25zZVRpbWUiOjgwOSwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoicnViaWNvbiIsIndpbm5lck5ldHdvcmtSZWxhdGlvbiI6MSwid2lubmluZ1JldmVudWUiOjAuMDAwMDU5OTk5OTk5OTk5OTk5OTk1LCJ3aW5uZXJBZFVuaXRJZCI6Ijk4MTk3NzJmMmJhODlmZiIsInRpbWVkT3V0QmlkZGVycyI6W10sInNlcnZpY2VzIjpbMSwzXSwic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6IjcyOHg5MCIsInByZWJpZEF1Y3Rpb25JZCI6ImE5M2ExZDAyLTc4ZjAtNDk4Ny1hOTNiLTdkZmIxODFiNTljOCIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=7760.100002288818
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F524 33 KB
33 KB 132ms
131ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 78699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Sep 2024 05:14:28 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8A49 156 B
186 B 1201ms
360ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=296929380662160&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F2E0WvoT2YF9F0XWFQsJfAg%3A1694059564%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=B1E29E16-49F7-40A2-88EC-7A78FCB1EA3A&a3p=EhkKCnB1YmNpZC5vcmcYqcrq7KYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJu36uymMUgAUgIIZBIZCgp1aWRhcGkuY29tGJu36uymMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lUekZrTXk5R1JrMVNlalozZGpsRlZGZE1TamxqZHowOUluMD0Yuc_q7KYxSAASGwoMaWQ1LXN5bmMuY29tGMfN6uymMUgAUgIIag..&nel=0&eid=31061774%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&dt=1694055967685&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&scor=1185902463130016&ged=ve4_td6_tt1_pd6_la6000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8A49 156 B
676 B 1181ms
343ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=296929380662160&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F2E0WvoT2YF9F0XWFQsJfAg%3A1694059564%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=B1E29E16-49F7-40A2-88EC-7A78FCB1EA3A&a3p=EhkKCnB1YmNpZC5vcmcYqcrq7KYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJu36uymMUgAUgIIZBIZCgp1aWRhcGkuY29tGJu36uymMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lUekZrTXk5R1JrMVNlalozZGpsRlZGZE1TamxqZHowOUluMD0Yuc_q7KYxSAASGwoMaWQ1LXN5bmMuY29tGMfN6uymMUgAUgIIag..&nel=0&eid=31061774%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&dt=1694055967692&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&scor=1185902463130016&ged=ve4_td6_tt1_pd6_la6000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adx3.adform.net/adx/ Frame 8A49 65 B
748 B 1246ms
355ms XHR
text/xml 185.84.60.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx3.adform.net/adx/?mid=1743473&t=2

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 8A49 156 B
260 B 1434ms
598ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=296929380662160&cust_params=mt_fln%3D1.8&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F2E0WvoT2YF9F0XWFQsJfAg%3A1694059564%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=B1E29E16-49F7-40A2-88EC-7A78FCB1EA3A&a3p=EhkKCnB1YmNpZC5vcmcYqcrq7KYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJu36uymMUgAUgIIZBIZCgp1aWRhcGkuY29tGJu36uymMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lUekZrTXk5R1JrMVNlalozZGpsRlZGZE1TamxqZHowOUluMD0Yuc_q7KYxSAASGwoMaWQ1LXN5bmMuY29tGMfN6uymMUgAUgIIag..&nel=0&eid=31061774%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&dt=1694055967694&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&scor=1185902463130016&ged=ve4_td6_tt1_pd6_la6000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8A49 156 B
186 B 1517ms
681ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=296929380662160&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F2E0WvoT2YF9F0XWFQsJfAg%3A1694059564%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=B1E29E16-49F7-40A2-88EC-7A78FCB1EA3A&a3p=EhkKCnB1YmNpZC5vcmcYqcrq7KYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJu36uymMUgAUgIIZBIZCgp1aWRhcGkuY29tGJu36uymMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lUekZrTXk5R1JrMVNlalozZGpsRlZGZE1TamxqZHowOUluMD0Yuc_q7KYxSAASGwoMaWQ1LXN5bmMuY29tGMfN6uymMUgAUgIIag..&nel=0&eid=31061774%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&dt=1694055967696&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&scor=1185902463130016&ged=ve4_td6_tt1_pd6_la6000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 8A49 156 B
227 B 1510ms
680ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=296929380662160&cust_params=mt_fln%3D1.3&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F2E0WvoT2YF9F0XWFQsJfAg%3A1694059564%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=B1E29E16-49F7-40A2-88EC-7A78FCB1EA3A&a3p=EhkKCnB1YmNpZC5vcmcYqcrq7KYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJu36uymMUgAUgIIZBIZCgp1aWRhcGkuY29tGJu36uymMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lUekZrTXk5R1JrMVNlalozZGpsRlZGZE1TamxqZHowOUluMD0Yuc_q7KYxSAASGwoMaWQ1LXN5bmMuY29tGMfN6uymMUgAUgIIag..&nel=0&eid=31061774%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&dt=1694055967697&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&scor=1185902463130016&ged=ve4_td6_tt1_pd6_la6000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8A49 156 B
186 B 1336ms
507ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=296929380662160&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F2E0WvoT2YF9F0XWFQsJfAg%3A1694059564%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=B1E29E16-49F7-40A2-88EC-7A78FCB1EA3A&a3p=EhkKCnB1YmNpZC5vcmcYqcrq7KYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJu36uymMUgAUgIIZBIZCgp1aWRhcGkuY29tGJu36uymMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lUekZrTXk5R1JrMVNlalozZGpsRlZGZE1TamxqZHowOUluMD0Yuc_q7KYxSAASGwoMaWQ1LXN5bmMuY29tGMfN6uymMUgAUgIIag..&nel=0&eid=31061774%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&dt=1694055967698&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&scor=1185902463130016&ged=ve4_td6_tt1_pd6_la6000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F380 41 KB
13 KB 178ms
177ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BwdoUkma-1ZlIzsNJJg1TXD1QZE5vlIwvnRwtOEb-bs4lIxJMMMVvF-3DkGrwC_QdnUNj1w-nlcKCjPGuzJz8qJCn255VPAG0xIxvETuJ6qlkl5ZoI3M_5RxRBvpdiIY5EZaWzuoX15ngWN90p_Jb33TVcewePy3q6pQM_0VDlZ08GuW0&cry=1&dbm_d=AKAmf-BpY6o1s63iYpz_SwqWitzhxA6RhiDQcHrL22dt69kUZAJ1ziEZ2HjEwoaoHJBxnw9F6L5OEif4Smvnio93RW6xYaWyhl4Q_VInrAaiRRpZMY6wAIV5l6gbHrl1pbAtkqCvx11y32F2bokK4r1uDYcGeIYhB7BchN-t71wFT2_K7pQGUXIrHADCK-POzs6gnbDYARAwkZbOWXe1Y5zZAyWNtn_XMDHia7VgeMmKTrQqHNWjbXe_jytScmvNes5NoehlFyTUg5Y6ZmIKLpDhpdzrKoEOMleYg2EwKrVKQ76sUMZ0CaZ6eXjXHlW_ig9NtVeVg5vwQMKpE68CzoHIaprZClTq30HLerSWpyG742UJR8Iyw8XWqHTvMUx9OFCZk-VcIUcWzVVzqj3zs7_rWOs00rAAMHzxYY2PREQrXzYTQlnmZVG9mxVnaFGTqvXyOW4OnIUyjJ3OcuqVe5NDNQlkJp2_mmAnWGTJeG8vOoWpWUUNX9RZX4VAX6O76i8Cs9Vh3EhdZCS7-OPo2MGVe0dRWNklRp04CQOqzyQteC1PYrqGDhdvNVNjpYCf3frwnFHSsP34gs4yQR8BnhpiMLOv_gNRVvE70XeTmX57VCU5OUbXFgn62jAF-c_MZR1uCNhPMMIM6R_Y9Bf_hUfg7x0-7RibcoxjRucZ9uOcoF546Z6vOP2JJsPqbV1tiE2QfryFcRh-keJzkjUt3CHk2j6qyufaeAOnjCipC_vR18PdPeAaL3rlo0LBvIvBMrRXN-YGDjsYPSl0s5DA9MKVmzlqgPE_Mf7auh7zV3PJfqWp0d-5GOMegF2ahL2Q51TFcH4LMvzYPttIa0cY2tuViN3kH-aDjGr6vkBXAdsPjMbjAgVDtqqSvWADcevclG8HQcT5KftDN8v_ox-wHlWZtMXLj-hJxD4VP4HVSDGVXP7A71SQTG9Ek4z7OIcpdREeBieVqvfin5_mUOhiLFQBLLDZ8eJurfMHd1EdzPJk_8Gh38EzMsMnDUXc5GcKBOW7lHJlPrmO7xGgxeckbrMNCA8byEtHbYfV1YdYgjBCfZmorL1FS0WakRpjGeSRYSC3_gqolZmI5B3hvTfdyUxWvCsTX_iVfFUbSABrcvaLJxsI02QmBAMk4RHOAXQY3Hc8kFn3YGJe2BAXUA5C0gaFOBCGjCZx4HEDayQq6dyCKsXnl-jpYLADvOHAyagQVzbYQJhwoNK4zB6WDnayI3e9pG-41xCCNDw6QxebAIGeyrhe4sFSeUpB8LNt1YCR_PkwOvuH7L9-SWLya8pUVWz-BPmwAtqK6t4hQ2eJozKdYwyWLtU1xJHZz_4-93L647dJVE8H0fiStRByatrzDBLDr1-HECVV4aV1DSDyCV-6S7IT2xtuu8cdRn5zxUQxZxHLL59zt0vcJFMKBo6-gFuJV-ba0Qo7tZ8PuKOltm3Zbi2Hds_8ofD3o0ilPPGKUGgpemNmtFy9E5O5rd7YS_ykV0kpUGqIVkkXidTzXFAsDlUars58oYMSmEvugAfjlyAxxuqLkCrfPQvqbGHRxUypScvftnCghiDAWyQSlgi3xhNPbjgJD4IEwrLM85Ab1uUOMFjhA8tXVq2ASxciVndiiBSpJoNNvm33PU1A79_XuqMbPszr6-gKCimwbyhz3Dvjk0pWMqyJQ0sRuyrVGTxq1IVu0V_X6Hekmo4cK9u5Z47Wxx5He2_tz5gsHlX19xlu5QU5k9om-i1W6P9OecFdfQIgcoCrR1BcZuEwyowp66jF92A7AuPvXf4hZq9rZn4eITkiJSzhTsS2gzl5kDjTkDBgU_Mz80LiMV2VPCj7Ea_dskVlHdXY_xwuToznnRX5HTKBh0X2ol5A6j7gq1adj3BWZ1S66aGC8qbhTDl6BSBdGoHMIrLkK34v9SQT8jNozaqzZsRefkB5FIddwenEMXD2u2C_chKwScGY4hDABRlJhLt24ViCW5c8uLHj29el8IjGDUXKyQ2sNVskIs8DHkxHu2wQ2FvTixCamTxYiDQYEikp5xzWBqnH5UPtIRNpE6PlRng0-J-1fWeTyImzLvtrU-hnlr_zdh6rZpYCPKT6f1M6u4s4HUi4ZFiweZZiwYHsgtpYuC-wRc1nLcyi7HdOTaW8Pj881jGDAER4cKLAgCUFtTkEzCG_TJlUnigUrJPVvG1IxArIM-59yHrcq7s7DZnL2X1GXuwDuVuNGnkjZriqTumyyTlJYu7BYj2zktbPPqHzCLnPibAARSx_hyOs0KUVUEvZP_smtP3J-g-9SAGq_z6qDtgxqhLoConWiVoeo65ieVwKqLZocEGGuBjNV2IdmIYivlDzD4-5_eTh3NVZR5JJc7HsxW5r2q0WndJoaiyoMf6B-l6J8L13GcwplI890-S0rVqGvuR9_q9-SwFmAK322cqmTXUrCyF3W2WCFBqcdncywW0nwV80tS-FeTWwiDauvBNmIdf2xdIr79FK_rGCpiC9pl8-FWac0SjJBvobG_ug5nNi8w4IuiJFXGH1OUwYuTQHqNgaEvrRwQokWWiNTfJU2zpXco6g6DsvnVvM1O0PAVa7lbIQ0Lp985Y5IqniFk7iuCAS5AlHG6DpED314bVVsEYXkwhpX2AINuSGiSBguBshR1V1RMCqyTZrdmMxkB-RaIji6AbETiWru9aBqKPGGZQMmvFDPcJos557jkv5Sgj0hQP4VVWPcuvGV07qj3gnPBIPqHXrgEkDZT2ryJw62YTtJ6XTQrv1aG5zRWPtd-yg2Icm4zv637BFvz8JftV9JSuHZTFILjRBK6xIlIjAMH3zFcMyGtJS1LYs7Py99DJJka3AKXH3zsZ8Lua8yOlkBmhfq8wnNImbwct2Gov_H_wMZJICZspC6p8gNHq7cw4w4rASv-XLinshQNJzPbhn4onoKz0AqV3pbo8lP0-W5oy2FiP_gBTnf2tjjrdSPFXmYKCVR9bd7jeimjnjj7DNqwQ5t0csB95X0uHeMRpWbQ_98k26tbSrhJTk5wM8kXOwImR1JXNy1nC1QlkqhYsx2Ty4SF8JnzZD5TWjWNRdqFTaKdnSlmWbXYXnGurUNvaOi2OUakN0sxUzE3oBd2Iw5qeaYIF2NYQpCxdDowi0rLu1bQGMgdHjLdpPN6Aa1fV-tyKwxxbCJvbN3EY2QFDv_ymNNhfFVdQ0fSpAfP7PBXd81QUXrAXQAYDj_uKcDeT0r9HlXm65_4pSWdWVwTGYW3tA_R2A2x4raJGS31jZbgKG8eed5IZiYPibZvSs9Fe5KW5spRLl3RrHmPxIZrARNo4LXGME51nL5VwGi2OUR14ycu7cqtKkl45U5u-V1RMKFxMlq37GTz1czsUr7naTi4QajAm-BxPIIy0XjXXxwYDYzW6hsnIXIQtFDC9KhaFOSLfDptU9bU90hQuTEum5Qmr3PqVVpKpAuUGPzNDTYeep4LtNh2QCvsQXJCII4Wi-z7VgOuivAUki9CNzI2EXEM5xK73d7AUFmoP2M_fRzMUDJQR0YfRqwRW99iUfIiHd2BJz47fwQGlTI7lS07A0uPFyT_ciXcRZywIj1iLWwqW_RwsxQX5S9Rh7pD0IFrG1ncJ02Ct9WsOCNmGSLZ4jnnwCK0o9CRXqvY-lGa-2lwUhy1Aqk36tVNA_yubB2mpfR_KCe--bgSy7201AhrObRakkgv0TvkrfZGzHc4d2VZIXfet7h3cc6rXTSQNL0e_uxhF_42GkByBLEz2NFL9Y-B3cESMBNJr-SjnDjfGaigTpK9zk5juVgn0Lc57ryUyXRWIPvKIUzkx2c75rc7JYG0RlUxm0js4fdyRsJw52CgoZN0OsM5njzHrhE7aQNTgnwqfjW9pQGQpwc_Thwx9D725a-LDG91LNpwo&cid=CAQSOwBpAlJWLA01jQ5DM5PCc9jYjRie2ubnxZLnLkMyudWWPO8HskAcI4aQHfL_fLxlsfuw-rzspsb7ajRzGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=3234175079205439500&adk=627576174&idt=348&cac=0&dtd=39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429892
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 03:41:15 GMT

GET
H/1.1 200
OK 8w7qrx09r0fs Show response
hal9000.redintelligence.net/zone/ Frame F380 12 KB
4 KB 452ms
192ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUrq3Hj75ZKyzKIm96wTjjYmgA5HB0Jtp-_CDktwP8C4QASDSzIEaYPXF_Y78A8gBCakC7-3G4tn-sT6oAwHIA5sEqgSMAk_QU8yLoEnH0Z6ayx0ZQ1MWC6ZM-UoGuTGi7bqT59XeJbIG4L7GZh2TVyNJbxf9C7jA9S3WpB_GC7x0DbLyyBePVIEZm3TdaBchc9rbOqTuTtJqbGdR2tcsE3wKbWlZAwuXZB8eoGThNdcT5LLbcROE_MLtnMovU5dPrEC7UZw2jseW7mUz2DGWbj2cUVo7XY-d6SHfWWO0B2zaDD8OfSiv04GzVBVcDOXCF5kYwvl5yoT73FNzJ_vwA4WUqdfXQaV-0RVOQjl37GuidUWJhjpch_f0yd1RsZOcV-Ar1656-221jM6ocyVR1QX0Zrq57jO17PCq1Rda0zHTsvzMQLnIJDWjfhcp8tJk5hrABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIrLr9oMKXgQMVid6aCh3jRgI0EAEYASAAEgJViPD_BwE%26num%3D1%26cid%3DCAQSOwBpAlJWLA01jQ5DM5PCc9jYjRie2ubnxZLnLkMyudWWPO8HskAcI4aQHfL_fLxlsfuw-rzspsb7ajRzGAE%26sig%3DAOD64_2CvIHCTUwfz1b1mdYwPyxSoXicng%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-D5C1UY_DAv2m5_hqPMD1GNbi5KRsi6k4IBMBFZEIurT48sQKR0LFIHTZuR0gf9VJHhg0FAMIXYssxNfVdzDcHYD4FbAu3leVp7GgfFT0QcH2BMKcv4PISsKySzBsGvwe2fyz6avWHyW7qAnv5GYB5_zs_DN3vSSHYBFHgtp8T9oQlj5mY%26cry%3D1%26dbm_d%3DAKAmf-B3KAte-1EhIpHfNqzdpLifr4ULAKPHuG7lzn8TqCN-MgW3Ts19xOlacuPDRHdvbVzwQZMufnhDnc9pCRDkGm6PN0HHV5gflgp9psOzMfNj83AebmiyagCAcX0LGFdhCrPLtPtajUgyIg32-LdY0t1ZjMOBX6r1aYOb9FFiNxPSrvXhgoq6GYO5XLjdv6uKpUCAhzx5rkNM-3s0ngJVYB03iiQK9q7faRAoKiq38uKmUhvJbT9RPxhYlvQDktoxOLWMN1K_R6OeSgyanEO-jE0nCPteA_PTt_og2pfaT6Z-xx40wI-dtuy3aGGSY2ljnxOkOV-GV6BqF-UnmUY5n6j3zJUJWdmCTMivfaT8Q6jQbD9dXWHrGLhvMYO19-FwV16RuGdloQrmNjl4CeQcuja0l0bPr6K04Bo0yKBTi8a9YDqIwxGFM5dr6HW6z7_CTGpJdYOOLazbz-MTiv2TuWgW97JLEmtBGfy6aSnVDc2pGuQCuZnUd9zHxj2zuxS4hFyQmW3tCX9iLukabl3pjFBr9EQhsI5YiOzVaXKkxW7jfWddCtUZAAuLgKaauwBkqktS0TBUzrgoGPMAb8lv7fiXoPinxWQpZGfN017vkUONdqEP-eA%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964592&bpp=1540&bdt=1227&idt=1847&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=2&ga_vid=1808553781.1694055966&ga_sid=1694055966&ga_hid=1892573693&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1246&biw=1600&bih=1200&isw=336&ish=280&ifk=2574231912&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077559%2C44769661%2C21065725&oid=2&pvsid=192097958015919&tmod=317346804&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z4cgrncr6h6c&btvi=1&fsb=1&dtd=1862
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 5d7ed00a60e140ee4797f3774484b950bd73f61257227dfb53fdb35b7d3d3c77

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:08 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4244
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 native.js Show response
a.teads.tv/media/flavors/ Frame 5087 96 KB
24 KB 189ms
189ms Script
text/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/flavors/native.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/d36cb94f-901e-423d-80b9-8b19be62e619_09c9c2b2-aa44-48bd-8cb5-aa80eb21eaf5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cf6bc6012888c286b7edc4fa1c1a88f6663f8e7ec60fd65d236b5af7ca506f36

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 12:33:44 GMT
x-amz-request-id: HSCRX61223EZHSJB
etag: "4d9c3335618a7d9dc3e9eac3b7b3b3ff"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 0
accept-ranges: bytes
content-length: 23985
x-amz-id-2: ttwz4981WyJEFeeYidBwSrPTPXRjDK9bW16c5aeck/bo3vE2NNvJ0afopJz15W3UOJ5v70vSNGI=
expires: Thu, 07 Sep 2023 03:36:07 GMT

GET
DATA 200
OK truncated
/ Frame 5087 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d82e401294c05950fbbd0acadf950c568f837ee7fb2eff905e2015ff23fc960a

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 1FA0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEMHePH0DW7BoXjX1ywWXjpU&google_cver=1
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEMHePH0DW7BoXjX1ywWXjpU&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=e6c5c12d1b1fd55b1a2f86ff9aef67a9&uid=e6c5c12d1b1fd55b1a2f86ff9aef6...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
148 B

50ms
50ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWSVy_pLHstxeNpuSYEaC6kf4a4QYA3lkeTzFwwgRts2n8NJYQdM6MXQIjaHBhptY2jGiFaxNHr8k6J-18ZOuaBtiLv6g
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 07 Sep 2023 03:06:08 GMT
Last-Modified: Thu, 07 Sep 2023 03:06:08 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 1FA0 170 B
188 B 126ms
124ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWSVy_pLHstxeNpuSYEaC6kf4a4QYA3lkeTzFwwgRts2n8NJYQdM6MXQIjaHBhptY2jGiFaxNHr8k6J-18ZOuaBtiLv6g

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4E04 15 KB
12 KB 150ms
149ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9554873d12ae15c35c08b304fe093bcf7c803051b92295708bce856fc7d7d1b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11707
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
87 KB 83ms
82ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b9bc57f37e0d9751826106dee0459ad9f66188413f03999c7619504df92756bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89278
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Sep 2023 03:06:07 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1727 0
56 B 179ms
179ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2818884787091&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1727 0
56 B 178ms
178ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2818884787091&version=m202307240101&ct=77&x=8&cor=13474155012308392000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1727 31 KB
18 KB 125ms
123ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APxQu8hOR9MHJTXKkmxGfx2e36cpb-e8VC9ywAr16V9C-xiJ3J50NvnQOcg-1FbiotHUwT8GkfXaPHG7jVCVHL3f9pmrpntogT-mm5NutNnN72RDU5WSf5t5ADJPLW_-LFMlqz9zMNPzI7ZV_r8-qMCo39Qw&cry=1&dbm_d=AKAmf-BLkGPeINmiSOn2H1tVd0c3-LcfrW_xtlzFW0I5LSHG4YNNElWjD-Om9mmcjmFlmaGUhuLvrcKB1Ty6VsKv4Sf4nFB--5IVPaeHn-EX7FMJK-s9kyAyKDSqBcCNNCn3V2O131n93IgDgnjzm_TDf6vdUKM3BkOIu-eKxfhyfVYGMPrOrlPI_ZDO3IZK46124Xe9QzVJu57Gwm7oH-Ee-UT9BtWvKRscIzriGrSESX_FJw0t1C10v746WbMrnUDVGxy028kqmAK9FYKBeCEEW5QpeGsXHX5fQ4U9gnpdkhHcEGya5U7GAu4UHrt9t-IJuPPFaneFY88GTM5VY9zrns5dtEaZce3g7_hQStgp2bpt3QP_KXIHdxAgBEhGBE2nZRgSsfc8eg_YjVS3Yj1iu9qLXn4R2yYNGj9sBisSWt_8Bs58qcQvaofo2Vhac2XZjFQ-oAZ4b_G6qNJf0wezqZj3kc_fbltw-E49Rvb8heqiOMTIP6-o_jdhPKQaDkvDBZzTinN-q4h-IWqq13jlCw5pohxi3qLvbZLJZDhLHlr7XPwqQMLVmQRV2c_w91hgrysQhlaG97RBCzof2_lJ0FQ-kuOSsEH47AEem-7pUzS11dkHY1eQwSwK0Uv0OQ-9CNA_mFSpjoWZkG1MwxLAnfVTs6AbbFDY1yQDc9BKnorHHbRW2dm8zMSC-vUdCwtwbpn8LO45hQlOqOFwNOPBU1o4XOGwHoxzCKN6alQ37KQKin_AQzFzBwvKNAN194zFsHvWmScVWhTo3Xfd0JsQY3lMRCiunqLeJ2KLeDiQp2EWOP2GIayjoZG8ZVlmPoxqojT5m9He1qOqPCklUA7LswgARb7FFy1RKkfPULybuei_-nlYkX_ALqTIvl-d-7ItRQRUpNRBo1kaTZwfR0_qb24BBlS6aH3L4XPzxnGa8_ZjSp8FwAkzawwCA2CW83q34Ilwob4TZRvTE4jOJgLaUJKqNQAYtypgNdFj57VEMFBwaCQtVzWzulnAtPGZ6W0WIxjiFr6tLyHAW0CSkYIV30K9A-22udSSLsKONu0mXh8thx6a-oVKTIevfyKpJfnyqn3bEI846di1jUqDoJpRZld8BX-Wat-pqQLda6kNJ83XLkjuE_QLaZieFvMSyx_uURw8p4Zmcgujprod-GQwrDiDxbFOcvx1YCvEnl3Q-I_mbgbqWLAGDN9pFcokdcaWppNVB0uWz_lOmcbdBWLzFWzq04N3bhvZUOrbfIivhaTxdwloT-8ssbtBz9NANthXCOAWx90fRP82LseXrMiU8QPjKQ8Ns2wlWn4bM2YzqLYsZCzNwJ5gukF7g4lNnLGf2Pu7LVj_8XVcKRezrNQUs-9CAthBhl4oXlGQBce6WMOS2CMLBRZCtGhEVlCIIFxpfxpGskBpMS13Hpj4xLI0Tg3YmUsvX0OAlvgwF1hG_HPglUQiEMNoexQ9x4XBwI-XfuTW_iQ_d-zRz7QNKHzFO_8TOyunxcF4L4ru7MqzeDeSiblNLmCseYElg_c-3-NDnFeDLM2O_9Zaxy1lSM6nf1kSyZD_S4UwLp4HT2d0qv0axXi2-tYWzNdbzf41kMxTX5K_Fra-U7NUXqdQ5KbcpBErzzJjh-EhML9zqx8WOaMwBv_M7h_k0ICrQngjoZxYHsDCQ8tLVLMsEFSG8mQiBQs_-1nlGj_-h1Syp2pEigX1Xi8J49nI1cOPXI-Lrnnj-u6wP0d-goWnN-jLOeGemDJCB9ydTRGcCxihgNBad5PkYp0-nGvftLpvJx4R8hqesbhOWyPSRHc8LKfTK2tZR1njdMRG0YS8wOzravkZAsMQwFNOBlekIkxTv9rOI3QzxCc_sYkuYySlxwgOJ7_ifD8AvWtcN_5n788QyieBYQeVGn5GTXCuz7LxVCPHWv74PV0ZsQoPXYEvSKFaKBcx13lE4pHWVuCuigUJV6EqV_2AVg7iO4327gWOvXYrJUg--CuwGZ6Q3TyAJPzNt5LdlPpZSa6jnxxlYMMo7Ba530VnUokkjQbxuX_teMMbBOWMSbtSIRI91PPt6CJfIYLZLAYU_TA4cUeXcYZiRbXuNcRlGQEHqBg3dQPajp92N1ZHecuaji_9vd3J7jl8z9XHAq8cVSL3NYXy75JdBiSTz2VmS4mFNgcCRSr3ozQJdK7KRR4fsuv1XSaZpbGyXdf8Md1iLN12Hxo7YfDJBFI5uJJCefMfdCkild5Ey-GZloD5lsE0JFtyHPlsiPOZjX3t7x5ncdFTi_YLu0FyAcPy3pm1eATIecB7l0xsI-FCKr2XXWHvs0ZAv-8gjINe-xz4v3jhMaE7xFs2sL33dKLJg4nF7eaj_Qa6OOiK3oT5aCGGHj09PHE54XmKS2687QGACxh5ZMzVrU97ZYM73luYmP9V0UOJg5oGdy_p4X3xq1Q9nAEqCMWbZ4SaDLsihMdkbDC6cFxMYqFCb87FX2t_SZ6avtnOp7xUz1uA2UHE4jLFeMAEWXuSULXhBgPaEhuhHA8jceoT6eL2jrHV66qd_FnD2CjPDBwp023QdJ5oCAH2Qd7nuQ2i89DnHkBvDbFouhtZL_eHmQ9-o1ID7F52VkCK7JyKuSf8CoXPEJELKsLAVOy2Gj71_GvxBedYVRy698QKKXP17ILtBAw3yfSP_bjMMO64duofyBg6b19NSEyJVSM7Sg6WCM8eZFOsBf4GeIr7WkW0k5wsi33eVrL9hdowjvbnIml-IXhxwl2zgR8I1YkwbjtmZ82qFR83uDlvs4oqgynKhKxxuNoEEBYvo6Njr6h86Wl5YLnGcqi6joeXDIaOJKufuB_nDg0psZU32F_zslI73jrzo2LlGb9zT4bsnOFbBe3hVco0fNTGtmgm5hSZBbkUeaUSzPZTy5nmTtlpepS-1gR6v7aaI6Dy8PCu_hPs4YNnP2P0T2wt31lCTLDdc4JknIbgeKRqhaQE238iEXPc4LWM5MHn3ugWCdh30AHhCE-eBsvcOmhLz6JC3iutQDd_k44VNqCyoPvOGKO4z2ejCTEXIq2RTdaCQO-_ah-cKMtoy2ZEf21iDjajradGuQut30TSxknUFfpC9Fg0Y2o1DV8gJxXrPeQft380hNFDlZL2pRprFCDflBu7o6zkoju9Mve1KLeIC42pzuRX9sKeyQwft8qeHL0i5cVqNqLuFLBOedD_-0a4q5y9ecrgck9NDttdOM4K53J2EguOpd4apiOWITVQocWjdBdEHiyC6MJ9ChWdGg27Q-MJA9o3MyNIDdxYQLnjs-Gedu0lkvLtGy67fm3Vx0toXv4enElnt6jump_wchViFHM3YyRfiXeqUJ5SdlBBPvid9n9s39KYAm8bbi8d68CWWYMrGGU_PsbDker7yO9WUhNhwND2uRL55ANzmGP3Hzw6NxwSVYso4EjKz7go3pSZC2Ot45K30_52MX1rBXnJEjHjqt5-JOWBlFNlzPvrHyLtfuQHr8y1DFGcXGSQdy-av657SCguDmcJfERv3-YMBAJdCFr1fzKMGJZJMTrbbOu4mOK3zOBq7euxjvkDxsiy9iOo8M7PvL_NkVzCoGYrBYnywqN7JJJ_jJFxX9zIjoHhSLRaBjBiLg&pr=8%3A82D8FBF241E2C01A&cid=CAQSQABpAlJWo9dWvMxaKQo2It6rK1dgyxdKJLAVBcTlBYFfDzKbSTcKOvW8l5PhQf5XET4WUIplL12KFoIx_N9r0QMYAQ&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ds=l&xdt=0&iif=1&cor=13474155012308392000&adk=3335017511&idt=246&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b470a7970132582464cf68088bc8bdf3e9754c65def0b103925269aa1fed072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18608
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame 7059 37 KB
14 KB 69ms
68ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964653&bpp=1587&bdt=1316&idt=1910&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=1&ga_vid=771548045.1694055967&ga_sid=1694055967&ga_hid=295874071&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2048974205&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076838%2C44795922%2C31076996&oid=2&pvsid=893971139118720&tmod=1366410584&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kr0v7rbj6mki&fsb=1&dtd=1922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:31:44 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8631 22 KB
8 KB 141ms
141ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 333262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 06:31:45 GMT
expires: Mon, 02 Sep 2024 06:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 nurl Show response
a.teads.tv/be-ms/ Frame 5087 9 KB
10 KB 269ms
268ms Fetch
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/be-ms/nurl?payload=GISpCiCUkUMolNk-Mk0JAAAAAACvID8hzczMzMzM5D8o6caz5gcyGyoZChUI6aEnEgNVU0QaCmltcHJlc3Npb24YATjMqlFYBmDMqlFw68QPeI-iEJABAJgBADgBQgNDSEZIAVAAWAByBmpzLXdlYngAgAFEkgFXCAUQ9AUYzE8gpV8qBDgzMDIw____________AToEd2lmaUIQc3VucmlzZSB1cGMgZ21iaEoBP1INZXVyb3BlL3p1cmljaFoGa2xvdGVuYgdzY2h3ZWl6mgEKd3d3LmJnMy5jb6ABAqgBArgBzzfCAQZwcmViaWTgAQH6ATMSLwoWCL2E-YD5qa620wEQmcyL85vj4tyAARIVCL2RkdKq1vDkCRD11YfZjtDq2owBGACAAvzP6uymMYoCB1dpbmRvd3OSAgQxMC4wmAIAqgI8U1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlsgIaChYIjJ7Vvfa_kMvzARDduI_kqbbu1rUBIADYAgDgAgDxAgAAAAAAAPA_-AIBgAMAogNGaHR0cHM6Ly93d3cuYmczLmNvL2EvbG9uZy1mZW5nLXB1LWJ1LWJ1LWRhby1kaS0xMG1vLXlvdS1rZS15b3UtbGkuaHRtbKgDALIDAmNougMGQ2hyb21lwANZyAMA0AMA6gMnCgcIABABGP8BEgQIAhABGgQIBBAAIgQIAxAAKgQIBRAAMgQIARAA8gMNODQuMjI3LjE2OS4yMPgDAoAEAA==&auction_currency=USD&pscid=20204&scid=7024&sid=174681&auction_price=bEX8ztBoogDbNjqqEQ9Mw8tajAEPHDmWQvgJkbCySLSiIA&psid=415253&checksum=2083811196
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b216e285ea6c7df807cdf1aec36156588348f6407a91028a8ee485b1a9225ca7

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
content-length: 9466
expires: Thu, 07 Sep 2023 03:06:08 GMT

GET
H2 200 track
t.teads.tv/ Frame 5087 23 B
134 B 789ms
221ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=f39641ff-67b5-4f0c-b5ad-b9b29c83dc5d&pfid=68&env=js-web&ut=1&cid=1099924&gid=1027220&auctid=d36cb94f-901e-423d-80b9-8b19be62e619_09c9c2b2-aa44-48bd-8cb5-aa80eb21eaf5&sid=174681&scid=7024&hb_provider=prebid&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&pscid=20204&psid=415253&cost=53_av7BnyY2ewoHgXPrgRUMt&cost_curr=USD&analyticsOnly=false&brid=7119&ad_source_id=128&dsp_campaign_id=1027220&dsp_creative_id=1099924&fms=9&p=OJ-JDGuQ9Y3GrtCyrIcu1suavvAV82jZu-K47Y78PQgTqw&cts=1694055966783&cs=258609569605552239905&1694055966782=&slot=native&fv=1245&ts=1694055967965&plft=flv&hb_w=320&hb_h=50&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 07 Sep 2023 03:06:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ Frame 5087 23 B
134 B 823ms
256ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adReceived&env=js-web&auctid=d36cb94f-901e-423d-80b9-8b19be62e619_09c9c2b2-aa44-48bd-8cb5-aa80eb21eaf5&pageId=154680&pid=169092&hb_provider=prebid&vid=f39641ff-67b5-4f0c-b5ad-b9b29c83dc5d&pfid=68&f=1&slot=native&fv=1245&ts=1694055967965&plft=flv&hb_w=320&hb_h=50&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 07 Sep 2023 03:06:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ Frame 5087 23 B
134 B 806ms
255ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adCall&pid=169092&pageId=154680&auctid=d36cb94f-901e-423d-80b9-8b19be62e619_09c9c2b2-aa44-48bd-8cb5-aa80eb21eaf5&vid=f39641ff-67b5-4f0c-b5ad-b9b29c83dc5d&hb_provider=prebid&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&env=js-web&gtc=1&gdpr_apply=false&gac=1&gap=1&ca=false&bsg=uncat&bsias=uncat&pfid=68&gid=1027220&sid=174681&brid=7119&cid=1099924&rpm_reason=3&ut=1&p=aYX4fE0uDBzMn_ZirXuVEs4nfZrf7YGSdfmN0HXZr3PVP3EEboiBSWiKBkHpJP175OI&cts=1694055966784&cs=-332157767749106139505&slot=native&fv=1245&ts=1694055967985&plft=flv&hb_w=320&hb_h=50&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 07 Sep 2023 03:06:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/2E0WvoT2YF9F0XWFQsJfAg:1694059564/1327/video/1812/ 448 KB
0 193ms
193ms Media
video/mp4 212.8.250.43
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/2E0WvoT2YF9F0XWFQsJfAg:1694059564/1327/video/1812/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.43 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=65536-

Response headers

Date: Thu, 07 Sep 2023 03:06:08 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:01 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd35-101b90c"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 65536-16890123/16890124
Connection: keep-alive
Content-Length: 16824588

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E04 17 KB
6 KB 270ms
270ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 03:06:08 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8A49 0
45 B 645ms
448ms Ping
image/gif 64.233.176.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lm8l6m9j&c=7588704214663&slotId=3794352107331.5&ghmsh_eids=31061774%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.176.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yw-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 1727 30 KB
11 KB 265ms
264ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APxQu8hOR9MHJTXKkmxGfx2e36cpb-e8VC9ywAr16V9C-xiJ3J50NvnQOcg-1FbiotHUwT8GkfXaPHG7jVCVHL3f9pmrpntogT-mm5NutNnN72RDU5WSf5t5ADJPLW_-LFMlqz9zMNPzI7ZV_r8-qMCo39Qw&cry=1&dbm_d=AKAmf-BLkGPeINmiSOn2H1tVd0c3-LcfrW_xtlzFW0I5LSHG4YNNElWjD-Om9mmcjmFlmaGUhuLvrcKB1Ty6VsKv4Sf4nFB--5IVPaeHn-EX7FMJK-s9kyAyKDSqBcCNNCn3V2O131n93IgDgnjzm_TDf6vdUKM3BkOIu-eKxfhyfVYGMPrOrlPI_ZDO3IZK46124Xe9QzVJu57Gwm7oH-Ee-UT9BtWvKRscIzriGrSESX_FJw0t1C10v746WbMrnUDVGxy028kqmAK9FYKBeCEEW5QpeGsXHX5fQ4U9gnpdkhHcEGya5U7GAu4UHrt9t-IJuPPFaneFY88GTM5VY9zrns5dtEaZce3g7_hQStgp2bpt3QP_KXIHdxAgBEhGBE2nZRgSsfc8eg_YjVS3Yj1iu9qLXn4R2yYNGj9sBisSWt_8Bs58qcQvaofo2Vhac2XZjFQ-oAZ4b_G6qNJf0wezqZj3kc_fbltw-E49Rvb8heqiOMTIP6-o_jdhPKQaDkvDBZzTinN-q4h-IWqq13jlCw5pohxi3qLvbZLJZDhLHlr7XPwqQMLVmQRV2c_w91hgrysQhlaG97RBCzof2_lJ0FQ-kuOSsEH47AEem-7pUzS11dkHY1eQwSwK0Uv0OQ-9CNA_mFSpjoWZkG1MwxLAnfVTs6AbbFDY1yQDc9BKnorHHbRW2dm8zMSC-vUdCwtwbpn8LO45hQlOqOFwNOPBU1o4XOGwHoxzCKN6alQ37KQKin_AQzFzBwvKNAN194zFsHvWmScVWhTo3Xfd0JsQY3lMRCiunqLeJ2KLeDiQp2EWOP2GIayjoZG8ZVlmPoxqojT5m9He1qOqPCklUA7LswgARb7FFy1RKkfPULybuei_-nlYkX_ALqTIvl-d-7ItRQRUpNRBo1kaTZwfR0_qb24BBlS6aH3L4XPzxnGa8_ZjSp8FwAkzawwCA2CW83q34Ilwob4TZRvTE4jOJgLaUJKqNQAYtypgNdFj57VEMFBwaCQtVzWzulnAtPGZ6W0WIxjiFr6tLyHAW0CSkYIV30K9A-22udSSLsKONu0mXh8thx6a-oVKTIevfyKpJfnyqn3bEI846di1jUqDoJpRZld8BX-Wat-pqQLda6kNJ83XLkjuE_QLaZieFvMSyx_uURw8p4Zmcgujprod-GQwrDiDxbFOcvx1YCvEnl3Q-I_mbgbqWLAGDN9pFcokdcaWppNVB0uWz_lOmcbdBWLzFWzq04N3bhvZUOrbfIivhaTxdwloT-8ssbtBz9NANthXCOAWx90fRP82LseXrMiU8QPjKQ8Ns2wlWn4bM2YzqLYsZCzNwJ5gukF7g4lNnLGf2Pu7LVj_8XVcKRezrNQUs-9CAthBhl4oXlGQBce6WMOS2CMLBRZCtGhEVlCIIFxpfxpGskBpMS13Hpj4xLI0Tg3YmUsvX0OAlvgwF1hG_HPglUQiEMNoexQ9x4XBwI-XfuTW_iQ_d-zRz7QNKHzFO_8TOyunxcF4L4ru7MqzeDeSiblNLmCseYElg_c-3-NDnFeDLM2O_9Zaxy1lSM6nf1kSyZD_S4UwLp4HT2d0qv0axXi2-tYWzNdbzf41kMxTX5K_Fra-U7NUXqdQ5KbcpBErzzJjh-EhML9zqx8WOaMwBv_M7h_k0ICrQngjoZxYHsDCQ8tLVLMsEFSG8mQiBQs_-1nlGj_-h1Syp2pEigX1Xi8J49nI1cOPXI-Lrnnj-u6wP0d-goWnN-jLOeGemDJCB9ydTRGcCxihgNBad5PkYp0-nGvftLpvJx4R8hqesbhOWyPSRHc8LKfTK2tZR1njdMRG0YS8wOzravkZAsMQwFNOBlekIkxTv9rOI3QzxCc_sYkuYySlxwgOJ7_ifD8AvWtcN_5n788QyieBYQeVGn5GTXCuz7LxVCPHWv74PV0ZsQoPXYEvSKFaKBcx13lE4pHWVuCuigUJV6EqV_2AVg7iO4327gWOvXYrJUg--CuwGZ6Q3TyAJPzNt5LdlPpZSa6jnxxlYMMo7Ba530VnUokkjQbxuX_teMMbBOWMSbtSIRI91PPt6CJfIYLZLAYU_TA4cUeXcYZiRbXuNcRlGQEHqBg3dQPajp92N1ZHecuaji_9vd3J7jl8z9XHAq8cVSL3NYXy75JdBiSTz2VmS4mFNgcCRSr3ozQJdK7KRR4fsuv1XSaZpbGyXdf8Md1iLN12Hxo7YfDJBFI5uJJCefMfdCkild5Ey-GZloD5lsE0JFtyHPlsiPOZjX3t7x5ncdFTi_YLu0FyAcPy3pm1eATIecB7l0xsI-FCKr2XXWHvs0ZAv-8gjINe-xz4v3jhMaE7xFs2sL33dKLJg4nF7eaj_Qa6OOiK3oT5aCGGHj09PHE54XmKS2687QGACxh5ZMzVrU97ZYM73luYmP9V0UOJg5oGdy_p4X3xq1Q9nAEqCMWbZ4SaDLsihMdkbDC6cFxMYqFCb87FX2t_SZ6avtnOp7xUz1uA2UHE4jLFeMAEWXuSULXhBgPaEhuhHA8jceoT6eL2jrHV66qd_FnD2CjPDBwp023QdJ5oCAH2Qd7nuQ2i89DnHkBvDbFouhtZL_eHmQ9-o1ID7F52VkCK7JyKuSf8CoXPEJELKsLAVOy2Gj71_GvxBedYVRy698QKKXP17ILtBAw3yfSP_bjMMO64duofyBg6b19NSEyJVSM7Sg6WCM8eZFOsBf4GeIr7WkW0k5wsi33eVrL9hdowjvbnIml-IXhxwl2zgR8I1YkwbjtmZ82qFR83uDlvs4oqgynKhKxxuNoEEBYvo6Njr6h86Wl5YLnGcqi6joeXDIaOJKufuB_nDg0psZU32F_zslI73jrzo2LlGb9zT4bsnOFbBe3hVco0fNTGtmgm5hSZBbkUeaUSzPZTy5nmTtlpepS-1gR6v7aaI6Dy8PCu_hPs4YNnP2P0T2wt31lCTLDdc4JknIbgeKRqhaQE238iEXPc4LWM5MHn3ugWCdh30AHhCE-eBsvcOmhLz6JC3iutQDd_k44VNqCyoPvOGKO4z2ejCTEXIq2RTdaCQO-_ah-cKMtoy2ZEf21iDjajradGuQut30TSxknUFfpC9Fg0Y2o1DV8gJxXrPeQft380hNFDlZL2pRprFCDflBu7o6zkoju9Mve1KLeIC42pzuRX9sKeyQwft8qeHL0i5cVqNqLuFLBOedD_-0a4q5y9ecrgck9NDttdOM4K53J2EguOpd4apiOWITVQocWjdBdEHiyC6MJ9ChWdGg27Q-MJA9o3MyNIDdxYQLnjs-Gedu0lkvLtGy67fm3Vx0toXv4enElnt6jump_wchViFHM3YyRfiXeqUJ5SdlBBPvid9n9s39KYAm8bbi8d68CWWYMrGGU_PsbDker7yO9WUhNhwND2uRL55ANzmGP3Hzw6NxwSVYso4EjKz7go3pSZC2Ot45K30_52MX1rBXnJEjHjqt5-JOWBlFNlzPvrHyLtfuQHr8y1DFGcXGSQdy-av657SCguDmcJfERv3-YMBAJdCFr1fzKMGJZJMTrbbOu4mOK3zOBq7euxjvkDxsiy9iOo8M7PvL_NkVzCoGYrBYnywqN7JJJ_jJFxX9zIjoHhSLRaBjBiLg&pr=8%3A82D8FBF241E2C01A&cid=CAQSQABpAlJWo9dWvMxaKQo2It6rK1dgyxdKJLAVBcTlBYFfDzKbSTcKOvW8l5PhQf5XET4WUIplL12KFoIx_N9r0QMYAQ&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ds=l&xdt=0&iif=1&cor=13474155012308392000&adk=3335017511&idt=246&cac=0&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:11:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11585
x-xss-protection: 0
server: cafe
etag: 30886230758233217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:11:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1727 181 KB
57 KB 266ms
265ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:08 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1727 41 KB
13 KB 345ms
345ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429893
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 03:41:15 GMT

GET
H/1.1 200
OK index.html Show response
crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/ Frame 2958 10 KB
3 KB 580ms
78ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/index.html?clickTag=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKaAfCZmgAAAAMAxBkFAQie_OSnBhDSrMvlu8DH_isYx9KyneCDvkYg8uzGCij9XDC5XDgCQK7Gq9kBSLm0igFQAFoDVVNEYgNVU0Ro2AVwWni1kbMBgAHdhwaIAQGQAQGYAQWgAQKpAQIxJ2zVzNM_sQFh6Zn0dpzMP7kBAAAAoJmZuT_BASnULgFTIdc_yQGLw5lfzQHgP9gBAOABAA..%2Fs%3D008196b0f987b2eb1f70034857e2021fb20d2eaf%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521vhR31gjA8LwZEK7Gq9kBGLm0igEgACgAMQAAAAAAAPA_OglGUkExOjY1NzdAuERJOgZkr3d_7D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjRlJBMTo2NTc3%2Fbn%3D99293%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Ffilme%252F110651%252Fm3gan%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_Megan%2526utm_term%253D7437477_18487615_276438055_455795502_728x90_22132338_11901%2526utm_content%253Dmegan_aout23_DE
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/html5-lib/host/1.4.0/appnexus-html5-lib-host.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 3d25f08d6875cda46f9925099ca7fef76bfcaeba6abe7e84c98cfc06c6ab8a1c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2497
Content-Type: text/html
Date: Thu, 07 Sep 2023 03:06:08 GMT
ETag: W/"ba8ac7331eb58778a95b17e465a11749"
Expires: Sun, 22 Oct 2023 03:06:08 GMT
Last-Modified: Thu, 03 Aug 2023 09:07:00 GMT
Server: nginx/1.21.3
Vary: Accept-Encoding
X-Clv-Request-Id: dde95b98-4084-49a7-b2c0-d99d9415efcb
X-Clv-S3-Version: 2.5
x-amz-request-id: dde95b98-4084-49a7-b2c0-d99d9415efcb

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1211 52 KB
17 KB 354ms
353ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11901&pub_id=1800859
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 07 Sep 2023 03:06:08 GMT
ETag: "623de86a-cf34"
Expires: Fri, 08 Sep 2023 03:06:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 rd_log Show response
fra1-ib.adnxs.com/ Frame 9D34 0
645 B 314ms
314ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&e=wqT_3QLQDvTTAVAHAAADANYABQEInvzkpwYQ0qzL5bvAx_4rGMfSsp3gg75GKjYJAjEnbNXM0z8RYemZ9HaczD8ZAAAAoJmZuT8hKdQuAVMh1z8pi8OZX80B4D8xAAAAQOF6hD8w8uzGCjj9XEC5XEgCUK7Gq9kBWLm0igFgAGi1kbMBeN2HBoABAYoBA1VTRJIBA1VTRJgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDU4OTc2OTEsIDApO3VmKCdpJywgNzQzNzQ3NywgMCk7dWYoJ2cnLCAxODQ4NzYxNSwgMCk7dWYoJ3MnLCAyNzY0MzgwNTUsIDApO3VmKCdyJywgNDU1Nzk1NTAyLCAwKTuSAtkEIXlIVFptUWpBOEx3WkVLN0dxOWtCR0FBZ3ViU0tBVEFBT0FCQUFFaTVYRkR5N01ZS1dBQmcxd0pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFHb0FRR3dBUUM1QWNLMmxmQ2ZndHdfd1FHbmhVWEt4UUhnUDhrQkFBQUFBQUFBOERfWkFUb0daSzkzZi13XzRBR2wtY1VEOVFINEZHUV9tQUlBb0FJQnRRSUFBQUFBdlFJQQE48Ex3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0pHQWdpTVFBUmdDTFpxWm1ULWlBeGNJbjV1b0l4QUNHQUV0QQFR8FJESUhaR1ZtWVhWc2RLSUREZ2lSZ0lJakVBc1lBaTJhbVprX3VnTUpSbEpCTVRvMk5UYzM0QU80UklBRTJaamlDNGdFMjVqaUM1QUVBWmdFQWNFRQFXCQEIREpCCQkFARgyQVFBOFFRBQwFAURJZ0ZzVE9ZQmFlNDZJTUJxUVUFFxxBQUR3UDdFRg0NARAEQkIBNxxFQXpNX01feQkoGGdMOExuUDkyKAAAWgUoAQHAUEFfNEFYbWhnUHdCYi15NkFqNEJkdjc1d0tDQmdORFNFYUlCZ1NRQmdHWUJnQ2hCZwE1BEFBATggcUFZRXNnWWtDAXQNAQBFHQwARx0MAEkdDKh1QVlLmgKZASF2aFIzMWdqQThMd1pFSzdHcTlrQkdMbTBpZ0VnQUNnQU1RDVaIUEFfT2dsR1VrRXhPalkxTnpkQXVFUkpPZ1prcjNkXzdEOVINKhBBQUFCWgEGCQEEQmgJCAEBBEJwAQYJAQRCeAkIAQEQQjRBSWs1gPB5OEQ4LtgCAOACjepa6gJGaHR0cHM6Ly93d3cuYmczLmNvL2EvbG9uZy1mZW5nLXB1LWJ1LWJ1LWRhby1kaS0xMG1vLXlvdS1rZS15b3UtbGkuaHRtbPICEQoGQURWX0lEEgc1ODk3Njkx8gISCgZDUEdfSUQSCDE4NDhhpZDyAhIKBUNQX0lEEgkyNzY0MzgwNTXyAg0KCEFEVl9GUkVREgEwBRAgUkVNX1VTRVISARAADAkgGENPREUSAPIBDwFZEQ8QCwoHQ1AVDhAQCgVJTwFhDAc3NDOBLgDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdnwmoADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYA_TAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODQuMjI3LjE2OS4yMKgEALIEEAgAEAQY2AUg-gEoATAAOAK4BADABADIBADSBA8xMTgzMyNGUkExOjY1NzfaBAIIAeAEAfAErsar2QGIBQGYBQCgBf______AQUYAcAFAMkFAAUBFPA_0gUJCQUL8FsAAADYBQHgBQHqBTkKNeWkqeWkqeimgeiBnu-8jOm-jemzs-eAkeW4g-atpemBk-esrDEw6JCs6YGK5a6i5pyJ56auEgDwBZqeBPoFBAgAEACQBgCYBgC4BgDBBgFdNAAA8D_QBvmPAdoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB92HBtIHDRWhASYI2gcGAV7wbRgA4AcA6gcCCADwB4KEDYoIRwpDAAABim2apTAr_R4DvLLWUon5cvQ3S02w0n_ZUlv7ruyRJjbQordOxHwggzcUMwT8np3PNbXlA4Hceog73J12i32ZVBABlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=0affc33a8422d6931c3edd51e732d0414ace4c2f&bdref=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html,https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
an-x-request-uuid: e541af67-cf61-4295-bc91-d8da56e6e6fa
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.227.169.20; 84.227.169.20; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8963 278 B
170 B 256ms
253ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiNrojGATAB&v=APEucNW2TDquKzVRybMxmHImuCsx_-3WAcWl-jeY5baQbEbk3T_MNAaWMsSdwjhg4jhqSka4yyzsa5kqs0_Xz2HNW9qAAf-fITqsh3ORnrsb2N_svDErFpI

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb-ab/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a87985707fa8a2cd12b5d3879626eccd92c19372ed032b91a7c6f9ea00b6ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 104
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C3B1 86 KB
30 KB 297ms
295ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb-ab/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:08 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C3B1 42 B
110 B 264ms
262ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C8eKrRBHSj5DG7HodrvPyOSgrB_WUksmpsRfizH2kf3KRO-evKcmiXxzItXoSC2upearyHh5Q1v3OzQZoNIalh2In4nNzDyTBsz0sFvV0CU7dRaiI

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb-ab/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C3B1 0
59 B 264ms
263ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2806709469658184802&x=38&ct=77

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb-ab/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame C3B1
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=2fb390bf-5a2c-4484-b56f-eb35edf444e9&google_hm=MmZiMzkwYmYtNWEyYy00NDg0LWI1NmYtZWIzNWVkZjQ...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKnoFisulWGrdh1TZKCj2IE&google_cver=1&ssp=themediagrid&bsw_param=2fb390bf-5a2c-4484-b56f-eb35edf444e9

43 B
145 B

33ms
33ms

Image
image/gif

18.196.96.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKnoFisulWGrdh1TZKCj2IE&google_cver=1&ssp=themediagrid&bsw_param=2fb390bf-5a2c-4484-b56f-eb35edf444e9
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Server: 18.196.96.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-96-246.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKnoFisulWGrdh1TZKCj2IE&google_cver=1&ssp=themediagrid&bsw_param=2fb390bf-5a2c-4484-b56f-eb35edf444e9
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

request.php
hal900010.redintelligence.net/ Frame F380
Redirect Chain

https://hal900010.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=4b4aa4085c&subid=&uid=0a6dd807a658eccd&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900010.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=4b4aa4085c&subid=&uid=0a6dd807a658eccd&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

0
0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 173ms
173ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38u0&_p=160236309&cid=1108116648.1694055964&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694055968&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&dt=%E9%BE%8D%E9%B3%B3%E7%80%91%E5%B8%83%E6%AD%A5%E9%81%93%20%E7%AC%AC10%E8%90%AC%E9%81%8A%E5%AE%A2%E6%9C%89%E7%A6%AE%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
715 B 163ms
161ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694055968630&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1548&pt=1354253083&tz=120&viewable=true&ddast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vB!aniview_inc_vA!dfrc_vA!expl_vE!iiqrc_vA!nonrv_vA!t45!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c569065c32a76fdabd354e28723483ab221a9db68fc807aa2970249b9920e8a

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Thu, 07 Sep 2023 03:06:08 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1473
x-cache: MISS
x-served-by: cache-fra-eddf8230076-FRA
pragma: no-cache
server: nginx
x-timer: S1694055969.751417,VS0,VE32
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8631 37 KB
14 KB 159ms
157ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:31:44 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9D34 0
0 144ms
144ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvp5nNtgKmB-s5yJZWH8eJzQoRSg0imyYz19KpW6GtIPCI3ERaMDSOoubCMCBQH4vdpKf5NTWmyad4oQe1iw0o6HAYuPenymhtT0N2KvbLrio1KldgHeuAyzgXiTQYXcHqQh_Wcy-oRlGo4qRaJVjmWCZg8wSZFR8KOYQD8yNf49KuRBL_hqIBtMkiPH9-zvYsd08Xlh4D9950lup4GdbejcfotW80v2FappXo2hFq3DVa5hGwZavHqLWa-nB0QSWcFUPsqm5-T8bU5X7dFcoHGveTCfWv0JzUC2SUIeVpYhrYSKACQA_WIUBCJDdUpsVmaIiI&sai=AMfl-YSJ09WQJRL4l2Iuwoxo78wH4lMInx9FyqQDANYkv8uvaQk-UZP56IbL4pknS8sVXHkPPWEo7zLohxUGR239afNNRIyAN9-rp-hOfUGnSremxB5cd09GbrKw8WZIEA&sig=Cg0ArKJSzCACKo_46dwqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 03:06:08 GMT

GET
DATA 200
OK truncated
/ Frame 9D34 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2f55f025115a33a39d07b3d75b2574e0d8b2f17b2e5595de0e330bd70466247

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 1211 0
593 B 99ms
98ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11901&pub_id=1800859&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11901&pub_id=1800859

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
an-x-request-uuid: cd100b26-03a4-4ff1-9bb2-3e27cc22413f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 84.227.169.20; 84.227.169.20; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET iframe
sync.teads.tv/ Frame 353A 0
0

GET
H2 200 track
t.teads.tv/ Frame 5087 23 B
134 B 128ms
127ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adAvailable-success&gid=1027220&sid=174681&env=js-web&auctid=d36cb94f-901e-423d-80b9-8b19be62e619_09c9c2b2-aa44-48bd-8cb5-aa80eb21eaf5&pageId=154680&pid=169092&hb_provider=prebid&vid=f39641ff-67b5-4f0c-b5ad-b9b29c83dc5d&pfid=68&f=1&slot=native&fv=1245&ts=1694055968697&plft=flv&hb_w=320&hb_h=50&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 07 Sep 2023 03:06:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET performance-image-dco-3eecf94c-b5de-4879-8c47-9b49acefcbb9.jpg
s8t.teads.tv/creative-f9dbb011-4282-11ee-82d9-4dc2c532ae62/ Frame 51CF 0
0

GET logo.jpg
s8t.teads.tv/creative-f9dbb011-4282-11ee-82d9-4dc2c532ae62/ Frame 51CF 0
0

GET
H2 200 track
t.teads.tv/ Frame 5087 23 B
134 B 111ms
110ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=impression&vid=f39641ff-67b5-4f0c-b5ad-b9b29c83dc5d&gid=1027220&studio_cid=f9dbb011-4282-11ee-82d9-4dc2c532ae62&piv=&ut=1&hb_provider=prebid&psid=415253&auctid=d36cb94f-901e-423d-80b9-8b19be62e619_09c9c2b2-aa44-48bd-8cb5-aa80eb21eaf5&pscid=20204&scid=7024&pfid=68&mediaFileType=js&sid=174681&env=js-web&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&cts=1694055968092&cid=1099924&pid=169092&erevenue=0AvryYcV0q6BCdbHZFa8tN6J&erevenue_curr=CHF&fms=9&p=_cFrqwetY4frsTRqSJzc1jD2cetAqFKU8BNeOjyVllAU4ty-rJPKJbLluJa_Aj75X1AC9c57ea_2GmBfU_TfDJcJvT4BZpCoPMGULuhs195A-W1HqBmB4WT-BBQO9fIKpjYRjkplJWdLHJNg3D58TWoTKGwyEHBoyosfYPTD2rrY0S4cN5Tp7sHFWwZstgwPpmJDAGgRIqJOY03LiHXtdiiFRpm1XfBWROstXSDnNYDAL-llVaTfM1qDNSLeuCk6tAcvvpOPER_MOxaPQFuRzbH9X-Ov6Qbd54phsUrflT1deq1nq6l91lcmsvrllZPE-NBnKVMdEa-u3HGx-FzVtsIw73BfXzvIsBc0AOia3xjtEg&cs=292503432242835941505&slot=native&fv=1245&ts=1694055968729&plft=flv&hb_w=320&hb_h=50&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 07 Sep 2023 03:06:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 51CF 669 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 15F9 13 KB
5 KB 59ms
56ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 47058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:01:50 GMT
expires: Thu, 05 Sep 2024 14:01:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 72E5 829 B
791 B 65ms
64ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

823eda33f73882780460b0256c4ea1f7d364df7ecd9ae0f4218fc2c31cc8f1f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eXMAwtMYDCZMXx0xiXsVFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-eXMAwtMYDCZMXx0xiXsVFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:08 GMT
expires: Thu, 07 Sep 2023 03:06:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 9D34 0
658 B 58ms
41ms Ping
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&e=wqT_3QL9C_TTAf0FAAADANYABQEInvzkpwYQ0qzL5bvAx_4rGMfSsp3gg75GKjYJAjEnbNXM0z8RYemZ9HaczD8ZAAAAoJmZuT8hKdQuAVMh1z8pi8OZX80B4D8xAAAAQOF6hD8w8uzGCjj9XEC5XEgCUK7Gq9kBWLm0igFgAGi1kbMBeN2HBoABAYoBA1VTRJIBA1VTRJgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDU4OTc2OTEsIDApO3VmKCdpJywgNzQzNzQ3NywgMCk7dWYoJ2cnLCAxODQ4NzYxNSwgMCk7dWYoJ3MnLCAyNzY0MzgwNTUsIDApO3VmKCdyJywgNDU1Nzk1NTAyLCAwKTuSAtkEIXlIVFptUWpBOEx3WkVLN0dxOWtCR0FBZ3ViU0tBVEFBT0FCQUFFaTVYRkR5N01ZS1dBQmcxd0pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFHb0FRR3dBUUM1QWNLMmxmQ2ZndHdfd1FHbmhVWEt4UUhnUDhrQkFBQUFBQUFBOERfWkFUb0daSzkzZi13XzRBR2wtY1VEOVFINEZHUV9tQUlBb0FJQnRRSUFBQUFBdlFJQQE48Ex3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0pHQWdpTVFBUmdDTFpxWm1ULWlBeGNJbjV1b0l4QUNHQUV0QQFR8FJESUhaR1ZtWVhWc2RLSUREZ2lSZ0lJakVBc1lBaTJhbVprX3VnTUpSbEpCTVRvMk5UYzM0QU80UklBRTJaamlDNGdFMjVqaUM1QUVBWmdFQWNFRQFXCQEIREpCCQkFARgyQVFBOFFRBQwFAURJZ0ZzVE9ZQmFlNDZJTUJxUVUFFxxBQUR3UDdFRg0NARAEQkIBNxxFQXpNX01feQkoGGdMOExuUDkyKAAAWgUoAQHAUEFfNEFYbWhnUHdCYi15NkFqNEJkdjc1d0tDQmdORFNFYUlCZ1NRQmdHWUJnQ2hCZwE1BEFBATggcUFZRXNnWWtDAXQNAQBFHQwARx0MAEkdDKh1QVlLmgKZASF2aFIzMWdqQThMd1pFSzdHcTlrQkdMbTBpZ0VnQUNnQU1RDVaIUEFfT2dsR1VrRXhPalkxTnpkQXVFUkpPZ1prcjNkXzdEOVINKhBBQUFCWgEGCQEEQmgJCAEBBEJwAQYJAQRCeAkIAQEQQjRBSWs1gPDeOEQ4LtgCAOACjepa6gJGaHR0cHM6Ly93d3cuYmczLmNvL2EvbG9uZy1mZW5nLXB1LWJ1LWJ1LWRhby1kaS0xMG1vLXlvdS1rZS15b3UtbGkuaHRtbIADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYA_TAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODQuMjI3LjE2OS4yMKgEALIEEAgAEAQY2AUg-gEoATAAOAK4BADABADIBADSBA8xMTgzMyNGUkExOjY1NzfaBAIIAeAEAfAEroGGIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBZqeBPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBvmPAdoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB92HBtIHDRVlASYI2gcGAV7wbRgA4AcA6gcCCADwB4KEDYoIRwpDAAABim2apTAr_R4DvLLWUon5cvQ3S02w0n_ZUlv7ruyRJjbQordOxHwggzcUMwT8np3PNbXlA4Hceog73J12i32ZVBABlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=85a2f84f8f80fb5494d9b754f2070dcdebfb0d6f&type=nv&nvt=5&jm=1003&px=236&py=60&bw=728&bh=90&sid=7453720751586205194&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22132338&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=7138&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
an-x-request-uuid: 7b66061f-54a9-42a5-a6b1-9cb5a143e12c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.227.169.20; 84.227.169.20; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B507 22 KB
8 KB 54ms
49ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 333263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 06:31:45 GMT
expires: Mon, 02 Sep 2024 06:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET

sync
ad.sxp.smartclip.net/ Frame 8963
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBDXDpw79sW9vKWnV2N2hcc&gdpr=0&google_cver=1

0
0

GET

m
ad.yieldlab.net/ Frame 8963
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEIq6cI0-_N7gvz3pTmnX2gk&google_cver=1&gdpr=0

0
0

GET
H/1.1 200
OK appnexus-html5-lib.min.js Show response
acdn.adnxs.com/html5-lib/1.3.0/ Frame 2958 9 KB
3 KB 50ms
49ms Script
application/javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/html5-lib/1.3.0/appnexus-html5-lib.min.js
Requested by: Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/index.html?clickTag=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKaAfCZmgAAAAMAxBkFAQie_OSnBhDSrMvlu8DH_isYx9KyneCDvkYg8uzGCij9XDC5XDgCQK7Gq9kBSLm0igFQAFoDVVNEYgNVU0Ro2AVwWni1kbMBgAHdhwaIAQGQAQGYAQWgAQKpAQIxJ2zVzNM_sQFh6Zn0dpzMP7kBAAAAoJmZuT_BASnULgFTIdc_yQGLw5lfzQHgP9gBAOABAA..%2Fs%3D008196b0f987b2eb1f70034857e2021fb20d2eaf%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521vhR31gjA8LwZEK7Gq9kBGLm0igEgACgAMQAAAAAAAPA_OglGUkExOjY1NzdAuERJOgZkr3d_7D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjRlJBMTo2NTc3%2Fbn%3D99293%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Ffilme%252F110651%252Fm3gan%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_Megan%2526utm_term%253D7437477_18487615_276438055_455795502_728x90_22132338_11901%2526utm_content%253Dmegan_aout23_DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a41628988ddb24e6304b002e534b034e517d24b8d6a2465a8eeaf44a8973d070

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Unused62: 8096267
Date: Thu, 07 Sep 2023 03:06:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 31 May 2016 15:39:23 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "574db02b-2499"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 2930
Expires: Fri, 08 Sep 2023 03:06:10 GMT

GET
H/1.1 200
OK ed69b6315775c00d7c97a0e10775c9bb.webp
crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/images/ Frame 2958 4 KB
5 KB 50ms
49ms Image
image/webp 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/images/ed69b6315775c00d7c97a0e10775c9bb.webp
Requested by: Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/index.html?clickTag=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKaAfCZmgAAAAMAxBkFAQie_OSnBhDSrMvlu8DH_isYx9KyneCDvkYg8uzGCij9XDC5XDgCQK7Gq9kBSLm0igFQAFoDVVNEYgNVU0Ro2AVwWni1kbMBgAHdhwaIAQGQAQGYAQWgAQKpAQIxJ2zVzNM_sQFh6Zn0dpzMP7kBAAAAoJmZuT_BASnULgFTIdc_yQGLw5lfzQHgP9gBAOABAA..%2Fs%3D008196b0f987b2eb1f70034857e2021fb20d2eaf%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521vhR31gjA8LwZEK7Gq9kBGLm0igEgACgAMQAAAAAAAPA_OglGUkExOjY1NzdAuERJOgZkr3d_7D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjRlJBMTo2NTc3%2Fbn%3D99293%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Ffilme%252F110651%252Fm3gan%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_Megan%2526utm_term%253D7437477_18487615_276438055_455795502_728x90_22132338_11901%2526utm_content%253Dmegan_aout23_DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: c34b6fd0658589277679404248202dba0dc7d499db90b5f82206d65c8537659e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/index.html?clickTag=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKaAfCZmgAAAAMAxBkFAQie_OSnBhDSrMvlu8DH_isYx9KyneCDvkYg8uzGCij9XDC5XDgCQK7Gq9kBSLm0igFQAFoDVVNEYgNVU0Ro2AVwWni1kbMBgAHdhwaIAQGQAQGYAQWgAQKpAQIxJ2zVzNM_sQFh6Zn0dpzMP7kBAAAAoJmZuT_BASnULgFTIdc_yQGLw5lfzQHgP9gBAOABAA..%2Fs%3D008196b0f987b2eb1f70034857e2021fb20d2eaf%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521vhR31gjA8LwZEK7Gq9kBGLm0igEgACgAMQAAAAAAAPA_OglGUkExOjY1NzdAuERJOgZkr3d_7D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjRlJBMTo2NTc3%2Fbn%3D99293%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Ffilme%252F110651%252Fm3gan%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_Megan%2526utm_term%253D7437477_18487615_276438055_455795502_728x90_22132338_11901%2526utm_content%253Dmegan_aout23_DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:08 GMT
Last-Modified: Thu, 03 Aug 2023 09:07:00 GMT
Server: nginx/1.21.3
x-amz-request-id: 2f6a9d91-678a-4d14-9513-2281d75f38dd
ETag: "6b977f6a7badb0a99d6bc9c124c753c4"
Content-Type: image/webp
Access-Control-Allow-Origin: *
X-Clv-Request-Id: 2f6a9d91-678a-4d14-9513-2281d75f38dd
Cache-Control: max-age=3888000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4418
X-Clv-S3-Version: 2.5
Expires: Sun, 22 Oct 2023 03:06:08 GMT

GET
H/1.1 200
OK 54e5d4a2d423b2acde8d4a7442a4e6c8.webp
crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/images/ Frame 2958 3 KB
3 KB 119ms
119ms Image
image/webp 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/images/54e5d4a2d423b2acde8d4a7442a4e6c8.webp
Requested by: Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/index.html?clickTag=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKaAfCZmgAAAAMAxBkFAQie_OSnBhDSrMvlu8DH_isYx9KyneCDvkYg8uzGCij9XDC5XDgCQK7Gq9kBSLm0igFQAFoDVVNEYgNVU0Ro2AVwWni1kbMBgAHdhwaIAQGQAQGYAQWgAQKpAQIxJ2zVzNM_sQFh6Zn0dpzMP7kBAAAAoJmZuT_BASnULgFTIdc_yQGLw5lfzQHgP9gBAOABAA..%2Fs%3D008196b0f987b2eb1f70034857e2021fb20d2eaf%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521vhR31gjA8LwZEK7Gq9kBGLm0igEgACgAMQAAAAAAAPA_OglGUkExOjY1NzdAuERJOgZkr3d_7D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjRlJBMTo2NTc3%2Fbn%3D99293%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Ffilme%252F110651%252Fm3gan%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_Megan%2526utm_term%253D7437477_18487615_276438055_455795502_728x90_22132338_11901%2526utm_content%253Dmegan_aout23_DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 854a93651d164ac3fb3895c3b246181dd438237aadc59ed21c3e4f0fa1589673

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/index.html?clickTag=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKaAfCZmgAAAAMAxBkFAQie_OSnBhDSrMvlu8DH_isYx9KyneCDvkYg8uzGCij9XDC5XDgCQK7Gq9kBSLm0igFQAFoDVVNEYgNVU0Ro2AVwWni1kbMBgAHdhwaIAQGQAQGYAQWgAQKpAQIxJ2zVzNM_sQFh6Zn0dpzMP7kBAAAAoJmZuT_BASnULgFTIdc_yQGLw5lfzQHgP9gBAOABAA..%2Fs%3D008196b0f987b2eb1f70034857e2021fb20d2eaf%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521vhR31gjA8LwZEK7Gq9kBGLm0igEgACgAMQAAAAAAAPA_OglGUkExOjY1NzdAuERJOgZkr3d_7D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjRlJBMTo2NTc3%2Fbn%3D99293%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Ffilme%252F110651%252Fm3gan%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_Megan%2526utm_term%253D7437477_18487615_276438055_455795502_728x90_22132338_11901%2526utm_content%253Dmegan_aout23_DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:09 GMT
Last-Modified: Thu, 03 Aug 2023 09:07:00 GMT
Server: nginx/1.21.3
x-amz-request-id: acbff958-efdf-4c25-a671-dda726e388bd
ETag: "7e1942c0b2e1f1c01f46dcab77073568"
Content-Type: image/webp
Access-Control-Allow-Origin: *
X-Clv-Request-Id: acbff958-efdf-4c25-a671-dda726e388bd
Cache-Control: max-age=3888000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2904
X-Clv-S3-Version: 2.5
Expires: Sun, 22 Oct 2023 03:06:09 GMT

GET 6c32365b34d60d34fb1cf75252d27172.webp
crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/images/ Frame 2958 0
0

GET
H/1.1 200
OK b97d0598d8d0b3f12b667c1a0dbf34ad.webp
crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/images/ Frame 2958 2 KB
2 KB 104ms
101ms Image
image/webp 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/images/b97d0598d8d0b3f12b667c1a0dbf34ad.webp
Requested by: Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/index.html?clickTag=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKaAfCZmgAAAAMAxBkFAQie_OSnBhDSrMvlu8DH_isYx9KyneCDvkYg8uzGCij9XDC5XDgCQK7Gq9kBSLm0igFQAFoDVVNEYgNVU0Ro2AVwWni1kbMBgAHdhwaIAQGQAQGYAQWgAQKpAQIxJ2zVzNM_sQFh6Zn0dpzMP7kBAAAAoJmZuT_BASnULgFTIdc_yQGLw5lfzQHgP9gBAOABAA..%2Fs%3D008196b0f987b2eb1f70034857e2021fb20d2eaf%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521vhR31gjA8LwZEK7Gq9kBGLm0igEgACgAMQAAAAAAAPA_OglGUkExOjY1NzdAuERJOgZkr3d_7D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjRlJBMTo2NTc3%2Fbn%3D99293%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Ffilme%252F110651%252Fm3gan%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_Megan%2526utm_term%253D7437477_18487615_276438055_455795502_728x90_22132338_11901%2526utm_content%253Dmegan_aout23_DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 4412bd41106c222d07ebe86bef07966735dba8e1966e5e52627f7956a93aa469

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/index.html?clickTag=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKaAfCZmgAAAAMAxBkFAQie_OSnBhDSrMvlu8DH_isYx9KyneCDvkYg8uzGCij9XDC5XDgCQK7Gq9kBSLm0igFQAFoDVVNEYgNVU0Ro2AVwWni1kbMBgAHdhwaIAQGQAQGYAQWgAQKpAQIxJ2zVzNM_sQFh6Zn0dpzMP7kBAAAAoJmZuT_BASnULgFTIdc_yQGLw5lfzQHgP9gBAOABAA..%2Fs%3D008196b0f987b2eb1f70034857e2021fb20d2eaf%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521vhR31gjA8LwZEK7Gq9kBGLm0igEgACgAMQAAAAAAAPA_OglGUkExOjY1NzdAuERJOgZkr3d_7D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjRlJBMTo2NTc3%2Fbn%3D99293%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Ffilme%252F110651%252Fm3gan%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_Megan%2526utm_term%253D7437477_18487615_276438055_455795502_728x90_22132338_11901%2526utm_content%253Dmegan_aout23_DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:09 GMT
Last-Modified: Thu, 03 Aug 2023 09:07:00 GMT
Server: nginx/1.21.3
x-amz-request-id: 9e03addb-244e-444e-8d1f-122c0b28c6a2
ETag: "5d0c912ffe7c1fdeb7f8c6be768a900d"
Content-Type: image/webp
Access-Control-Allow-Origin: *
X-Clv-Request-Id: 9e03addb-244e-444e-8d1f-122c0b28c6a2
Cache-Control: max-age=3888000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1604
X-Clv-S3-Version: 2.5
Expires: Sun, 22 Oct 2023 03:06:09 GMT

GET fd214f3855d5dd0e6db365aa4ab9737c.svg
crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/images/ Frame 2958 0
0

GET 9168a0ffe14be7e073e44c64ff4afb6a.svg
crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/images/ Frame 2958 0
0

GET 1a56d8372ad090c6aa8305a85b9dd23a.webp
crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/images/ Frame 2958 0
0

GET 14b5fb8cf6568613d6ed22ab1a7cfe14.svg
crcdn01.adnxs-simple.com/creative/p/11833/2023/8/3/48836865/images/ Frame 2958 0
0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6D92 281 B
554 B 42ms
41ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 07 Sep 2023 03:06:08 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C3B1 0
59 B 68ms
66ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8934157760696&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C3B1 0
59 B 68ms
66ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8934157760696&version=m202307240101&ct=77&x=38&cor=2806709469658184700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C3B1 18 KB
13 KB 71ms
70ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgrMqIAKipkCZcrJ03EdlfjcDtFwB76mbm_FcfF0lUoXmF57WEL2os2D8NUEKYta50VNptGaD013Y0WcbabXEwedV0g6Sf1sDLn3zPuSz7N2Z3vLRlOY4_buo0giagIEZJi_W3k80v3HdkqohQRIgC4fA5yfU3hQKGjQzdb0xs3So1aik&cry=1&dbm_d=AKAmf-AN5YMrG83hU9C3nvAliKarCnblbxCe4V4M4R7da17G9UGFpFFd671uUUzmzzLXjQGAqVfFpt7VI6G_qDlvXQNYN_a7GeR_EGwMIh6yXJw4itgY-dnvSVLLTBHqVjPD3K0aUsJcFrZRBAl93vWe4IjiyBnk7l9J84-_oY_RHE1_5oltYjZ40vyl0O66V3NKT-BeoiNl7g9LL2qszsK2WUsxkM0iTJPdjrN3BwOck0muo4gQZjct2ogcEggtiRUAouimhdYmdreE9rrtsHTPcV5GCe-nVk8HCD2zEyrguRzUqHjOTXJOghnORUiBG_PcutzFI3rKBwr6TVCbJC-Sh14Aa0zYpw-yLkI2qM3bCqf1tlq4P7_8_qnqRh_ycRkohZ2KIf8W1_OWxWzUv_8Xb2A1sbRJzkJ2adhOEcS8g8dmR46eqvqoZVz4JHxSy5OwScT6eXAqiyjhouViGpfR1vjLcoPE-t-8faQkBtd2j9azdh7SX25AbCYtobNqw8AAsoODAanDjqq6XqpSy_D35YJ--IcGS9MSwCm6-qTiv9n0hXS41mvcbi7H86c5eh-tbm2jIhoCkUsm8Orz_4cMqn3nHjblP9QE5qYnEBaqAmB0Q3RwVXhl2mFO7O1e0u_wdTt0pLZZ3rYqSGTF-UHdB7ACVD14HvnjVseypFlP89BlljqTV-DffsZYR6iNZUdnBauVRo1lr7EW3NWurKDSx2Yecw2IoxidM_lIlxDluVFzDNXqo0kT16HW93oRXJcFhIMV1w4Qbi8pkfO20z7Gmb4WDEF3yLbARMBOZGYfphrWFj1hOJlK8o7OrSnxWRh7BxfMcGP3t_q-8BDH1v0nY8ygw28DFbhzFAJ5OSa8UJ9D74RWeCC1FH4Ok-IhprrTlR3xQZmYmoHCn5vUAD4_KVYMImOvderF3kQn2gJK6eVocaYo-u4jnymnUIUJ4ppqGl05LHSif4D1_33tWMyDvG9e1T98YDobeo3FJz8KbwYmgKW9dCVN0mRv6pdQN1x6UPfJyrXfPgLAVBIdZl0IIN2SJ9iS1ufAZMLguaGbwBuP6Wxa8OvadQISfRzlxR0MxBSkSrXW8MsNYyj5NwKdPvtRebiljasRUwch5JWkPnBDvtBnfdPLzvNaQMjTvUtLNeK8U1G0tTHiocyrsY1E5lzFpboLsYRsiUO9mPq1rr5xa4qmnUS-3WWwrTYJkmvmYa6I8V8w_uUyvk-M9nJS8R-oTARYNQFjRHxCDxUn4RpEzTh8XKxK6pDZRONISV0B2maaGusUDQmh_aU_9aJo-ZLZ_ISzXcvkYgBnYOR-Q_FfuBtkhthkl2abYQtAYzhdL9GPZxmvl1HN1GSR8RBv7-hlPJC5G_pckYdEh_Ls7UtbVRK_R7xYj5elA6QbpKwFkisJ3b1XmgglXbiQVlMZ98qZBuLFAHiHKPkCJZgCUJ46tB9sOnEIpZ3UWtmCgGWw5mkqCZiTbBjAd8gbAtk8HEl7exQnHBwkAe4Sa4G7eHxz0VAa4VXiqr372n0tqNzsZmJDCQUu6LteF_J9kifOAK3HN8ph9-yxaBKbher5Vhf47mnprD5Lqo_mY0fZCOrlbwX-0JLa48U_4gzUJ6kETtsFWS2zwIfIgqakmTyl9TLxAWJFiSDDCqz_i-9ro990PzCUH8i0rmAS-EtXXEjQqeS3myAQW6-l4nqQX8-h04Fq5B_TXm6IuGdmiy6J72hWGa8nuInex8nATFHdmuBVndw0z84Xytmfbz1ySVE2_QqR9lTD_Qw_50TSJmowbqPrrF16KCrOQQaqC1m49xD0Xz6Yo9oHATlf-A1tZEowxCCy7n8VUafs4144mosJi8i9ho23luoBZCh_7uX-JpLbF1DHL483nv3hJkiR-55NzzbtaGnY5hsea6ASQGbD2RVY-POs-ozAaRXN3pprWVjwT6kwQcenzvCo1qQvUosDBI8n1RzpPvqJLBJjxeXXzpoWpNfvDcBbF8h58MO-mBlXZ-LJrjUn1FmAQd9fTVPJl9ohULjrYh4JetUG8KS7WbwZASenAkeMUslEoAo-5MbAuHDbfIZjCmQK_quAD_6l0Hw-ckUAy8ohJyzpuyva9FMFaRYHX-GqREk5yy5FzoNhOgRdKBdo4nVwAWiCKObp5kU5HdNcmnDb4H5B6SVSIiZ4rNQWFl9dbWtTXPL0kbFZEoFaqUb3X7ZpNExtUcJt5r4JdVbhjhxVL3y90bRa-eSMSO2FmEBPZfoozFIOCD3SiE4gGP44twVq3-2H-yW5Ki25qco7Jv_TfQM_z7-m9e8ZrEyOapoRyLwiQN8MBZ71BRQ6HvbsiwaGtYulUeDGtcWxrB9sBLes0Ej4n8GojmmpoPDhRX3fjQzfwEqEjnui0_bsWWTJ99w7NNmWczxcLkdpCfzDZ9NtqVd7BUZ6pATTql1B62_ts3iIbTbDt7PF-YIn_QsdCK5uAZnCOkr7zqicqHHufoGjWXdpRu4AR_82nBvkt7RQZKjbkohCns1SDCse5-pj_uy1uYZTvjhraDBy2G7TPJivfRy--Tonc6XcFRGHKtdriwiRHEGWnWXrrbR6XgOXOxbTZjM8TQmVJVvxevYuw1u8xQoMpMsMGbCN1Tl95RjbcZexsO-E3GRx-KD0gXjawl8wW0Cz5mNh7F5dkJbricsC2ts6qCv6AADc51bqHrix-d95A9FShYIwqVpJGjyrjEfwVIy5cNXPlER3hB_zg_iKcVErroc6FBs7Cis3PlzvHEReKatvNWnPVbs1It7NMkrFD22fehGwS6hpd-ZFpfdYhCEtgXDbZKG-GvUofrsrlThbqcN5yPJ9am3rL2MtAe-fQs1HTt63W-CmvTwa5ZwnLRX-fZVfx2imUCI8A19EWQWchAXg_K8pjTyLTEz18B5jZhMM9IW6sYEknbhVEY6YzC0ee_6I4EtQDdEIk6S5Au0B0fAilkiJ4PQ_TQSjPRaSxlizl8UgoR9MSk-aREePZYqcMgTQn71HjEaynVkRIIefbO2NjwEIVVWlK3tVvpYck04mICZVTO9k9SpQB3ttJm8C_kP8MbPGqE6TTCVn2-gaNF-AuIZy78sVEZCHkvfxSnsPQWq2o8oJuhPSHSRxlb0mH6wqsVPCA9YJjA3vYEoGoV6Mce7m53hXOlm6EyGNl0Ftrh_I05kW7fO6zpWAoCDgWmebHAdyprpnnvk7OJKacIY3XwYQIa8YDM9Z7N7R_JoCaFSj_lnej8TF_5DvX-C7Nqu2vWTw2BS56u_kPXugLV-wiLwzyPA0KKuHWygqYdojGri_zrvJF3OdrtgXdV4-bgAHFEN9Bw2oxHO8FCx53NWNhDMTA0eRt5iZPHPrExmJGuPQLOyFoNXF1y5NIMsgAAHCMYDbkUtKgdHeKB0SPYHyU9XOrA6Id2IPq2fgo_6gP3_8lDtt2kcpRRDoJFbe5rmfxvOf-wEav5KPBfPiaEzIA0UhNw-o89QCOLhjWoS0U9kLfmQKVd7skvdJPon_y79J4XyxJH7fI6kEf8_lk0Ep2bY8LOD5lT2p_0t5h-XmUpSt6te4rCLjhZik6HdeBGEgghMUCiCsn3iVie7HHI3iCseiXHy0JPlRGa3jG_B7byfaTqvmZhEvr2WkjNrX0HgQYWgP6QmS64cFRCve8wnBkQIxeHZcdR96kTDHTpTlpOR9sw651izRYJpaCefeWIsv3DqyRUJg2_9tYX7xmeSNMkQWW22jrGuo_Uqy_W66uyzKdoeaaJnADxrkS1HxBiVuY3ocj4DFakzRiDJzPfbbEZoeh3jHOqb_6-LgQpqpnq9IL9gaUBTfNM4mVmMR6-FZ9w_LzphN8g1vnMD5ugkiqI3ToescpnYRSeMRxz40rzUZ7oliJRJxTa_thzzECMWJ0mJFJJZVb7zOD1ZY-IPL2L7Lj6gKXpotprhGxgvBwAFiPOsXVn1HJ8Cs69byHtaLABPmZWpHic4e&cid=CAQSMgBpAlJWFnPB8_gmAYd2H9uo6NicW-kyVbzmD9H_f53fcq2YxGlFkOKxYXvP2Tkdp1WPGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ds=l&xdt=0&iif=1&cor=2806709469658184700&adk=2658697988&idt=312&cac=0&dtd=25

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb-ab/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f060099cd2df46eaf79e2da9849b64f450da595a04deae82be011d55f7d25805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12967
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8A49 0
45 B 191ms
177ms Ping
image/gif 64.233.176.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lm8l6mro&c=7588704214663&slotId=3794352107331.5&vast_v=4.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.176.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yw-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET pixel.gif
ad.vidverto.io/vidverto/test/ Frame 8A49 0
0

POST
H2 204 csi
csi.gstatic.com/ Frame 8A49 0
45 B 177ms
176ms Ping
image/gif 64.233.176.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lm8l6ndn&c=7588704214663&slotId=3794352107331.5&faa=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.176.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yw-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET pixel.gif
ad.vidverto.io/vidverto/test/ Frame 8A49 0
0

GET
H2 200 frame.html Show response
ad4m.at/ Frame 1542 2 KB
1 KB 41ms
40ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 2152576
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 802bbbee6bb20e11-MXP
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 07 Sep 2023 03:06:09 GMT
expires: Wed, 09 Aug 2023 01:00:19 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPgGiENg0UjVs0KMeU%2Ba8jGd51Rh1LNt9M5Cubvy8CLXXAtg0ObZFLfvGUpmobnmy8i30SMEb3D0Uv1qB3Iw8zP2lOkqUsZ232j6j%2BMUBYPjAKVweBuHC7s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F524 42 B
174 B 78ms
77ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstixkRjW6TzKm81yGPpqaYbJyeCRG1-wZ7HRbMoo4wWFF195t3k1qM3gjEHRD-U_YzzFQZkjAvcJggC0Jejh2bhcgQb7I0My2Gq2igqPfMetrO5htPkhD3zogZ8qeQO17HTkP4omrip1Q&sai=AMfl-YR3thGk4p6RHAUyFx4w9zjNNJGhw05wnRZ3Y_5ZR5JRmZ7XavDuY8vHfSvw4366FRayyBhE53BkUxwDZjxLr6fVcOTeitsOK87SLdT6AqhrmEjdr55lV16dx8k&sig=Cg0ArKJSzLvJbBxwZKjsEAE&cid=CAQSOwBpAlJW2CKi-Chh7NeiHsH09SzBWHJhCc8zltZ3pKbNtunR7iKBmCqKvgOviYcBE5APDgPVZjWAQolFGAE&id=lidar2&mcvt=1089&p=0,0,280,336&mtos=1089,1089,1089,1089,1089&tos=1089,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1587687671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694055966576&rpt=1327&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5087 0
0 75ms
75ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDIOK3FFiSYQhznl0HFh7KaocuucsE81Chbmpf_3ysOFV2aYWs6mlTc3kr5_pfkOdAAxTrNDseNNvfkRD4sKWoKx2tK2ehltMdfBaydNNvsCWeGgmF3ZLgaSV8lZ0nL8_2ANISo_CAmZtHe3XJMwLVJ4J1MiSy7pAu4I6AAuLsbgYwnVsDIux_DdBTxpMRjnrA-St1hGZ2K-RzaYWnLf7eKwLXizpUgozXfkPsgtTwnqYnbga6_PC3v7YYdbJuD-TVM9kTI1MqHM_zQpO10V8UhVlGurqWzbXo5fuSoxOj-vcCTbqW7Hyhfd2tBDstJwSfk6E&sai=AMfl-YS8IbFE9FTfXZQlKPP4I-ExsBKEN7HKrhPl097OjDf20zzYr43ZzSY68Bmfv0Bqgf_eZkqZxRG3OkS3-AzEHWGzCSfE3cmNBvT6pSBcGP0bWDJkOWDYD1ez7BN2cg&sig=Cg0ArKJSzJWcAkPHwnQUEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 03:06:09 GMT

GET pixel.gif
ad.vidverto.io/vidverto/test/ Frame 8A49 0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6D92 34 KB
10 KB 46ms
45ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1e3bcedb3332b5b7a2e29ca7fd39df17b25efa604de0ee0ffcbc8b025d4b81e9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Sep 2023 18:19:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54766
Connection: keep-alive
Content-Length: 10123
Expires: Thu, 07 Sep 2023 18:18:55 GMT

GET
H2 200 pixel.gif
ad.vidverto.io/vidverto/test/ Frame 8A49 42 B
174 B 67ms
67ms Image
image/gif 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

POST
H2 204 csi
csi.gstatic.com/ Frame 8A49 0
45 B 210ms
210ms Ping
image/gif 64.233.176.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lm8l6ne3&c=7588704214663&slotId=3794352107331.5&faf=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.176.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yw-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 72E5 0
0 71ms
69ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=893971139118720&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/long-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 58ms
56ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Sep 2023 03:06:09 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5D73 1 KB
686 B 41ms
40ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 65362
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 08:56:47 GMT
etag: 48472445140208031
expires: Thu, 07 Sep 2023 08:56:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F380 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8031c4428c577ac74515e3ded7408ab572f1b9567a6d2afcaa94c425d79aa3c

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3B1 181 KB
57 KB 71ms
68ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb-ab/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:06:09 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C3B1 41 KB
13 KB 39ms
38ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb-ab/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 03:41:15 GMT

GET 3qgi6h2e4zsz
hal9000.redintelligence.net/zone/ Frame C3B1 0
0

GET
H2 200 3m8HFB-ShPtDzcYempcQY_ASUwv-AHBHVawPPC3Nvm0.js Show response
pagead2.googlesyndication.com/bg/ Frame B507 37 KB
14 KB 33ms
32ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3m8HFB-ShPtDzcYempcQY_ASUwv-AHBHVawPPC3Nvm0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6f07141f9284fb43cdc61e9a971063f012530bfe00704755ac0f3c2dcdbe6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:30:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14740
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:30:20 GMT

GET
H2 200 pixel.gif
ad.vidverto.io/vidverto/test/ Frame 8A49 42 B
174 B 66ms
66ms Image
image/gif 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame 15F9 37 KB
14 KB 40ms
40ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:31:44 GMT

GET
H2 200 bridge3.588.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C88A 721 KB
231 KB 52ms
51ms Document
text/html 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb-ab/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 199834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236614
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 19:35:35 GMT
expires: Tue, 03 Sep 2024 19:35:35 GMT
last-modified: Mon, 04 Sep 2023 19:31:10 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FE50 40 KB
14 KB 76ms
75ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 02:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 07 Sep 2023 03:47:40 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 5D73 70 B
148 B 129ms
128ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECNNzNXenwP_7b0xIxFsQgs&google_cver=1&google_push=AXcoOmSLBk1OaHG4pe3G30qlMcCDnk5v-6OLhMXqK_H1E4TRGN7LxIa1ml8MH14PNjgqpqnFJjxRi1Ku8bC8_yD3DU2eywj3FA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694048766&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694055964592&bpp=1540&bdt=1227&idt=1847&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D4a6315ffbd8320f7%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZ7shHgomaMzXqRrUpa8PpEbCRPpQ&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&correlator=7588704214663&frm=23&ife=1&pv=2&ga_vid=1808553781.1694055966&ga_sid=1694055966&ga_hid=1892573693&ga_fc=0&ga_cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1246&biw=1600&bih=1200&isw=336&ish=280&ifk=2574231912&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077559%2C44769661%2C21065725&oid=2&pvsid=192097958015919&tmod=317346804&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z4cgrncr6h6c&btvi=1&fsb=1&dtd=1862
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET pixelmatch
ap.lijit.com/dsp/google/ Frame 5D73 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D73
Redirect Chain

https://google.partners.tremorhub.com/sync?UIDF=CAESEOxhAuwE96Hw-8X5ZhfNEwo&google_cver=1&google_push=AXcoOmQHI52A6QffZXO-bmkBIVenfTl6qDxY8TLxSHHfP-5GSLrDc8lev7AC-mr12snIcuwMhCwZf3vSShCq3ICiebnRx4_...
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=Y2Q2NWE1N2NmNGQ2NDZjMzkxMTE0Y2U1NDQzZGZjMmU%3D&UIDF=CAESEOxhAuwE96Hw-8X5ZhfNEwo&google_cver=1&google_push=AXcoOmQHI52A6QffZXO-bmkBIVen...

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=Y2Q2NWE1N2NmNGQ2NDZjMzkxMTE0Y2U1NDQzZGZjMmU%3D&UIDF=CAESEOxhAuwE96Hw-8X5ZhfNEwo&google_cver=1&google_push=AXcoOmQHI52A6QffZXO-bmkBIVenfTl6qDxY8TLxSHHfP-5GSLrDc8lev7AC-mr12snIcuwMhCwZf3vSShCq3ICiebnRx4_suhY

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=Y2Q2NWE1N2NmNGQ2NDZjMzkxMTE0Y2U1NDQzZGZjMmU%3D&UIDF=CAESEOxhAuwE96Hw-8X5ZhfNEwo&google_cver=1&google_push=AXcoOmQHI52A6QffZXO-bmkBIVenfTl6qDxY8TLxSHHfP-5GSLrDc8lev7AC-mr12snIcuwMhCwZf3vSShCq3ICiebnRx4_suhY
date: Thu, 07 Sep 2023 03:06:10 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET cksync
cs.media.net/ Frame 5D73 0
0

GET v1
match.sharethrough.com/E4rooAtA/ Frame 5D73 0
0

GET cm
a.rfihub.com/ Frame 5D73 0
0

GET um
sync.teads.tv/ Frame 5D73 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5D73 0
12 B 126ms
124ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3NgfcHquKntSPpfBFiMagDhRoGVrGjdQ0kYD9S_hLBdwW7zBwwcZuqh2FPtfxM9Zb9FQoJtwR

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9006 15 KB
12 KB 133ms
131ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

949eba3bb68d649a177edb6fd32bcd6453bde52cc8c4eb55df1541908a166442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11845
x-xss-protection: 0

GET publishertag.prebid.js
static.criteo.net/js/ld/ 0
0

GET 480_650.mp4
cdn.vidverto.io/secured2/2E0WvoT2YF9F0XWFQsJfAg:1694059564/1327/video/1812/ 0
0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8293 22 KB
8 KB 38ms
38ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb-ab/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 333264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 06:31:45 GMT
expires: Mon, 02 Sep 2024 06:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9006 17 KB
6 KB 47ms
47ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 03:06:09 GMT

OPTIONS rs
ad4m.at/ Frame 0
0

POST rs
ad4m.at/ Frame 1727 0
0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 100ms
100ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

cafe /

Resource Hash

17488a036f4d6ced2e85caccb9bf3c9a41d336c12d21b7e691d9ffabb3c56816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11818
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 48ms
48ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=1321&cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&dr=&dt=%E9%BE%8D%E9%B3%B3%E7%80%91%E5%B8%83%E6%AD%A5%E9%81%93%20%E7%AC%AC10%E8%90%AC%E9%81%8A%E5%AE%A2%E6%9C%89%E7%A6%AE%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1694055967&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=9842&epn.domain_lookup_time=11&epn.tcp_connect_time=892&epn.redirect_time=0&epn.server_response_time=1096&epn.page_download_time=1&epn.content_download_time=2038&epn.dom_interactive_time=2038
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
119 B 32ms
31ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E9%BE%8D%E9%B3%B3%E7%80%91%E5%B8%83%E6%AD%A5%E9%81%93%20%E7%AC%AC10%E8%90%AC%E9%81%8A%E5%AE%A2%E6%9C%89%E7%A6%AE%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-vdDVw0n1Qil9-Pi2rro5AQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=9842&dns=11&tcp=892&rrt=0&srt=1096&pdt=1&clt=2038&dit=2038&a=1321&z=0.9371691657291685&gtm=45De1110&t=timing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Sep 2023 13:29:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48994
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3D96 15 KB
6 KB 44ms
43ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb-ab/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:09 GMT
server: Kestrel
server-processing-duration-in-ticks: 721928
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF01 13 KB
5 KB 33ms
32ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 47059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:01:50 GMT
expires: Thu, 05 Sep 2024 14:01:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 33DC 829 B
786 B 56ms
56ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e7c94ac70405acfe546c5d4fcf6891a1064bed305890e0e5f82346958f1d05b9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2sR5685x_PkZjkH0r_HBiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-2sR5685x_PkZjkH0r_HBiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:09 GMT
expires: Thu, 07 Sep 2023 03:06:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 /
onetag-sys.com/usync/ 0
287 B 43ms
43ms Image
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 1211 0
594 B 37ms
37ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11901&pub_id=1800859&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11901&pub_id=1800859

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:09 GMT
an-x-request-uuid: 3da9bc5f-ef21-4fd5-980f-c81cc5e902eb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 84.227.169.20; 84.227.169.20; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8293 37 KB
14 KB 36ms
35ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:31:44 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C88A 156 B
186 B 166ms
164ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1113736066660483&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3976201203&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F2E0WvoT2YF9F0XWFQsJfAg%3A1694059564%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=C5104CF3-5497-45E1-932B-7520806786A6&a3p=EhkKCnB1YmNpZC5vcmcYqcrq7KYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJu36uymMUgAUgIIZBIZCgp1aWRhcGkuY29tGJu36uymMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lUekZrTXk5R1JrMVNlalozZGpsRlZGZE1TamxqZHowOUluMD0Yuc_q7KYxSAASGwoMaWQ1LXN5bmMuY29tGMfN6uymMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&dt=1694055969759&cookie=ID%3D4a6315ffbd8320f7-224cc06a68de000f%3AT%3D1694055963%3ART%3D1694055967%3AS%3DALNI_MaE88QPL5KcM6r0-2OWbkdbTqFwmA&gpic=UID%3D00000c6ff3b62851%3AT%3D1694055963%3ART%3D1694055963%3AS%3DALNI_MZZm5ZoAQNQV0UJU_n6M0y0kgA7jg&scor=2567731648291012&ged=ve4_td8_tt3_pd8_la8000_er1172.240.1173.960_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
t.teads.tv/ Frame 5087 23 B
134 B 86ms
84ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=visible-1&vid=f39641ff-67b5-4f0c-b5ad-b9b29c83dc5d&gid=1027220&studio_cid=f9dbb011-4282-11ee-82d9-4dc2c532ae62&ut=1&hb_provider=prebid&psid=415253&auctid=d36cb94f-901e-423d-80b9-8b19be62e619_09c9c2b2-aa44-48bd-8cb5-aa80eb21eaf5&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&cts=1694055968091&cid=1099924&pid=169092&p=Dr5IXgH_0_cIWOg1Qfb7_t3fmzUsgBOg5isD4gcX-lWOhXd1lOHh6HnfpowYi3p1u_6R9gTSx3exqnKscwPkQknzigu29cH4aV0cEyR1YP2FGtaq5UyijbV5z1MUtCfSaCTfyO1elPPGYwSg8q-zxi5J16gmVjrU7u5q_b-bt7J1eknQ_8oP4pr10qMSk-wu32k-ci_4oT0_8MBn-7sSGTn-CRfvoB9amNcMKgJqEU8kBCjXHkSNc-lFoGHnNbhPCbLpJmhGMCXlfKsV8CHArtw_rrQ83vLmTNLRutJfGwuWIW40G3wc67HY1B8zQAJ2HEVkw-I-MljSGPQBU_05Qxj0X1gjpNwkMgkCsyjntV3X5A&cs=-532442669910680934705&slot=native&fv=1245&ts=1694055969762&plft=flv&hb_w=320&hb_h=50&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 07 Sep 2023 03:06:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9D34 42 B
108 B 71ms
70ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvX7mSjwS3PybvJqPiMurc8mu53FUH1bCxY0ZtAoQz5wbc7B-73pDbTjuKY5YV_vZYPx_kPSIQ9DJFaBAVXARD30OD44nYKTf_awNDmS5Yrbx5UxpK-ZEbrD6ct7vYA&sig=Cg0ArKJSzMz3MY2vgclTEAE&id=lidar2&mcvt=1103&p=60,236,154,964&mtos=0,1103,1103,1103,1103&tos=0,1103,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=19&adk=3805778231&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694055967611&rpt=1068&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 45ms
44ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb-ab/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 03:06:10 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C88A 0
45 B 143ms
143ms Ping
image/gif 64.233.176.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lm8l6nuz&c=7588704214663&slotId=3794352107331.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.176.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yw-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 9D34 0
658 B 41ms
41ms Ping
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html&e=wqT_3QL9C_TTAf0FAAADANYABQEInvzkpwYQ0qzL5bvAx_4rGMfSsp3gg75GKjYJAjEnbNXM0z8RYemZ9HaczD8ZAAAAoJmZuT8hKdQuAVMh1z8pi8OZX80B4D8xAAAAQOF6hD8w8uzGCjj9XEC5XEgCUK7Gq9kBWLm0igFgAGi1kbMBeN2HBoABAYoBA1VTRJIBA1VTRJgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDU4OTc2OTEsIDApO3VmKCdpJywgNzQzNzQ3NywgMCk7dWYoJ2cnLCAxODQ4NzYxNSwgMCk7dWYoJ3MnLCAyNzY0MzgwNTUsIDApO3VmKCdyJywgNDU1Nzk1NTAyLCAwKTuSAtkEIXlIVFptUWpBOEx3WkVLN0dxOWtCR0FBZ3ViU0tBVEFBT0FCQUFFaTVYRkR5N01ZS1dBQmcxd0pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFHb0FRR3dBUUM1QWNLMmxmQ2ZndHdfd1FHbmhVWEt4UUhnUDhrQkFBQUFBQUFBOERfWkFUb0daSzkzZi13XzRBR2wtY1VEOVFINEZHUV9tQUlBb0FJQnRRSUFBQUFBdlFJQQE48Ex3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0pHQWdpTVFBUmdDTFpxWm1ULWlBeGNJbjV1b0l4QUNHQUV0QQFR8FJESUhaR1ZtWVhWc2RLSUREZ2lSZ0lJakVBc1lBaTJhbVprX3VnTUpSbEpCTVRvMk5UYzM0QU80UklBRTJaamlDNGdFMjVqaUM1QUVBWmdFQWNFRQFXCQEIREpCCQkFARgyQVFBOFFRBQwFAURJZ0ZzVE9ZQmFlNDZJTUJxUVUFFxxBQUR3UDdFRg0NARAEQkIBNxxFQXpNX01feQkoGGdMOExuUDkyKAAAWgUoAQHAUEFfNEFYbWhnUHdCYi15NkFqNEJkdjc1d0tDQmdORFNFYUlCZ1NRQmdHWUJnQ2hCZwE1BEFBATggcUFZRXNnWWtDAXQNAQBFHQwARx0MAEkdDKh1QVlLmgKZASF2aFIzMWdqQThMd1pFSzdHcTlrQkdMbTBpZ0VnQUNnQU1RDVaIUEFfT2dsR1VrRXhPalkxTnpkQXVFUkpPZ1prcjNkXzdEOVINKhBBQUFCWgEGCQEEQmgJCAEBBEJwAQYJAQRCeAkIAQEQQjRBSWs1gPDeOEQ4LtgCAOACjepa6gJGaHR0cHM6Ly93d3cuYmczLmNvL2EvbG9uZy1mZW5nLXB1LWJ1LWJ1LWRhby1kaS0xMG1vLXlvdS1rZS15b3UtbGkuaHRtbIADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYA_TAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODQuMjI3LjE2OS4yMKgEALIEEAgAEAQY2AUg-gEoATAAOAK4BADABADIBADSBA8xMTgzMyNGUkExOjY1NzfaBAIIAeAEAfAEroGGIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBZqeBPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBvmPAdoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB92HBtIHDRVlASYI2gcGAV7wbRgA4AcA6gcCCADwB4KEDYoIRwpDAAABim2apTAr_R4DvLLWUon5cvQ3S02w0n_ZUlv7ruyRJjbQordOxHwggzcUMwT8np3PNbXlA4Hceog73J12i32ZVBABlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=85a2f84f8f80fb5494d9b754f2070dcdebfb0d6f&type=pv&jm=1003&px=236&py=60&bw=728&bh=90&sf=1&sid=7453720751586205194&vd=ct~0|rr~6&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22132338&cid=3&cr=pv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
an-x-request-uuid: a55e17e2-6587-40ca-9bf9-17e9e343ad6e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.227.169.20; 84.227.169.20; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 719ms
73ms Preflight
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bg3.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 07 Sep 2023 03:06:10 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 205406
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
368 B 42ms
41ms XHR
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 181719
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
418 B 58ms
57ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 05c7b7f508a483685142da9f852d7367a064dc2d9d8497b11d543bfad8f9a395

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Sep 2023 03:06:10 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sat, 07 Oct 2023 03:06:10 GMT

GET checksync.php
contextual.media.net/ Frame 89F9 0
0

GET ixmatch.html
js-sec.indexww.com/um/ Frame 2011 0
0

GET sync
eb2.3lift.com/ Frame 8FFE 0
0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame DC7C 3 KB
1 KB 66ms
66ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1694055966311

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

d62ae44412dfbb6e76930277e1a9dde1d6b62e12814185dd38bc95b07a493205

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1016
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET sync.html
public.servenobid.com/ Frame B2C6 0
0

GET
H2 200 pd Show response
adpushup-d.openx.net/w/1.0/ Frame F0CA 504 B
635 B 74ms
62ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpushup-d.openx.net/w/1.0/pd
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 586afd4ac994197b8fda751eb10b26845c9ab77c51c030b042b61c3603ca60f9

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 321
content-type: text/html
date: Thu, 07 Sep 2023 03:06:10 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 204 isyn
prebid.a-mo.net/ Frame 24BC 0
0 47ms
45ms Document
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Thu, 07 Sep 2023 03:06:09 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 1

GET
H2 200 / Show response
csync.smilewanted.com/ Frame D37B 6 KB
2 KB 81ms
64ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 802bbbf54a08baa3-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 03:06:10 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1D0B 52 KB
17 KB 58ms
58ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 07 Sep 2023 03:06:10 GMT
ETag: "623de86a-cf34"
Expires: Fri, 08 Sep 2023 03:06:12 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F057 281 B
554 B 44ms
43ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 07 Sep 2023 03:06:10 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 3D96 425 B
554 B 56ms
55ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=3&topUrl=www.bg3.co&bundle=9Ldarl9JWjM5dW9oV3U0QnIyRTVWRmJLeTdEZ05XUCUyRmg4N3dyek83bGFRT3hsUVludUtsZUhWZEdjcFl5dUZseSUyRldCbiUyRkYxamV3MzRYQTY5dEJsN2VVWnZnRlRaZWpyblJFemZpNXI2ZjVNS1BlazJ0VGIxMTYlMkJmalJJemQxdHVWTTg1ZFJGV3ZVSDRhMkdMVlVZcnllNiUyQkVnJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fdc549a83e32ca1a144890c29a43413f8234cc2eb270b353cbdfe9dd08718914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:09 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 849005
expires: 0

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 415 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 414 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET 480_650.mp4
cdn.vidverto.io/secured2/2E0WvoT2YF9F0XWFQsJfAg:1694059564/1327/video/1812/ 0
0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5087 42 B
108 B 73ms
72ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNxihaP6B2CEgZpAHLU8-SQTt-Jy2PhymwpbubjPwyN9CfRXc8f8-e3ardusSDEsOP1d6TNvSLvwrMoQzWYr2nvhbR1V2-WrhdWMIUZWr4rZrkMeuh0jeU63jMePg1&sig=Cg0ArKJSzJAWZz5slUC3EAE&id=lidar2&mcvt=1079&p=1110,485,1160,805&mtos=1079,1079,1079,1079,1079&tos=1079,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694055967563&rpt=1458&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8631 0
61 B 72ms
68ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUC2DHz75ZMKAIMvVgQeM5IBIAAAAADgB4AQC&bg=!Dg2lDULNAAa6D61Rmg87ADQBe5WfOPNfwg8HAxmtHCO_j9fMNAuEAV-wfg_3ZX5dQZ_Bkm1js5Q-j3Ud1_N9u3Jh3JJWAgAAAqZSAAAAy2gBB5kC7SfEDriPgL9VaZZNltuKP01vyt1LgwJwUUXHBGdm-R__7rMO2zZl2BfYtdvqsoUczIFxtQOYFc4LNE2ZKcTiQSDlhQp7741D-tKbmP26BOkgMlg1K0EIUWKImbrEpeqia0yOTiqpUGNtv-DcqCYhVyWN8ki_mGtj1SyNITWqDdTa2TCpeQXv0fb-YDVVwAmjdJeCq_rXODxJGApC58vGYUUFDoWd_vLCmXji_bbvC28O7fE6qxtgabSDa5W2MpNqiE3t7RNuCKoz3fOyKqaxmDde3mzunvzkoGu5iy9rpVAAbzCM_vuFgfp6_bX8c5NM7SKp8XAaJxAm1QCDKkHP2tn7MMVs3lyAmVbSZUN_S4oQ_IYqdsrmWLuyWbQPFVOaSN7dT4pcyi-ZW51QHMVQhLk0lY_Stiipu6ZxUTj3pjMUB5AHmENh_pPEXo-oxZ2BqdOxJ98t753RH8NvceT8-B0HFTHS4h-tKpF4ZHhfNiN9dnHf7zlUewQjWNPO1PVi7VZ7knd5OnZA4YyEilpV0GNbN-qVK__3meP6L-SbcqzZ-F_nyapI7k0JtJdu7W9QA8euEa0YsLC1gbT4gVNZia6AinkmF9qb8QV6XCvF2bIBTjwQw8rEv2-ntB_qwvjQyZYieBfLF94vMFygkgxH0jIpD5ca307g6-nl99OH3fxRj-SR0JqW7qORSmj7xAGoNE4z2oXIpjMukKK7hHtEspkeJdOL_a_Q8ncPm_b5z_xHKh9D2KYl1AkwuMFkCILJXAt_2G8_BpbMvqWIdT0bA8rr_Nxgv7_ookUuF4mv2ya7WGjY39IWNEQXvRB4ZWPBkl19lUrPIKj8HukY_5hZc_-BoJO3Zu1csihInUAksOSy5X1FcvWMXwTp0KwBRV-k18ca_W6ZRHiJg9NDcaZuCS4V4JJdLKvQnm7it5TBPyPxgP5GmBbJg7N82r4G6EzhT6n_VVB_OSYZZlzccWz3J7l4rny15u5sqSXe3f9w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-63-33-112-209.eu-west-1.compute.amazonaws.com

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 15F9 0
39 B 37ms
37ms Image
text/plain 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hL0C3g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F057 34 KB
10 KB 46ms
46ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1e3bcedb3332b5b7a2e29ca7fd39df17b25efa604de0ee0ffcbc8b025d4b81e9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Sep 2023 18:19:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54765
Connection: keep-alive
Content-Length: 10123
Expires: Thu, 07 Sep 2023 18:18:55 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F0CA
Redirect Chain

https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=34312150dacc16e5&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIIkVm9b9lmAMmM8iLAAAAAAA&expiration=1694142370&nuid={OX_USER_ID}&is_secure=true

43 B
106 B

51ms
50ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIIkVm9b9lmAMmM8iLAAAAAAA&expiration=1694142370&nuid={OX_USER_ID}&is_secure=true
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIIkVm9b9lmAMmM8iLAAAAAAA&expiration=1694142370&nuid={OX_USER_ID}&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

dds
rtb.openx.net/sync/ Frame F0CA
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=N63CmVFNwecMHVVM74x0NA==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
58 B

52ms
52ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7c3c2ee1-6867-ea80-dbbe-0f0ec3c283c7
pr-bh.ybp.yahoo.com/sync/openx/ Frame F0CA 43 B
600 B 71ms
70ms Image
image/gif 63.33.112.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/7c3c2ee1-6867-ea80-dbbe-0f0ec3c283c7?gdpr=0

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.112.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET

sync
dsp.nrich.ai/bidswitch/ Frame F0CA
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=2fb390bf-5a2c-4484-b56f-eb35edf444e9&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

0
0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F0CA
Redirect Chain

https://creativecdn.com/cm-notify?pi=openx&gdpr=0
https://creativecdn.com/cm-notify?pi=openx&gdpr=0&tc=1
https://us-u.openx.net/w/1.0/sd?id=537073053&val=F0thiCOTH5FqFIRNVNPN&pi=openx&gdpr=0&tc=1

43 B
106 B

75ms
72ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073053&val=F0thiCOTH5FqFIRNVNPN&pi=openx&gdpr=0&tc=1
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073053&val=F0thiCOTH5FqFIRNVNPN&pi=openx&gdpr=0&tc=1
pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT, Thu, 07 Sep 2023 03:06:10 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F0CA
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qM2SPq2cxWGzwcJmqp_ZYqvMljezy8Vlqcl8wbVZ

43 B
106 B

43ms
42ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qM2SPq2cxWGzwcJmqp_ZYqvMljezy8Vlqcl8wbVZ
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qM2SPq2cxWGzwcJmqp_ZYqvMljezy8Vlqcl8wbVZ
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 33DC 0
0 72ms
72ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=192097958015919&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1029 13 KB
5 KB 40ms
33ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb-ab/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 47060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:01:50 GMT
expires: Thu, 05 Sep 2024 14:01:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0650 829 B
786 B 42ms
40ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb-ab/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3d8b159a82ef4ce39010dd4cd1ac2e1ded2f3e0ab5fbf5c12f20cb9f8e587647

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_BQbb0xgWq2YuGH4y3DLsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-_BQbb0xgWq2YuGH4y3DLsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:06:10 GMT
expires: Thu, 07 Sep 2023 03:06:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 1D0B 0
594 B 39ms
39ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
an-x-request-uuid: 5c861566-f51a-4df8-ba6d-6ea6879178c2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 84.227.169.20; 84.227.169.20; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame DC7C 43 B
443 B 30ms
30ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694055966311
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x31 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:10 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x31 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Thu, 07 Sep 2023 03:06:09 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame DC7C 42 B
753 B 33ms
33ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=jXBbgvFM4vio8Ksvd0bz3LBzx-rFTEL9WiimOY5OGTQ
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694055966311
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 400 711916.gif
id.rlcdn.com/ Frame DC7C 0
0 41ms
39ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694055966311
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DC7C 70 B
148 B 62ms
60ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694055966311
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:10 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame CF01 37 KB
14 KB 62ms
61ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:31:44 GMT

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame D37B 48 KB
12 KB 77ms
47ms Script
application/javascript 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 483156
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 802bbbf71abcbaa3-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F380 0
62 B 78ms
76ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7837288841920&version=m202307240101&ct=77&x=1&cor=3234175079205439500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1727 0
62 B 68ms
68ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2818884787091&version=m202307240101&ct=77&x=8&cor=13474155012308392000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B507 0
62 B 86ms
86ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCKBqHz75ZN_HOoH33gO1n7CwAgAAAAA4AeAEAg&bg=!aGulayTNAAYoa5rMCGs7ADQBe5WfOMa8w0mxXXBWCUMTvysekCLKWEH6L6MudlrqD3KrSkQE11xzhUaINV0RI7wwC3tXAgAAA2RSAAAABmgBBwoAceyrUA-H6O6dkp1aLXo34pd8wlHn4c61sVHINzRD7SRUmxQJKCPchXwtys6qcdTalsQ1l9q99XZ8OHhs4ABVMOE6vYsm2SBM0GcvJhA4AolA6inna0WW-XCWKWQpRNnKxOxK6DCDIP7bn813jxLtnqiemQLSpIuhKl2Dlsa5_H_S7GnDpmFXwkkK2UrbOAvD7cxibLaypcg5g-WoYzO20niL9Dcw_K-axs-6jpcdjFF4g-2Cs70-uxrVL09oZpXUw8FuztQtZRFer7XXEQQ_60wnjvQv47PrAOq_HLoXsNLtprNxy7Tff9qWjfFZoPiqe6Bk13XipI1oJtjN_sshNWkXtivoJP05PrkcItkvq6tWJFgWTahEPeRN7RhIZPwzuU_6Fy1MRy7Ok5NJ2teN8K6-TEgDmbM46B_enlyL7QcMVTgo9BKAY9hF87jyh28cphVmwuTAfiSa12TSGoSZ4XThi466P63DvFljgGwmD0DCZVi4ELvjCL_nSnwxQo8z-Try93WtucxDwkMMz55pqYap331hEnxN8zGAOVe0zHLsoKualbD9fBQoqCttYkgzeC7jwU6oE2qxsdY8UE9ydZfP1yZQnITD43BT8fs2JpH1JTmvrAzoJ3q3EiRVfSAh2R1Jn3qoXYFjUIOKiSSPcRCXTqoQR698TaKQodwV2kq4ce_7lo1kvXNcnKfNUZM11MGDqt1jsJXwhoxJ5fNJ9xYcaeVicYAotnXwMP9sP4v35Cz_P2ypbk6knfuOUB7STFISLQjQAx8cWWxwilnd-xQSZoLmFLa_oHIthc0FAyDwgErFKqWaA-KQysAZb7aSDdGdWx3iPajEijLBuQGkDf1DQXiqeJqB2Ygl6ePdaH_Bhn2d-PuId-rjP0zSGH0Jz5qxEATtO_wdFzJfCUxiUR9XmEAjREUqgPVZ7-oUT-Axfq28dI196VAj5hBQxQF3ZffyDeTh5OE0f_EavC_cft2XtLwfu2uebEReSnDn2hKhjBQLdTtB6_ektOwNuhA5bEYQANWwwrhjfu94OaEox4y__7pzTRUdQ2iXlFOA85fWprJrqkiXVtawvff7sWr0DZxhHmCgeRdCFjPUEKB5-F1IdC3CQJY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0650 0
0 69ms
69ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=4223211401508245&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET 480_650.mp4
cdn.vidverto.io/secured2/2E0WvoT2YF9F0XWFQsJfAg:1694059564/1327/video/1812/ 0
0

GET
H2 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame 1029 37 KB
14 KB 71ms
70ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:31:44 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame B5E9 0
328 B 84ms
84ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 802bbbf8ab5ebaa3-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 03:06:10 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 6D3C 3 KB
1 KB 33ms
33ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

c4aac89b7521221645daae34a8e54b5a9898ba223821c5ea8224398187fda7db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1062
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 6D3C 43 B
443 B 31ms
31ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x24 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 03:06:10 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x24 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Thu, 07 Sep 2023 03:06:09 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6D3C 70 B
148 B 56ms
55ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:10 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 6D3C 42 B
753 B 38ms
38ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=QoPQSRql3PtrykBu9VtJvzYY413Uj5azMPf58AHVUhM
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 6D3C 0
0 44ms
43ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 QoPQSRql3PtrykBu9VtJvzYY413Uj5azMPf58AHVUhM&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame 6D3C 0
411 B 55ms
54ms Image
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.smilewanted.com/set_partner_userid_get/onetag/QoPQSRql3PtrykBu9VtJvzYY413Uj5azMPf58AHVUhM&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 802bbbf93b9fbaa3-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET pixel
ap.lijit.com/ Frame 0694 0
0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C3B1 0
62 B 70ms
69ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8934157760696&version=m202307240101&ct=77&x=38&cor=2806709469658184700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
t.teads.tv/ Frame 5087 23 B
134 B 65ms
64ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=visible-2&vid=f39641ff-67b5-4f0c-b5ad-b9b29c83dc5d&gid=1027220&studio_cid=f9dbb011-4282-11ee-82d9-4dc2c532ae62&ut=1&hb_provider=prebid&psid=415253&auctid=d36cb94f-901e-423d-80b9-8b19be62e619_09c9c2b2-aa44-48bd-8cb5-aa80eb21eaf5&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&cts=1694055968092&cid=1099924&pid=169092&p=bCiXpPcw4okpvK21xU3iFaFNX66BeHTp2Px1Ro-ZZoM6ZyuRml5TBddkmm8lZDlXnJKq70hIhT0rxjGIBPzakotZDrbp1ouBalue4oliTyoLLPi5YOi0wpx1BbsAd1Bn-S7LbUz4sO79dpvGCD-d5s5G8CregWvt-0hsUKz64-nLDGjHTZJK7l25V-XDDOWaGS-hE_ZIZvceyuImyVUaz8sYcPqVM6LPTD3B38khaSceF1auPtICkTfYf6s5KjgCpiiiyfmFuw1sUmMPC605x1gnk90yXGSupJ9exN-_hlTWMwskGrv6Oex0VYxiJ-VhjtVjB6jp6PpMxQTtJFy1fLJdYdCxGW33YQMYG2lcwrjCMQ&cs=-389655325060723479405&slot=native&fv=1245&ts=1694055970807&plft=flv&hb_w=320&hb_h=50&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flong-feng-pu-bu-bu-dao-di-10mo-you-ke-you-li.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 07 Sep 2023 03:06:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET /
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame 2AB3 0
0

POST
H2 204 csi
csi.gstatic.com/ Frame C88A 0
45 B 133ms
132ms Ping
image/gif 64.233.176.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lm8l6o6q&c=7588704214663&slotId=3794352107331.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.176.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yw-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET rmpssp
sync.1rx.io/usersync2/ Frame 103E 0
0

GET
H2

200

3d45481a-0d4d-53fa-9b2d-d842ffd4e65c Show response
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 9E74
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
https://csync.smilewanted.com/set_partner_userid_get/betweenx/3d45481a-0d4d-53fa-9b2d-d842ffd4e65c

0
492 B

62ms
62ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/betweenx/3d45481a-0d4d-53fa-9b2d-d842ffd4e65c
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 802bbbfb1c3cbaa3-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 03:06:11 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://csync.smilewanted.com/set_partner_userid_get/betweenx/3d45481a-0d4d-53fa-9b2d-d842ffd4e65c

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8293 0
62 B 68ms
68ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYD_KIT75ZPNpisDuA-aalmAAAAAAOAHgBAI&bg=!QUKlQg3NAAa6D61Rmg87ADQBe5WfOLG0std79ImI4pTnG3pxGc9CQmtPwKFlyP_Ns_9L9t-9yy_RdWoiLeTvJGMHhEkJAgAAAmxSAAAAB2gBB5kCwTrRM3ayFTwjvlpatoJd0xZmeCODK9gD39__lcsmNqTbxEBcdVouY_Df1HHOxmQFYcKCv479uY5-ihfe4N-foOm1ahiXb5nuXwL_yzATtAxzAcAIaGVSRyK-ZuYtAsK-w7xv9IW6KT16dQIWaa3oSF2fRqLAhNSB_B46_fckU5mTusLXOSKgtOD8G3rxlBW3YmkXZ6UY8si4Ny4vcTqAY9AhiGQXNK4vOZueqluEXDC6QLGFQQn1nKNqT9i88w3iEclB5aTyVQweM2owr6sqPVt_mh_d9dPz9LIEE9eNvP3F4WDpBz-wiHBs9lRmu1zduEu5UulEJ6lhieC_K-8sgPCoNQ9BezV3j3tuCwCeIHtXV899M0oMWUa2p9oKiOJEUlZwSbjFy8ixPUHysPd97B862tny-lIe8Tpr-zlBrg7RieAh3kQVnTjNc6IH_VKCRjlTA8ZT2U1sdMtv2nOKBdltfMnG485W2FmnMS3Qq2RQUPa0EPjkeY7Q9Cd3pjMpKCdy2hv7QjNw19MGmtyalEMiQDMnpTfCQpZpdjMGA8CVyqg_gWQ__SvcY81onzSBqm5z3bEEedAjsBrcXBkbK9lj9YCbz_TQTaXk_kdq-cHab3ofkX39CjBT4UXoGvefHPLIWqfcvIBNjCtrGLPcsxEEcuBL0jbc6I_1EBn2xdYjCljNsekW4hfZMQfid9YV2zIxwwTg6D6VHnlUXq47iUfE-L1C2uADCZNVeuG7iirKerO-Z8gR7l_mv9XtVlhNEAUPiixwlVeK35wn21m6LdNu9D13rX-vuzoVhMCHvw5ujRJM_kGH3VJAqdkwy7w3xSO1pgWwAHYu83RZ-J4sll0iwS7091hv1BJgveR_mrVfeUzxhXclNP2OZZdz1bweg3x3boHgz_j8iJMMdBkdsxrfHy4YKLADwzJvjBOkxIcGbA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET smwt256.gif
us.ck-ie.com/ Frame 24A3 0
0

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame CF01 0
39 B 31ms
31ms Image
text/plain 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?x71TLQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET cookie
cm.adform.net/ Frame DB5B 0
0

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 1029 0
39 B 35ms
35ms Image
text/plain 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?aq76dQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:06:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

16404eb5bf57c10c3c56537d6c7c9 Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame ACB3
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/16404eb5bf57c10c3c56537d6c7c9?gdpr_consent=&gdpr=0

0
514 B

67ms
66ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/16404eb5bf57c10c3c56537d6c7c9?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 802bbbfd5d24baa3-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 03:06:11 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Thu, 07 Sep 2023 03:06:11 GMT
Expires: Thu, 07 Sep 2023 03:06:11 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/16404eb5bf57c10c3c56537d6c7c9?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1694055970837098-376

GET 480_650.mp4
cdn.vidverto.io/secured2/2E0WvoT2YF9F0XWFQsJfAg:1694059564/1327/video/1812/ 0
0

GET v1
match.sharethrough.com/universal/ Frame DC2A 0
0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4E04 0
0 73ms
72ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=893971139118720&bg=!lpWlldrNAAa6D61Rmg87ADQBe5WfOOuzNIRdEgXBZBzv5BsY8IcuIQcTYgHHqC2zwayNz-3gPj-kJPcDC0hkUznIkTWdAgAAA0dSAAAAB2gBBwoAvhbMoZkq84Uof36ENTT3Lg6eA3I8gZeVbOmu4mWwK774NHaa0oOP6D2aODQMsdhFZgJ4_T03D7Qk4U9sai40HUpS9c7f2bMDXy0IGPVaW-w-NCcZF-lbtWl5McBtI0htgRwhwYqn1jjwWzOFKobs2GVZV0jBwjr59gJbUdGv-Uw2cDJsEzwI03D6xNyabrnQPJ4CzqglTolBugZDvAIIrkYKiLM8oS7iCh37FjRGpJ7cI5Ct6TaK1gq_dxQCpu6ZAtFrqU_5R6Ec4A_uCRC2ZO4AtyL88JZajr4AL4n1O07a1aWuRb7azI_27sSRC7QnE96VszXPjPkwsDqJR9ZxPDI--5UMmjVckwpzLo5zpiA50_tsPlCvwOzD-TVoIJjaCHGcQTId8qf9VlJRK55ymzxEVwLi7V0NBMuPElXs3JMd6FJUGk9fVR9CoxKQoSA3JCC_TR6B54uYRhZrrE1HFcx-gVQo4WAvBQEOUcPmsfCOGlc-1c38xykdV6XqB6TUO18pjVzXFlsbtDEpcoxW3MQ7Ava2rKX11Hvy_tz6UOHkGf2FaeAEwasat8xlLGTb7PbDNLWNq6bWm_6NDMIhL_-D6VEenPhPieusgtMadPy9a8qRJW2yzSxm0-MTDZ8dqef2uqpneCnjTYGWqvrZp_LHdTNtSZRt0V6N9aRTv1qf7zt6EIpFBukg99iNqY7AQ5a01VMgH40XW3UNRK7lnoooexc1xfn4xbTMHXdKyJ0SvBxhTMiCwAKJQhBx24XTZScVYw3DtpmqkiBRlH-T-J41JsD1vSQlvUSwrWMyY4B55LijNlh3RocJErhgB-ueKSZZ9mOu-A7_DHVswMbzTbK0VcYcGMgEkNp9bZDEb3m2Qg0OF1oM8HROlfF-cOVHn5AUlbVlsJdv1jAnqty7wLu14t6Ry6DqFzfq-5xxDFZtO0wfAPpFqiz_B3aJEyY0bEvujQg9_qnRJzLGc8T4flAMVSUS5KGhap2htIOYZnU6OdR50ab82eDLQZ4j-yZVpzCK3S24sOES5iak1fRj6nu9q0bb5T96tOD9Z2EApMAea9qNsEevSMtwDaQ6QhSsPBcLieWi7-fH8VdsuRuVozo89UBK9tDJ6BqX-ZezpUpLaVxuqvHLixeKeQdBX9R5rsGR1Ox6IucmGyJ6RldefJF5aXpm7AHlueRwQjhOeRDHMx3Cl05lJwqchZXAM1yon-8D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

660cf9f78ccaca9106d6c1bc235eb782037a25203d8da985becc638c29b9a0e5 Show response
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame 5120
Redirect Chain

https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
https://csync.smilewanted.com/set_partner_userid_get/smartyads/660cf9f78ccaca9106d6c1bc235eb782037a25203d8da985becc638c29b9a0e5

0
770 B

67ms
60ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/smartyads/660cf9f78ccaca9106d6c1bc235eb782037a25203d8da985becc638c29b9a0e5
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 802bbbfd9d49baa3-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 03:06:11 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Thu, 07 Sep 2023 03:06:11 GMT
Expires: 0
Location: https://csync.smilewanted.com/set_partner_userid_get/smartyads/660cf9f78ccaca9106d6c1bc235eb782037a25203d8da985becc638c29b9a0e5
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
794 B 126ms
71ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694055971221&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1548&pt=1354253083&tz=120&viewable=true&ddast=V8KI8CLAaMQbEN1EqxChEYg2IbqJViFSoAAABgYID-AIktfCvDcDZYa0wm31q0cCzcytHK4RYtXBvnbGHYODa-ISCxhW9lGM4Ga43J5FuLFo6FWzlaOdyihWvjnC0MG8fGNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZGaDodPte9Xvf73SU-z1zj9yv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JmDwZr9ppfdHwAAAABAAAAAAJAAQEA_LAEQY7x34v________8_xgB95o2M_____xsGPQAefAA8CAEAAPgYcjCJKQFyX0NEpAC4CCMAAAAAVOOpFEcm6QQViyr____9VgCuAAAEKLZpYl5n0R2UeAsDAAAgMGaBHha_3-ywa_xul_n_________N_N_5h-NUA9zc5qghCNXNb-AAABrfgEBANioGwCANwJwgg5BKwaD1QmI2QEAAAC48____68HBEam4XI1Wo1mI9_I5TGtZhPLyLmyeEY222SzWW3PfJWSOvaGymCfDWGZ_b6DgnJ6eswug4zlMhnEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0RwOUATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJssTLOFYbZWOEeGtWizsqwlxonFLZnYRs6Zy7FyOUdr0etjutgsG89y4UWCAUx7kTwt0olyslxZXDbnyOJyOEaWlXE2sTkXK9NusJnNHA7XRCzRnCzSieyyL4xMw-VqtBrNRr6Ry2NazSaWkXNl8Yxstslms9rXJgvTbGGYrRXOkWEt2qwsa4lxYnFLJraRc-ZyrFzO0Vr0-pguNsvGs1z4G7PlaLBaLWeTfWO2HA1Wq-Vssu_QGb6rz9moLKskH5n5u62ebzenQeEyWLwv9ek8LBgLwpLn6PRZnsruzuj3-_1-v9_v9_v9Bq3nYDYofM_DXzh9LM_lcDZ6EBsMilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8Yr_d55a57D634PWWuN4S11vk8LtFTrdisPa7lX_XW-tyK_-ut9hpF5reZotYIjhdpBPRy3i6qP-oAUdzyWQ3V8yWc8lglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJapLj_____cQAAAGTk0AMAAKDfBwAAAAAAAADAryAWy8Fg_wBUiLVarW431mq1AhbEZLHcTeD___8_!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vB!aniview_inc_vA!dfrc_vA!expl_vE!iiqrc_vA!nonrv_vA!t45!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 3c569065c32a76fdabd354e28723483ab221a9db68fc807aa2970249b9920e8a

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:06:11 GMT
content-encoding: gzip
server: nginx
machineid: 1417
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 1D0B 0
594 B 48ms
48ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS