urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Submission: On September 05 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 91 IPs in 15 countries across 83 domains to perform 530 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
11 142.250.181.225 15169 (GOOGLE)
3 7 162.210.196.208 30633 (LEASEWEB-...)
4 172.67.71.254 13335 (CLOUDFLAR...)
14 138.199.36.7 60068 (CDN77 ^_^)
2 2.16.202.121 20940 (AKAMAI-ASN1)
5 184.24.77.65 20940 (AKAMAI-ASN1)
38 151.101.65.44 54113 (FASTLY)
5 178.250.7.13 44788 (ASN-CRITE...)
47 142.250.186.66 15169 (GOOGLE)
4 69.16.175.42 20446 (STACKPATH...)
8 151.101.193.44 54113 (FASTLY)
24 185.106.33.48 200478 (TABOOLA-AS)
3 142.250.186.170 15169 (GOOGLE)
4 216.58.212.170 15169 (GOOGLE)
2 15 216.58.212.130 15169 (GOOGLE)
7 23.97.225.52 8075 (MICROSOFT...)
2 13.107.246.60 8075 (MICROSOFT...)
9 141.226.228.48 200478 (TABOOLA-AS)
1 142.250.185.195 15169 (GOOGLE)
10 15.197.193.217 16509 (AMAZON-02)
4 54.171.32.106 16509 (AMAZON-02)
8 95.101.149.233 16625 (AKAMAI-AS)
1 188.114.97.3 13335 (CLOUDFLAR...)
3 142.250.185.104 15169 (GOOGLE)
1 6 3.75.62.37 16509 (AMAZON-02)
2 2 23.201.255.110 16625 (AKAMAI-AS)
2 91.228.74.166 16509 (AMAZON-02)
1 5 69.173.144.139 26667 (RUBICONPR...)
2 104.16.89.20 13335 (CLOUDFLAR...)
1 18.194.149.72 16509 (AMAZON-02)
2 147.75.84.158 54825 (PACKET)
4 5 185.89.210.122 29990 (ASN-APPNEX)
1 4 35.227.252.103 15169 (GOOGLE)
1 3.126.136.176 16509 (AMAZON-02)
4 11 51.89.9.252 16276 (OVH)
1 185.255.84.150 200271 (IGUANE-)
1 69.173.144.137 26667 (RUBICONPR...)
1 213.19.162.51 3356 (LEVEL3)
3 104.18.39.155 13335 (CLOUDFLAR...)
1 95.101.149.35 16625 (AKAMAI-AS)
1 34.107.148.139 396982 (GOOGLE-CL...)
7 104.22.68.131 13335 (CLOUDFLAR...)
1 178.250.1.8 44788 (ASN-CRITE...)
1 34.250.19.175 16509 (AMAZON-02)
2 142.250.184.238 15169 (GOOGLE)
5 216.239.32.36 15169 (GOOGLE)
1 173.194.76.156 15169 (GOOGLE)
1 172.105.43.230 63949 (AKAMAI-LI...)
1 18.66.127.127 16509 (AMAZON-02)
1 104.22.53.86 13335 (CLOUDFLAR...)
10 178.250.7.2 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
5 142.250.185.161 15169 (GOOGLE)
4 20.122.63.128 8075 (MICROSOFT...)
1 18.66.97.30 16509 (AMAZON-02)
9 172.217.23.98 15169 (GOOGLE)
2 2.18.162.159 16625 (AKAMAI-AS)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 141.226.224.32 200478 (TABOOLA-AS)
1 162.19.138.119 16276 (OVH)
2 142.250.185.66 15169 (GOOGLE)
5 35.244.159.8 15169 (GOOGLE)
2 172.217.18.6 15169 (GOOGLE)
11 138.199.36.11 60068 (CDN77 ^_^)
32 142.250.186.65 15169 (GOOGLE)
1 54.243.97.198 14618 (AMAZON-AES)
4 3.92.34.105 14618 (AMAZON-AES)
9 142.250.74.196 15169 (GOOGLE)
4 216.58.212.162 15169 (GOOGLE)
1 4 52.46.128.147 16509 (AMAZON-02)
8 38 142.250.186.34 15169 (GOOGLE)
1 178.250.7.4 44788 (ASN-CRITE...)
2 142.250.186.131 15169 (GOOGLE)
4 6 185.80.39.216 27381 (CASALE-MEDIA)
1 142.250.185.238 15169 (GOOGLE)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 178.250.1.9 44788 (ASN-CRITE...)
4 4 185.64.190.78 62713 (AS-PUBMATIC)
1 1 69.166.1.66 27630 (AS-XFERNET)
2 2 82.145.213.8 39832 (NO-OPERA)
2 3 87.250.250.90 13238 (YANDEX)
1 1 64.227.64.62 14061 (DIGITALOC...)
4 4 70.42.32.223 13789 (INTERNAP-...)
4 5 216.52.2.30 30282 (AS-INAPCD...)
1 1 34.242.138.167 16509 (AMAZON-02)
4 142.250.186.162 15169 (GOOGLE)
1 2 104.18.24.173 13335 (CLOUDFLAR...)
1 1 31.220.27.134 39572 (ADVANCEDH...)
1 1 54.236.120.89 14618 (AMAZON-AES)
1 13.113.83.56 16509 (AMAZON-02)
1 178.250.7.9 44788 (ASN-CRITE...)
3 88.99.165.19 24940 (HETZNER-AS)
4 142.250.181.226 15169 (GOOGLE)
4 142.250.186.67 15169 (GOOGLE)
2 178.250.7.17 44788 (ASN-CRITE...)
1 4 138.201.63.145 24940 (HETZNER-AS)
1 178.250.1.10 44788 (ASN-CRITE...)
1 3 92.123.148.9 16625 (AKAMAI-AS)
1 104.19.241.24 13335 (CLOUDFLAR...)
1 1 154.59.122.79 174 (COGENT-174)
2 2 37.157.6.233 198622 (ADFORM)
3 3 188.42.105.220 7979 (SERVERS-COM)
5 142.251.133.195 15169 (GOOGLE)
1 1 46.228.164.11 56396 (AMOBEE)
1 1 37.157.3.26 198622 (ADFORM)
530 91
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
11    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
cdn.ampproject.org
7    162.210.196.208 (Fairfax, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
4    172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
14    138.199.36.7 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-36-7.bunnyinfra.net
cdn.unibotscdn.com
2    2.16.202.121 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-121.deploy.static.akamaitechnologies.com
delivery.adrecover.com
5    184.24.77.65 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-65.deploy.static.akamaitechnologies.com
cdn.adpushup.com
38    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
5    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
47    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
4    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
vast.aniview.com
8    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
vidanalytics.taboola.com
24    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
3    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
imasdk.googleapis.com
4    216.58.212.170 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f10.1e100.net
fonts.googleapis.com
15    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
securepubads.g.doubleclick.net
7    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
2    13.107.246.60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
9    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
1    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
d-19878241193655553232.ampproject.net
10    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    54.171.32.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-32-106.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
8    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
amp.analytics-debugger.com
3    142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net
www.googletagmanager.com
6    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    91.228.74.166 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    18.194.149.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-149-72.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
5    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
4    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    3.126.136.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-136-176.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
11    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    213.19.162.51 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
3    104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
7    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
1    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    34.250.19.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
ads.servenobid.com
2    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
www.google-analytics.com
5    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    173.194.76.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f156.1e100.net
stats.g.doubleclick.net
1    172.105.43.230 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-105-43-230.ip.linodeusercontent.com
newsbot.unibots.in
1    18.66.127.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-127-127.fra60.r.cloudfront.net
cdn.prod.uidapi.com
1    104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
10    178.250.7.2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
5    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
1498e9a87847adf599e80018330f4b11.safeframe.googlesyndication.com
d8903c0bd540ae6455ed24cd35a0bcff.safeframe.googlesyndication.com
4    20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.clarity.ms
1    18.66.97.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-30.fra56.r.cloudfront.net
rules.quantcount.com
9    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
googleads.g.doubleclick.net
2    2.18.162.159 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-162-159.deploy.static.akamaitechnologies.com
player.aniview.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
partner.googleadservices.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
adpushup-d.openx.net
2    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net
s0.2mdn.net
11    138.199.36.11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-36-11.bunnyinfra.net
stream.unibotscdn.com
32    142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net
tpc.googlesyndication.com
1    54.243.97.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-97-198.compute-1.amazonaws.com
gov.aniview.com
4    3.92.34.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-34-105.compute-1.amazonaws.com
track1.aniview.com
9    142.250.74.196 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f4.1e100.net
www.google.com
4    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
www.googletagservices.com
4    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
38    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
1    178.250.7.4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
www.gstatic.com
6    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net
mts0.google.com
1    85.114.159.118 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
3    87.250.250.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
4    70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
5    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    34.242.138.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-138-167.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
4    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
pubads.g.doubleclick.net
2    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    54.236.120.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-120-89.compute-1.amazonaws.com
google.partners.tremorhub.com
1    13.113.83.56 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-83-56.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
1    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
3    88.99.165.19 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de
hal9000.redintelligence.net
4    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
4    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
2    178.250.7.17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
4    138.201.63.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de
hal900010.redintelligence.net
1    178.250.1.10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
3    92.123.148.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com
www.awin1.com
1    104.19.241.24 (None, )

ASN13335 (CLOUDFLARENET, US)
ct.conrad.ch
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
2    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    188.42.105.220 (Luxembourg)

ASN7979 (SERVERS-COM, US)
sync.gonet-ads.com
5    142.251.133.195 (United States)

ASN15169 (GOOGLE, US)
PTR: eze10s07-in-f3.1e100.net
csi.gstatic.com
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
Apex Domain
Subdomains		 Transfer
84 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
1498e9a87847adf599e80018330f4b11.safeframe.googlesyndication.com
d8903c0bd540ae6455ed24cd35a0bcff.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
747 KB
80 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 919
trc.taboola.com — Cisco Umbrella Rank: 614
vidstat.taboola.com — Cisco Umbrella Rank: 2542
il-trc-events.taboola.com — Cisco Umbrella Rank: 20471
images.taboola.com — Cisco Umbrella Rank: 1780
imprammp.taboola.com — Cisco Umbrella Rank: 15906
am-match.taboola.com — Cisco Umbrella Rank: 16049
wf.taboola.com — Cisco Umbrella Rank: 2698
am-vid-events.taboola.com — Cisco Umbrella Rank: 14973
vidstatb.taboola.com — Cisco Umbrella Rank: 4450
pips.taboola.com — Cisco Umbrella Rank: 1574
cds.taboola.com — Cisco Umbrella Rank: 1786
vidanalytics.taboola.com — Cisco Umbrella Rank: 11427
am-wf.taboola.com — Cisco Umbrella Rank: 17391
1 MB
67 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
stats.g.doubleclick.net — Cisco Umbrella Rank: 87
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net — Cisco Umbrella Rank: 237
pubads.g.doubleclick.net — Cisco Umbrella Rank: 421
617 KB
25 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 32070
stream.unibotscdn.com — Cisco Umbrella Rank: 47771
3 MB
17 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 593
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1036
token.rubiconproject.com — Cisco Umbrella Rank: 597
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 811
fastlane.rubiconproject.com — Cisco Umbrella Rank: 510
pixel.rubiconproject.com — Cisco Umbrella Rank: 366
pixel-eu.rubiconproject.com Failed
53 KB
12 criteo.net
static.criteo.net — Cisco Umbrella Rank: 603
csm.eu.criteo.net — Cisco Umbrella Rank: 10389
147 KB
12 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15810
e3.adpushup.com — Cisco Umbrella Rank: 18406
280 KB
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com Failed
127 KB
11 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 736
7 KB
11 openx.net
rtb.openx.net — Cisco Umbrella Rank: 751
oajs.openx.net — Cisco Umbrella Rank: 1329
google-bidout-d.openx.net — Cisco Umbrella Rank: 1333
us-u.openx.net — Cisco Umbrella Rank: 478
adpushup-d.openx.net — Cisco Umbrella Rank: 25350
8 KB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 405
220 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 2
mts0.google.com — Cisco Umbrella Rank: 4055
56 KB
10 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451
ups.analytics.yahoo.com — Cisco Umbrella Rank: 326
3 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 348
3 KB
10 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 426
bidder.criteo.com — Cisco Umbrella Rank: 767
ads.eu.criteo.com — Cisco Umbrella Rank: 10282
dis.criteo.com — Cisco Umbrella Rank: 596
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 11410
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 17186
34 KB
9 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 567
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 475
21 KB
9 aniview.com
vast.aniview.com — Cisco Umbrella Rank: 4236
player.aniview.com — Cisco Umbrella Rank: 1746
gov.aniview.com — Cisco Umbrella Rank: 3816
track1.aniview.com — Cisco Umbrella Rank: 1826
sync.aniview.com Failed
261 KB
7 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 37964
hal900010.redintelligence.net — Cisco Umbrella Rank: 213495
52 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
region1.google-analytics.com — Cisco Umbrella Rank: 2547
889 B
7 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6591
csync.smilewanted.com — Cisco Umbrella Rank: 2812
static.smilewanted.com — Cisco Umbrella Rank: 11008
16 KB
7 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 488
fonts.googleapis.com — Cisco Umbrella Rank: 41
360 KB
7 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 40826
sync.aralego.com — Cisco Umbrella Rank: 2723
4 KB
6 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1104
www.googleadservices.com — Cisco Umbrella Rank: 149
813 B
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 900
p.clarity.ms — Cisco Umbrella Rank: 11842
c.clarity.ms Failed
22 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 659
3 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
secure.adnxs.com — Cisco Umbrella Rank: 450
acdn.adnxs.com Failed
4 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 546
2 KB
4 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 752
image8.pubmatic.com Failed
2 KB
4 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
227 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15124
42 KB
3 gonet-ads.com
sync.gonet-ads.com — Cisco Umbrella Rank: 32481
1 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 591
cm.adform.net — Cisco Umbrella Rank: 1198
2 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18330
2 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 5203
953 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
177 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 805
s.tribalfusion.com — Cisco Umbrella Rank: 1949
1 KB
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1476
1 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 311
17 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 755
id5-sync.com — Cisco Umbrella Rank: 400
27 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 880
273 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
3 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1240
pixel.quantserve.com — Cisco Umbrella Rank: 928
10 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 733
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 28688
11 KB
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 834
441 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1278
668 B
1 conrad.ch
www.conrad.ch Failed
ct.conrad.ch
1 KB
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 7689
44 B
1 tremorhub.com
google.partners.tremorhub.com — Cisco Umbrella Rank: 13061
636 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 10866
291 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 677
598 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2518
549 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 929
758 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 6964
552 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1537
584 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1136
634 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1404
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1732
2 KB
1 unibots.in
newsbot.unibots.in — Cisco Umbrella Rank: 55380
693 B
1 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2295
public.servenobid.com Failed
780 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1307
contextual.media.net Failed
1 KB
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1457
493 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4109
454 B
1 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1078
x.bidswitch.net Failed
16 KB
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 583
eb2.3lift.com Failed
588 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 25069
3 KB
1 ampproject.net
d-19878241193655553232.ampproject.net
1 bg3.co
www.bg3.co
static.bg3.co Failed
15 KB
0 googlevideo.com Failed
rr2---sn-fpobv-1gil.googlevideo.com Failed
0 sharethrough.com Failed
match.sharethrough.com Failed
0 stickyadstv.com Failed
ads.stickyadstv.com Failed
0 ck-ie.com Failed
us.ck-ie.com Failed
0 betweendigital.com Failed
ads.betweendigital.com Failed
0 1rx.io Failed
sync.1rx.io Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 richaudience.com Failed
sync.richaudience.com Failed
0 rlcdn.com Failed
id.rlcdn.com Failed
0 smartadserver.com Failed
ssbsync-global.smartadserver.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 indexww.com Failed
js-sec.indexww.com Failed
0 e-volution.ai Failed
rtb2-useast.e-volution.ai Failed
530 83
Domain Requested by
47 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
googleads.g.doubleclick.net
8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
www.bg3.co
tpc.googlesyndication.com
www.googletagservices.com
38 cm.g.doubleclick.net 8 redirects google-bidout-d.openx.net
googleads.g.doubleclick.net
8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
www.bg3.co
onetag-sys.com
32 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
24 il-trc-events.taboola.com www.bg3.co
15 securepubads.g.doubleclick.net 2 redirects cdn.adpushup.com
cdn.aralego.net
securepubads.g.doubleclick.net
15 cdn.taboola.com www.bg3.co
cdn.taboola.com
14 images.taboola.com www.bg3.co
14 cdn.unibotscdn.com www.bg3.co
cdn.unibotscdn.com
11 stream.unibotscdn.com cdn.unibotscdn.com
11 onetag-sys.com 4 redirects cdn.adpushup.com
onetag-sys.com
csync.smilewanted.com
11 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
10 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
cdn.adpushup.com
static.criteo.net
10 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
www.bg3.co
eus.rubiconproject.com
google-bidout-d.openx.net
8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
cdn.adpushup.com
onetag-sys.com
9 www.google.com googleads.g.doubleclick.net
8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
tpc.googlesyndication.com
9 googleads.g.doubleclick.net cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
8 eus.rubiconproject.com imprammp.taboola.com
eus.rubiconproject.com
ads.aralego.com
cdn.adpushup.com
7 e3.adpushup.com www.bg3.co
6 ups.analytics.yahoo.com 1 redirects am-match.taboola.com
onetag-sys.com
adpushup-d.openx.net
5 csi.gstatic.com imasdk.googleapis.com
5 ap.lijit.com 4 redirects csync.smilewanted.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 region1.google-analytics.com cdn.ampproject.org
www.googletagmanager.com
5 am-vid-events.taboola.com www.bg3.co
vidstat.taboola.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 gum.criteo.com cdn.taboola.com
static.criteo.net
gum.criteo.com
cdn.adpushup.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
onetag-sys.com
4 vidanalytics.taboola.com vidstat.taboola.com
4 hal900010.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal900010.redintelligence.net
4 fonts.gstatic.com fonts.googleapis.com
4 www.googleadservices.com www.bg3.co
4 pubads.g.doubleclick.net imasdk.googleapis.com
4 b1sync.zemanta.com 4 redirects
4 image6.pubmatic.com 4 redirects
4 s.amazon-adsystem.com 1 redirects google-bidout-d.openx.net
onetag-sys.com
4 www.googletagservices.com googleads.g.doubleclick.net
8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
4 track1.aniview.com www.bg3.co
4 p.clarity.ms www.clarity.ms
4 rtb.openx.net 1 redirects cdn.adpushup.com
4 ib.adnxs.com 3 redirects cdn.adpushup.com
4 pr-bh.ybp.yahoo.com imprammp.taboola.com
am-match.taboola.com
google-bidout-d.openx.net
4 sync.aralego.com 2 redirects ads.aralego.com
4 fonts.googleapis.com cdn.taboola.com
8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
hal900010.redintelligence.net
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 sync.gonet-ads.com 3 redirects
3 www.awin1.com 1 redirects hal900010.redintelligence.net
googleads.g.doubleclick.net
3 hal9000.redintelligence.net googleads.g.doubleclick.net
hal900010.redintelligence.net
3 an.yandex.ru 2 redirects googleads.g.doubleclick.net
3 us-u.openx.net google-bidout-d.openx.net
adpushup-d.openx.net
3 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 pixel.rubiconproject.com 1 redirects onetag-sys.com
3 htlb.casalemedia.com cdn.adpushup.com
3 www.googletagmanager.com cdn.ampproject.org
cdn.unibotscdn.com
www.googletagmanager.com
3 imasdk.googleapis.com cdn.unibotscdn.com
imasdk.googleapis.com
3 trc.taboola.com cdn.taboola.com
3 ads.aralego.com 1 redirects ads.aralego.com
2 am-wf.taboola.com vidstat.taboola.com
2 c1.adform.net 2 redirects
2 csm.eu.criteo.net ads.eu.criteo.com
2 t.adx.opera.com 2 redirects
2 www.gstatic.com 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
2 s0.2mdn.net imasdk.googleapis.com
www.bg3.co
2 partner.googleadservices.com pagead2.googlesyndication.com
2 oajs.openx.net 1 redirects www.bg3.co
2 player.aniview.com vidstat.taboola.com
2 www.google-analytics.com www.bg3.co
2 prebid.smilewanted.com cdn.adpushup.com
2 prebid.a-mo.net cdn.adpushup.com
2 cdn.jsdelivr.net cdn.adpushup.com
securepubads.g.doubleclick.net
2 vast.aniview.com vidstat.taboola.com
2 token.rubiconproject.com eus.rubiconproject.com
2 secure-assets.rubiconproject.com 2 redirects
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 www.clarity.ms www.bg3.co
www.clarity.ms
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 delivery.adrecover.com www.bg3.co
1 cm.adform.net 1 redirects
1 ad.turn.com 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 adpushup-d.openx.net cdn.adpushup.com
1 secure.adnxs.com 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 ct.conrad.ch hal900010.redintelligence.net
1 rtb.nl3.eu.criteo.com googleads.g.doubleclick.net
1 cat.fr3.eu.criteo.com ads.eu.criteo.com
1 cc.adingo.jp 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
1 google.partners.tremorhub.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 s.tribalfusion.com www.bg3.co
1 a.tribalfusion.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 dis.criteo.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 mts0.google.com 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 gov.aniview.com player.aniview.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 pixel.quantserve.com www.bg3.co
1 id5-sync.com cdn.id5-sync.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 d8903c0bd540ae6455ed24cd35a0bcff.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 1498e9a87847adf599e80018330f4b11.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 newsbot.unibots.in cdn.unibotscdn.com
1 stats.g.doubleclick.net cdn.ampproject.org
1 ads.servenobid.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 vidstatb.taboola.com www.bg3.co
1 amp.analytics-debugger.com cdn.ampproject.org
1 d-19878241193655553232.ampproject.net cdn.ampproject.org
1 imprammp.taboola.com vidstat.taboola.com
1 www.bg3.co
0 rr2---sn-fpobv-1gil.googlevideo.com Failed
0 c.clarity.ms Failed
0 match.sharethrough.com Failed csync.smilewanted.com
0 ads.stickyadstv.com Failed csync.smilewanted.com
0 us.ck-ie.com Failed csync.smilewanted.com
0 ads.betweendigital.com Failed csync.smilewanted.com
0 sync.1rx.io Failed csync.smilewanted.com
0 sync-tm.everesttech.net Failed adpushup-d.openx.net
0 pixel.tapad.com Failed adpushup-d.openx.net
0 sync.richaudience.com Failed csync.smilewanted.com
0 x.bidswitch.net Failed onetag-sys.com
0 image8.pubmatic.com Failed onetag-sys.com
0 id.rlcdn.com Failed onetag-sys.com
adpushup-d.openx.net
0 ssbsync-global.smartadserver.com Failed onetag-sys.com
0 pixel-eu.rubiconproject.com Failed onetag-sys.com
0 sync.mathtag.com Failed onetag-sys.com
0 eb2.3lift.com Failed cdn.adpushup.com
0 acdn.adnxs.com Failed cdn.adpushup.com
0 js-sec.indexww.com Failed cdn.adpushup.com
0 contextual.media.net Failed cdn.adpushup.com
0 public.servenobid.com Failed cdn.adpushup.com
0 rtb2-useast.e-volution.ai Failed googleads.g.doubleclick.net
0 www.conrad.ch Failed hal900010.redintelligence.net
0 sync.aniview.com Failed www.bg3.co
0 static.bg3.co Failed www.bg3.co
530 154
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
cdn.unibotscdn.com
R3		 2023-08-31 -
2023-11-29		 3 months crt.sh
cdn.adpushup.com
R3		 2023-08-23 -
2023-11-21		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2023-08-29 -
2024-09-28		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
analytics-debugger.com
GTS CA 1P5		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.aniview.com
GeoTrust TLS RSA CA G1		 2023-07-15 -
2024-08-14		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
cricket.unibots.in
R3		 2023-06-22 -
2023-09-20		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
stream.unibotscdn.com
R3		 2023-08-06 -
2023-11-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.adingo.jp
Amazon RSA 2048 M01		 2023-02-13 -
2023-11-11		 9 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-29		 3 months crt.sh
redintelligence.net
R3		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-27 -
2023-10-22		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh

This page contains 72 frames:

Primary Page: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Frame ID: DEBFDA30CEC398A7A65FB11556FDC416
Requests: 250 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&cmcv=&pix=undefined&cb=1693900645015&uv=3333&tms=1693900645015&abt=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=53b14d04-8647-4b8b-b60c-e79a0f295c92&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: E91A29D1EDB36698EC9CEAB06AE13A3E
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 137519EB08A74636A2D6EB5976EC7668
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 50385B7E157713D1BD661026447AB9AC
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 464BE167EA35DC54A0F1C0BD4763D763
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 55E3E2AF503623B3D378E5D6B265C13D
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: E64CF6EB8B8B0D396B7FB04E74179A2C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: CB3E58D0D92C8B3BB10C7F4352FBC2DE
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 66C9B5A3A8D898A393322D6C087B786D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 5D0D05C3B0BC51182640E8CCE720688E
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: E86EE56102D833935DFC05C69FA948A4
Requests: 7 HTTP requests in this frame

Frame: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 831B069E1509C89B74DB4B817A405168
Requests: 1 HTTP requests in this frame

Frame: https://1498e9a87847adf599e80018330f4b11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D276DBE6DCC0FEDFD338B08CA94A8804
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-30908086731758617527&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3224&oid=2&is_amp=5&amp_v=2308181609000&d_imp=1&c=332004981&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&ga_hid=4981&dt=1693900646030&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&bdt=2427&dtd=69&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 784D5391FDE5A11C81EA72690FBC8D62
Requests: 1 HTTP requests in this frame

Frame: https://d8903c0bd540ae6455ed24cd35a0bcff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 39423B1B7A6AEB3ECC96724811C3479A
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Frame ID: 6BFD4752BAEDAF27FA23229664629A29
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Frame ID: CF0FB90B0576792BE36E17C8D3D4DE6C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
Frame ID: 417E1C846D798DFDCED45704E46377D8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Frame ID: 6F58FF374015F79E151E47C48D335C44
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Frame ID: 3C5AB1CF57A32C4E6C22DBC04DCB1FB8
Requests: 9 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: D2C3B64AFF2348C361839BAB46299B21
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Frame ID: C627DCC82D934C4FA3E89A4FAD2C5326
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4EEABA2F9A619585AC01447AE872D30E
Requests: 1 HTTP requests in this frame

Frame: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A328BFF7E70771C69C325FE7A3B6B3CB
Requests: 17 HTTP requests in this frame

Frame: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 62A10A3770335E4BE4A56B1407545F83
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNV5Xj8Tsc9CJ3t2mJogBVCU3brgQSVcDCXBe3Jg-xmDLfOVL7cin8dQjpIoAGaYBXIcupk1loku_kGZY-qgw-am7eDfWA
Frame ID: 3E921F7008E20AE4F095C1B983F16055
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPbfZgAMjCgFkVfmAAZ0VRZDtyC7TyYQW5K6jA&u=%7CzkoH2%2F1Bx5ZnvOahl%2F%2F1TQFajSPqMhiZn5QixIieh6o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjpM_htxWq_02_kHkTXEKA7t5b5PnP0dyOIKDn9GYACS4Y4_18eJ1W-8iR4E83NfzWi6U3IFpwSezzTv_26lCU3JpYO1Ul4uomtQXdR7iQjCcDIjdimm7ZmEvJYMQNn0g7k25M6a-peFOZkJGWzTxK7jGoHVtp8nTebuHpFO2muawCqNoy-qoP0fPRPMPEigJKbbcnzl9CN7pkpNO3Ptus46w-SLaEmFPSebR8akv-5A01TONu2B_MQODeDlJmkngi9u4fQ8iy_1CkmGSLB-4zZnsszm-h69dDGH0q2_V7-Ao6ht2u7ER-KCLm9oLGxKANOElG4C_wzTkLbixOsdk5tAF8VtpSPhmWgtNJDuIfz7tBKWOzC4SmQYn6alB7hIj44y7Acgn6N5NG4J9eYNXJE-BjFsvhzQvhZh4KsiHK4SEFhGZogzK_AqrVVTr7UlQ5gKTt2CVASJvXn2weqx6CCnu1beM8vL3xfVVmCEd31H5MVCE0VTenHg6-Z-kmX2qc8dgAtZ7Ofen4AkatpQkheQbbW8Skh6x44xr4AOvHqND_A5F-yeVigrh1SukEhyHbCKQYfBr1_JOl4b3nIvrrhdNR3xUUM7AuwnKYF_8VN1yBBuEKfjWHwPjjJD3QIxV8dgksB5jzXgTPb2WyD_R4gMTkKXm1DsoNGLwcL6nRtFlzRcS5tpTPe7Si6T7GFskkw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI0YbZt_2ZKiYMuavxdwP1eiZkA7JntKxXNWdkfdwwI23ARABIABg9YWAgLQEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArhE27bwGLI-qAMByAMCqgSXAk_QlXlkQ0CQe4L0Z0UmDFsqyj_51FDNJIxUmzw9H2QnFVniWyLq39PGQsXyAVcqJ00OTsgBqgacE5zJInLoHS3qoAoNH8Nn9rovIZdbAYRjlUDfaTDrzkunX95HoIcxx3bdNbHaXkLLhg7PP9x3J3NHDc9pbpFbofzwtTPR7UpzspfFFGTopAiTYP2EvI2KsRvn5cuv6cXh0W8HOP7qiQmctuH4xjLyn5nzUJGOcfmGLGkFvghWCpS60CmoEvaKfhYJ1yb1MiFcd9vkgGlsxA0WFoEMJDqM1CoEt5gaed_YE6loAtskYDTvp_8vi6E3EhgFLTfdcTpylrM71SC44gWTZ7GnRzpYLy_6J4t-4roRKWFyHCgZAYAGxJ2TzZ2-mPJioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Kx1zX4GLefE3wVuaXGAbYDL7PKw%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 6C7F4B0B48CCBF5D7B93E304080B9D4E
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 018BA8661A8807CD09CF1EDE97A8E019
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8B7E32E0F6B1BC01EEFC934DFF0C235A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5E9B4B37C1E79B7C8B20D5A051932512
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9B7BDF271D38300958DA9800002E8F52
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8CBAF5638CA11A0DD67CBB66C897A89D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8D95FC5171D8559ABA8B3354FCAE87BE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 64D68FBB311BEA267A7A8BA45AA39135
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1693900647062-923943597839-001164-003-004420&biddername=105&pid=6444c646246df090c706ac34&key=&gdpr=1
Frame ID: D8473034E5C0970AB9EC2923A747A3B2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C7BD22B2626EB0A15A2055CB86CFE73F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Frame ID: 4E86C215FA24F05A034B251193D54192
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Frame ID: 6089A377034BF156128466687474B871
Requests: 1 HTTP requests in this frame

Frame: https://www.conrad.ch/ztpv.php?awc=11467_414915_1693900648_dc213840-4bc1-11ee-9f65-22389f6b057d&insert=AW&gdpr=&gdpr_consent=
Frame ID: 7E5959416FFBD09BF19E7D33B3143983
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2476255&v=15168&q=372492&r=414915&pref1=28856900032455504438458012438010&pv=1
Frame ID: 12A2082393B8BD25B6DF1257AF2A2CEF
Requests: 1 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=28856900032455504438458012438010&a=a35f8687
Frame ID: EBC4FC480829495B022FDBA133E85668
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 21FC275AAFEA5D04DED736F8183C9301
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6CCAFD3FF8D138FA7783A21966C0EC77
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F3D67B798D4B62AE91FC432345D597F
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: E8E840F8AD9663469F8530B39EC210A2
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: E40E5F04439CDE1DAB71B5E427EEC800
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D8A7AABC44128964EC6C1353A6D31F8F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 44E4E0095FD18F1F1910AA510772F8F3
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1693900645959
Frame ID: FF2063DF7CFAFFC21625B4AD54EA20BC
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6C1A39C686A3EF47B2B9A3F33E7AEF97
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3D26562C3B9BEC29A507CEAFFD36A22C
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 83ED553EC0C2C8E23926CB6207A8AD93
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 3C1E2D0D77CFC1B58692740760D6DE61
Requests: 1 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: 533B30ADE6B6887A9E53E67671FCC0A4
Requests: 7 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 1243BAA2DF8C1F3C165BF3324A6E2405
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 2ABA74833C58DF9558C245703F103265
Requests: 15 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 277BF99C99D691A184402B47492BD2C1
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Frame ID: 62C64A12AC27F5F8A497564BF5712413
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
Frame ID: 0B505B6384F0E951565E29E93AE7D1D2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6A11A42ED42DDC91379B8E2BDC6C25B7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 623447F761EEC6D5A758059D1E9321D8
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
Frame ID: 6C67C0851FA53E167E2C3F62AA8B89B5
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 3CC89C905741BAC086AB1D199CA0A869
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/6487398058642971688
Frame ID: EC63F5C81C532F0E7789AD2A1A045EFB
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
Frame ID: 510C08C8B12B12A8ED8886FC214BA236
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 84266BA6F28BEA54A3AD6009C8568157
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 2EC0AF2B72A0A1AB7008E7B11E7DD0D2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 958B7768A1A5E024B54C1C5D70418547
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B55D55979D88320AAA7D9AA2998AB498
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35A10549B13CE3ED9CB81DB1670F4A4B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-8586817092508713685&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4210&oid=2&is_amp=5&amp_v=2308181609000&d_imp=1&c=332004981&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&ga_hid=4981&dt=1693900645336&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&bdt=1733&dtd=104&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 1A1D92DA07D55149906B9B9297FBB163
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Frame ID: EFE2E9B040418B59FEBE2F1EEE853F83
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

金友莊是小三? 眼鏡張突冒出E奶女友Joey出面指控 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

530
Requests

79 %
HTTPS

0 %
IPv6

83
Domains

154
Subdomains

91
IPs

15
Countries

7924 kB
Transfer

18450 kB
Size

71
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 143
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 144
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 146
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 193
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM60PJDJ-1N-6YYL HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM60PJDJ-1N-6YYL HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 216
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&rid=esp&cc=1
Request Chain 272
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=744f1c3c-0148-c7f8-13b5-59ff64a754dd HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=744f1c3c-0148-c7f8-13b5-59ff64a754dd&dcc=t
Request Chain 275
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM_ys_BKA6DZGqi0vCMe33M&google_cver=1
Request Chain 295
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGunkOVSnXbXbgFppuR8EM&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGunkOVSnXbXbgFppuR8EM&google_cver=1&C=1
Request Chain 296
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPbfZ0qlawjyk8gODy6d8gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGunkOVSnXbXbgFppuR8EM&google_cver=1
Request Chain 322
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC-8iIITRhqmg8G9ynqtjJk&google_cver=1&google_push=AXcoOmRgLaFI3XI8XPbqfSWaksZ75Nbegh09NjoWtsSsEkeEdXfSjK_UMMoG9vUioQOzIW5Yb5rlc9NpcezhkWSAzCXpsZtstqUi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NTI0Nzg4MTU1ODQ4OTI0Mg%3D%3D&google_push=AXcoOmRgLaFI3XI8XPbqfSWaksZ75Nbegh09NjoWtsSsEkeEdXfSjK_UMMoG9vUioQOzIW5Yb5rlc9NpcezhkWSAzCXpsZtstqUi
Request Chain 323
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMyn9ZKIg2FWa1xVNE6w61w&google_cver=1&google_push=AXcoOmR4zrbv53Fn0opAXvFXOsY1xNy9v0G8uq5ZXUpQRkW7aEsB8PqKS34rqPS9U2cr_uxuF5RPNlwLU6VT16llGOLGIbQsauQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NU7c2kjfRCeg6Hb1Y1CxPQ2&google_push=AXcoOmR4zrbv53Fn0opAXvFXOsY1xNy9v0G8uq5ZXUpQRkW7aEsB8PqKS34rqPS9U2cr_uxuF5RPNlwLU6VT16llGOLGIbQsauQ
Request Chain 324
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSQaOIIs9Fk2vRgdS7spyAsYkL6niHuvYZAPLDU4La3HoZL9D6aRQNRO9y31rzRH4X4XjKFIBXGt3bELCxPjPN5oszDCdmK&google_gid=CAESECQjJcL4fxNAJm-95pTOSYQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-vNWqhptMXbkUOkkmFBWm2q5zsnPjYGG_4odTvg&google_push=AXcoOmSQaOIIs9Fk2vRgdS7spyAsYkL6niHuvYZAPLDU4La3HoZL9D6aRQNRO9y31rzRH4X4XjKFIBXGt3bELCxPjPN5oszDCdmK
Request Chain 325
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBLMcT-ALvtQxB_M7sjyY04&google_cver=1&google_push=AXcoOmQA7dpicNxa0QX9SWsC5rtWvrCsgWfEg_PKbGKPtq4izO9oBIcntTIg_zJMmbyCE-_K6xeNuNqKrMzhU8N1MrNz_9Xdq844 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBLMcT-ALvtQxB_M7sjyY04&google_cver=1&google_push=AXcoOmQA7dpicNxa0QX9SWsC5rtWvrCsgWfEg_PKbGKPtq4izO9oBIcntTIg_zJMmbyCE-_K6xeNuNqKrMzhU8N1MrNz_9Xdq844&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v43yVKSuSumQ74VoPlTmNQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQA7dpicNxa0QX9SWsC5rtWvrCsgWfEg_PKbGKPtq4izO9oBIcntTIg_zJMmbyCE-_K6xeNuNqKrMzhU8N1MrNz_9Xdq844
Request Chain 326
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQWnbI0fKWF02pwtOwSLjBIJLI7QPWxJM2GZDiyLxbhL5scI1bta0-o9ZXNMzF39NDozp9xy_wKNLK2T7eBsgwkNUgi2KbV%26google_hm%3D%5BUID%5D&google_gid=CAESEMyc8isXmp5PcUycyJEcMMI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQWnbI0fKWF02pwtOwSLjBIJLI7QPWxJM2GZDiyLxbhL5scI1bta0-o9ZXNMzF39NDozp9xy_wKNLK2T7eBsgwkNUgi2KbV&google_hm=6e322d1d-c191-4c59-bc97-56e0ac836789
Request Chain 327
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQ6q6fdDYZSIJr8Yfq01HG_eYFFP_E29R3vJpC-DU6wg3U-ThOfH3AAk32jfE1oI31rUt6KMgAB1MH_Y9UJrfyj8vKU8I7j&google_gid=CAESEKQmpB0ow3t5x47t-AszADk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKQmpB0ow3t5x47t-AszADk&google_hm=T1BVNTBkYTgxYmE0MTAzNGVmMTk3YmEwOWI0MTEwNGFmOWU&google_nid=opera_norway_as&google_push=AXcoOmQ6q6fdDYZSIJr8Yfq01HG_eYFFP_E29R3vJpC-DU6wg3U-ThOfH3AAk32jfE1oI31rUt6KMgAB1MH_Y9UJrfyj8vKU8I7j
Request Chain 328
  • https://an.yandex.ru/mapuid/google/CAESEPJcL-2MXlws8ZYkSiBXhAs?ext-param=AXcoOmQWamd8hTsRarOUCRVdxOOAdyoMisc2uSzHwasx27cPA-ARuEuqMer6XAJ6DbG2OpXxiLORv8j3d0dBDz1jTjR-KmvIBEKG&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEPJcL-2MXlws8ZYkSiBXhAs?redir-setuniq=1&ext-param=AXcoOmQWamd8hTsRarOUCRVdxOOAdyoMisc2uSzHwasx27cPA-ARuEuqMer6XAJ6DbG2OpXxiLORv8j3d0dBDz1jTjR-KmvIBEKG&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEPJcL-2MXlws8ZYkSiBXhAs&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 331
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESELfJQ6oNEkAhBIjxo4NTSjs&google_cver=1&google_push=AXcoOmQcYckJejoo48G6n_vGQKIaQo-UgcHmESz2ePvy9R1AcAaZiDFS6nfPfvUOYTfw8KHiDkkYl04SzNwdp5ZfUGbIql9TqOY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQcYckJejoo48G6n_vGQKIaQo-UgcHmESz2ePvy9R1AcAaZiDFS6nfPfvUOYTfw8KHiDkkYl04SzNwdp5ZfUGbIql9TqOY
Request Chain 332
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIQTjqO1WS_xyei85sbv7WY&google_cver=1&google_push=AXcoOmS4S3A1mR4h8tg4j_SIA9DOzTD0YMMqS2j-vdeAkAfl8eJBZdRKJynLs5zek11bDjdV8gTzweIS99K1i7026oOuH7vdd3g HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIQTjqO1WS_xyei85sbv7WY&google_push=AXcoOmS4S3A1mR4h8tg4j_SIA9DOzTD0YMMqS2j-vdeAkAfl8eJBZdRKJynLs5zek11bDjdV8gTzweIS99K1i7026oOuH7vdd3g&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmS4S3A1mR4h8tg4j_SIA9DOzTD0YMMqS2j-vdeAkAfl8eJBZdRKJynLs5zek11bDjdV8gTzweIS99K1i7026oOuH7vdd3g&google_hm=M2U0VVg5Sy12RVFPbnFxZlpmOWc=
Request Chain 333
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBLMcT-ALvtQxB_M7sjyY04&google_cver=1&google_push=AXcoOmQGk9EZOAln8PQEr4d8U_-Rmv1W1ZxcEj3EdN1Idbj736fwETUQjpis-dw54udXI8LndNgb56m9BvEDpcR_Zec30w-xFsX1 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBLMcT-ALvtQxB_M7sjyY04&google_cver=1&google_push=AXcoOmQGk9EZOAln8PQEr4d8U_-Rmv1W1ZxcEj3EdN1Idbj736fwETUQjpis-dw54udXI8LndNgb56m9BvEDpcR_Zec30w-xFsX1&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tfF2ukjkSzSNj8WIkm-zfw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQGk9EZOAln8PQEr4d8U_-Rmv1W1ZxcEj3EdN1Idbj736fwETUQjpis-dw54udXI8LndNgb56m9BvEDpcR_Zec30w-xFsX1
Request Chain 334
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMLgJY6ULVQA05MVQ7ktl4M&google_cver=1&google_push=AXcoOmQx2prH7flqP0-gcGb0ax-cbC9e0irNZ_9iBjCDRHsy0qcGYPhdRn-fPnDL6EoarhDVed89XWs5IqPN8f0QLoVYnJCBpjOL HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMLgJY6ULVQA05MVQ7ktl4M&google_cver=1&google_push=AXcoOmQx2prH7flqP0-gcGb0ax-cbC9e0irNZ_9iBjCDRHsy0qcGYPhdRn-fPnDL6EoarhDVed89XWs5IqPN8f0QLoVYnJCBpjOL&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQx2prH7flqP0-gcGb0ax-cbC9e0irNZ_9iBjCDRHsy0qcGYPhdRn-fPnDL6EoarhDVed89XWs5IqPN8f0QLoVYnJCBpjOL&google_hm=HRO9uGZH6amqaCH-TPK6rahK
Request Chain 335
  • https://ads.yieldmo.com/exptsync?google_gid=CAESECpRV6g_uzbJ_1aa_zLk1kU&google_cver=1&google_push=AXcoOmToGZnLcBryqVGn-0NY2T9UZBEMrAtzroi96qnSSiduHJDHUr4TrZoyI-87MCxRAanO8NfePgEzrqImBEgDNPHDu7V6QNRc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmToGZnLcBryqVGn-0NY2T9UZBEMrAtzroi96qnSSiduHJDHUr4TrZoyI-87MCxRAanO8NfePgEzrqImBEgDNPHDu7V6QNRc&google_hm=M1JJXzdjY1FRWWNsUnBXUHg4SE0=
Request Chain 336
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMUlmvxr0ORoirjfe07_ri0&google_cver=1&google_push=AXcoOmSZMk1dZoxmFILDRALiIdrrciSza3wQQkeGmSONRv0KFv6I96szjVfyvuwXs8GKbMr2U2W7t4LwapsxxNMBs00A7np6uEOzHg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14QXlReFlWRTJ1RWRvR3FqUHZiVUNDSUFzZGFKRl95Un5B&google_push=AXcoOmSZMk1dZoxmFILDRALiIdrrciSza3wQQkeGmSONRv0KFv6I96szjVfyvuwXs8GKbMr2U2W7t4LwapsxxNMBs00A7np6uEOzHg
Request Chain 340
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHhLfDRq3Yx_sWbnTDxCk5U&google_cver=1&google_push=AXcoOmRwIHRKpoDbAVEWTevgfiwxrB2RC2gEEZf6Djmvvzlwwse_BF-wUuQG9MfumZrI_SVAdkgB2y8-KkYB1Nm_AtepkkPwEfV1Zg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRwIHRKpoDbAVEWTevgfiwxrB2RC2gEEZf6Djmvvzlwwse_BF-wUuQG9MfumZrI_SVAdkgB2y8-KkYB1Nm_AtepkkPwEfV1Zg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHhLfDRq3Yx_sWbnTDxCk5U&google_cver=1&google_push=AXcoOmRwIHRKpoDbAVEWTevgfiwxrB2RC2gEEZf6Djmvvzlwwse_BF-wUuQG9MfumZrI_SVAdkgB2y8-KkYB1Nm_AtepkkPwEfV1Zg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRwIHRKpoDbAVEWTevgfiwxrB2RC2gEEZf6Djmvvzlwwse_BF-wUuQG9MfumZrI_SVAdkgB2y8-KkYB1Nm_AtepkkPwEfV1Zg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 341
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEPs9wZiID9UEf98kVw59QLk&c_param1=AXcoOmTNjdmT6fuuNOPsKg1dsuF8gpzlfnlzuqLwcPzESpbbxaofvXdFQiwRFwX-oRxsMu14Jfvc9fi1w_ikFOJDXG_z1W6j61hWSg&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTNjdmT6fuuNOPsKg1dsuF8gpzlfnlzuqLwcPzESpbbxaofvXdFQiwRFwX-oRxsMu14Jfvc9fi1w_ikFOJDXG_z1W6j61hWSg
Request Chain 342
  • https://rtb.openx.net/sync/dds?google_gid=CAESEA3QGcbJSIp44Kdl9_Wm0mg&google_cver=1&google_push=AXcoOmTE4prQNWCE9rfMPU8NniCkFgeWkrczHwMP1nxBr9lpbXMjn1NYYJ_-YcPQtr_5krqF4iItSWYMxHsK49pOHNoFUlYlvkHW8A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTE4prQNWCE9rfMPU8NniCkFgeWkrczHwMP1nxBr9lpbXMjn1NYYJ_-YcPQtr_5krqF4iItSWYMxHsK49pOHNoFUlYlvkHW8A&google_hm=88_qfbRkxSw1z5ff342lhw==
Request Chain 343
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIQTjqO1WS_xyei85sbv7WY&google_cver=1&google_push=AXcoOmTh1lbldc9_18YTBA1xdcffCLB1JJp6av4--UVyKtLVCYi6PrdQpt7X0TsrltV8rL0pHMZh3Q7FLYrxhRhGojBYLrE_Ezqm7w HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIQTjqO1WS_xyei85sbv7WY&google_push=AXcoOmTh1lbldc9_18YTBA1xdcffCLB1JJp6av4--UVyKtLVCYi6PrdQpt7X0TsrltV8rL0pHMZh3Q7FLYrxhRhGojBYLrE_Ezqm7w&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTh1lbldc9_18YTBA1xdcffCLB1JJp6av4--UVyKtLVCYi6PrdQpt7X0TsrltV8rL0pHMZh3Q7FLYrxhRhGojBYLrE_Ezqm7w&google_hm=M2U0VVg5Sy12RVFPbnFxZlpmOWc=
Request Chain 344
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMLgJY6ULVQA05MVQ7ktl4M&google_cver=1&google_push=AXcoOmQFDY0O0B2dVRW9KdI2uz187zK-IwbPdP138fbiyG_tbo7SanxUhjnk5RYxAyMvroqWM2tOFlEA3pf1D7gBOHYRdWDLiSeUBQ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMLgJY6ULVQA05MVQ7ktl4M&google_cver=1&google_push=AXcoOmQFDY0O0B2dVRW9KdI2uz187zK-IwbPdP138fbiyG_tbo7SanxUhjnk5RYxAyMvroqWM2tOFlEA3pf1D7gBOHYRdWDLiSeUBQ&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQFDY0O0B2dVRW9KdI2uz187zK-IwbPdP138fbiyG_tbo7SanxUhjnk5RYxAyMvroqWM2tOFlEA3pf1D7gBOHYRdWDLiSeUBQ&google_hm=HRO9uGZH6amqaCH-TPK6rahK
Request Chain 345
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEJajGoKxPJDDyQvwxcdV30E&google_cver=1&google_push=AXcoOmQRWs7kXh_rCZZ0SqoK4B_qq-8at1TmUY3JbwrXsB9Vc8wnJun5hVUWiy3Wx9T9INf2i-upuLlYg4crDCYYa2iEYnPXAF297g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NGNhMGE2NzMzMGMxNGEwZGFkMmFhNDNiNGFmODlkYWI%3D&UIDF=CAESEJajGoKxPJDDyQvwxcdV30E&google_cver=1&google_push=AXcoOmQRWs7kXh_rCZZ0SqoK4B_qq-8at1TmUY3JbwrXsB9Vc8wnJun5hVUWiy3Wx9T9INf2i-upuLlYg4crDCYYa2iEYnPXAF297g
Request Chain 357
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CFHyGZt_2ZJj1IMm9-wav-KWIAoermpNx9Me97vwRuuHomcsBEAEguoTAM2D1hYCAtASgAfnf_OsDyAEJqQLtD5OemvKyPuACAKgDAcgDywSqBMUCT9BlH_6U_-hJMVd5QwOQr6EbvboTFTQwEkSr7ErvA_kDky2cjeCAoOnIPMXUjvUoR7-IvwP2HItzj_nHoYXCJ3XlFf3RXdT2-tjgnfK-7JQZgCsL2V5rlI0PfO3Goq40lwezYj1JXx8C1mb3SLg0SHeOdOTPcf9_y-HXllsxMP6S-dYwzrFUuKu80oDvTdyUWuvRUPP8KIfmBE0hQOs3_1KV-7uDjpSyV51htGqF8gPij9nDJd63a-z23ax7GnzoBj8fTrqc2rRj0E3py5H5EvRU4hgzfuZTUgerirI90nrrgTCZuYg24h01PXaOSLnlfEu4mFW8FK3xYt2Ca6vlhavU8C5QdP8bgju5FwoVF-rL9sk_mnJiGDstb25KEfyCtPmJKiOWwX9nTdtZT8pDv3XoKoGA3Xwe3plLY1KQ21XTGaQ1xcAErb7FjKAE4AQBiAW4x5mXSpIFBAgEGAGSBQQIBRgEoAYugAfvn4MUqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQnbUG0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCaCSVodHRwczovL3d3dy5tb2JpbGV6b25lLmNoL2RlL2ZsZXhyYXRlgAoDyAsBmAzZ7v6BngTaDBEKCxCA-Mvd5q2Z6rYBEgIBA7gTgwTYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItMTMyNTM0MDQyOTgyMzUwMhjKqx4&sigh=mIf1si67Lxw&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWSpsQ7t26dMZyH5wsc0pLBSaNf9Nspe-CCOEKyKmvVYZ-asx3Ke1mvU1y96hTf4WDZjCbe3c_gBgB&template_id=515&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf5d71a1de156ea9e0000000000000000%22,%222%22:%220x88a33002921141e70000000000000000%22,%223%22:%220x101aba228d147f130000000000000000%22,%224%22:%220xa75babc2f1e1ff120000000000000000%22,%225%22:%220x7400bc5399ddfa70000000000000000%22},%22debug_key%22:%226834138944872776132%22,%22debug_reporting%22:true,%22destination%22:%22https://mobilezone.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221031745529%22],%224%22:[%2209-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213340321609862003265%22}&andc=true
Request Chain 361
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CZiMiZt_2ZJn1IMm9-wav-KWIAoermpNxxMi97vwRmujS4LIBEAEguoTAM2D1hYCAtASgAfnf_OsDyAEJqQLtD5OemvKyPuACAKgDAcgDywSqBMcCT9Bn1PtcnpX1KEwhFjfGqBZdmy8mMS-xy7R8dfL1u23Y9Np2nrIJj7IPcgsV7iAxrdHszYIecx7mG1924mCJ6S9MAcoXuAuiOxDW0IENW8SJ3a3s5vI1-c4yCRqNfGDWwt-MFe4oOflAwIpNO_X3AZmXdqDRT1vDtUk26-3DLZV3FOYya4vO5eYtmiblGNbS64MH226FI3AcgDUCY5SRP2LPlKFmEcWQu_9KVggt8-rg2oJ18HvpsDVT67IEmuYdggOnnrhrN0yKklURkv6MUkRtfVbfRXbHgO8aDXlh7cqPsOMGmu8-aJ_hi1mlHEnuzoKMDdi0ENL81kaiqhJizz9r20yJjs5Vd2I4JH_2DJI-rj_zeDdjnV6judvwUZRoO8vW8pwso8MjH-O1zsO4BXdBvsKlCNMA_VeF9O1uYuKM_YJ69m3wwAStvsWMoATgBAGIBbjHmZdKkgUECAQYAZIFBAgFGASgBi6AB--fgxSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCpiwvSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MJoJJWh0dHBzOi8vd3d3Lm1vYmlsZXpvbmUuY2gvZGUvZmxleHJhdGWACgPICwGYDNnu_oGeBNoMEAoKEIDEo_O-sK6mIhICAQO4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=oVP2SCbkHVY&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWSpsQ7t26dMZyH5wsc0pLBSaNf9Nspe-CCOEKyKmvVYZ-asx3Ke1mvU1y96hTf4WDZjCbe3c_gBgB&template_id=515&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf5d71a1de156ea9e0000000000000000%22,%222%22:%220x88a33002921141e70000000000000000%22,%223%22:%220x101aba228d147f130000000000000000%22,%224%22:%220xa75babc2f1e1ff120000000000000000%22,%225%22:%220x7400bc5399ddfa70000000000000000%22},%22debug_key%22:%227210543352976726%22,%22debug_reporting%22:true,%22destination%22:%22https://mobilezone.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221031745529%22],%224%22:[%2209-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215022928065615302385%22}&andc=true
Request Chain 362
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693900647062-923943597839-001164-003-004420%26biddername%3D105%26pid%3D6444c646246df090c706ac34%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693900647062-923943597839-001164-003-004420&biddername=105&pid=6444c646246df090c706ac34&key=&gdpr=1
Request Chain 369
  • https://hal900010.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=1f7ae29b41&subid=&uid=04237448202d483f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-UxZZt_2ZLriLPysxdwPwoyd0AaRwdCbafvwg5LcD_AuEAEg0syBGmD1hYCAtATIAQmpAnFU_MewG7I-qAMByAObBKoE4AFP0Jd3hpxOWKwLu7KgAc1KxS8nNLM-lbmkVRHHip2U72_J75GK9ugFogwJFWbZ5FTMpIYIaKuMK57WsWoDTG83Uv6K3SHpgZ14rNglpWfIkVK1HzybrlJ4JyEZmvVs19CiWvq-IObyi5nph4dvcwory9DBSIb0LCOWjCLRKMLriT9CCacDlz2NirG0GKIqL33u4uiDpt285fZXQbpSRFxmh-36N1E7h8UXqRU_BAEwBV0tQtQmGZb7_PmHdOT1y2lJGmoC-8pXk27SvIsavqq8qgwVnjgYBPVHDr0dAY7S5sAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIuq3V0v-SgQMVfFaRBR1CRgdqEAEYASAAEgIYo_D_BwE%26num%3D1%26cid%3DCAQSPABpAlJWgVso435YyrFHMKM_2T5tJdO33EtiADrLjTbet8czCTTFIb3UWAkWUVwVA8jp0nbH3Evgh1O-cRgB%26sig%3DAOD64_15VRnvzIuHbAZ1FiCbEIkJmXT8Ow%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-BRhvOm_o-2YEfbGhNNLJMmyU2e0gZuQSe9GQBSe8jBZwOdbdVsHyX5GEUjs9AmrBTDoAC_Yl6mFdIOpALneQS52PyE1poZWunfYGlseQi7vNNaFRlfpNZNAcIecyHMP_xWztjSDYgIGHHgw4wTzAS8buPUl4B5A5DtKaFmPOleDRao8j4%26cry%3D1%26dbm_d%3DAKAmf-B9nk4JELj-njT7FjpWeItt_tzvm_EZ1YykOO57fGYiAU-9t7idWx1g0OBwO_IJh2a8k0lvBMoxtRlY53xJbxY2CN3QMejyhl8au7o_d-ZQru6CE2dk9GclOMm4qKn5GVylqRvUR8solwD0m2wL42yPDbgRwhI4BiuesAey14Jx5xnDo8KU7YDVLm0RDF1x_fOpv0rvW5TInb3bQnbt7uI1U-1jbiqfVT-W0asHolxbETKrqrIjiHO94wKAEEvwzSiHG0ng9t2xM5_vnc3WU8QJrq7td8dOTLLDrYXEzLXGM5Pf1Zyyi-mOQSWwZoumTJVGVxnYwqXHZwHtxz6oJUQ93NhOBG2BC6EeS5Q5Eo3zmNGUejqXTe5IXiP6spG7xTz751BcFGVp-8j__dH51RCDMc-6Rzlt_p4T36qtJEEO3TbPrTxKl-qEa5XmKZulODP4rZBx4WIaXvZzEsKhOYe5EvGK45Ns9ik1IRLN3k_R3wnBsubpHa8wdP1IBGkqDVQ3I-PFt-7ixWQkj3BJl3OQmaEBr0Ub6lZV8dKRSkxvUC4-JP-BMuI_x8t96pwdZaMYboH8jMH4euQtIf6cDW52A4YJu7iUNc0BAhULayKf9484vp8xZSwpSeJrlqNPqIU7ocRmWjcsOLvJ2gcQcdau3OlCiwvSYoW6N1w66C0C9WDajL8%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8866688222114&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900010.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=1f7ae29b41&subid=&uid=04237448202d483f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-UxZZt_2ZLriLPysxdwPwoyd0AaRwdCbafvwg5LcD_AuEAEg0syBGmD1hYCAtATIAQmpAnFU_MewG7I-qAMByAObBKoE4AFP0Jd3hpxOWKwLu7KgAc1KxS8nNLM-lbmkVRHHip2U72_J75GK9ugFogwJFWbZ5FTMpIYIaKuMK57WsWoDTG83Uv6K3SHpgZ14rNglpWfIkVK1HzybrlJ4JyEZmvVs19CiWvq-IObyi5nph4dvcwory9DBSIb0LCOWjCLRKMLriT9CCacDlz2NirG0GKIqL33u4uiDpt285fZXQbpSRFxmh-36N1E7h8UXqRU_BAEwBV0tQtQmGZb7_PmHdOT1y2lJGmoC-8pXk27SvIsavqq8qgwVnjgYBPVHDr0dAY7S5sAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIuq3V0v-SgQMVfFaRBR1CRgdqEAEYASAAEgIYo_D_BwE%26num%3D1%26cid%3DCAQSPABpAlJWgVso435YyrFHMKM_2T5tJdO33EtiADrLjTbet8czCTTFIb3UWAkWUVwVA8jp0nbH3Evgh1O-cRgB%26sig%3DAOD64_15VRnvzIuHbAZ1FiCbEIkJmXT8Ow%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-BRhvOm_o-2YEfbGhNNLJMmyU2e0gZuQSe9GQBSe8jBZwOdbdVsHyX5GEUjs9AmrBTDoAC_Yl6mFdIOpALneQS52PyE1poZWunfYGlseQi7vNNaFRlfpNZNAcIecyHMP_xWztjSDYgIGHHgw4wTzAS8buPUl4B5A5DtKaFmPOleDRao8j4%26cry%3D1%26dbm_d%3DAKAmf-B9nk4JELj-njT7FjpWeItt_tzvm_EZ1YykOO57fGYiAU-9t7idWx1g0OBwO_IJh2a8k0lvBMoxtRlY53xJbxY2CN3QMejyhl8au7o_d-ZQru6CE2dk9GclOMm4qKn5GVylqRvUR8solwD0m2wL42yPDbgRwhI4BiuesAey14Jx5xnDo8KU7YDVLm0RDF1x_fOpv0rvW5TInb3bQnbt7uI1U-1jbiqfVT-W0asHolxbETKrqrIjiHO94wKAEEvwzSiHG0ng9t2xM5_vnc3WU8QJrq7td8dOTLLDrYXEzLXGM5Pf1Zyyi-mOQSWwZoumTJVGVxnYwqXHZwHtxz6oJUQ93NhOBG2BC6EeS5Q5Eo3zmNGUejqXTe5IXiP6spG7xTz751BcFGVp-8j__dH51RCDMc-6Rzlt_p4T36qtJEEO3TbPrTxKl-qEa5XmKZulODP4rZBx4WIaXvZzEsKhOYe5EvGK45Ns9ik1IRLN3k_R3wnBsubpHa8wdP1IBGkqDVQ3I-PFt-7ixWQkj3BJl3OQmaEBr0Ub6lZV8dKRSkxvUC4-JP-BMuI_x8t96pwdZaMYboH8jMH4euQtIf6cDW52A4YJu7iUNc0BAhULayKf9484vp8xZSwpSeJrlqNPqIU7ocRmWjcsOLvJ2gcQcdau3OlCiwvSYoW6N1w66C0C9WDajL8%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8866688222114&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 387
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=28856900032455504438458012438010&pv=1 HTTP 302
  • https://www.conrad.ch/ztpv.php?awc=11467_414915_1693900648_dc213840-4bc1-11ee-9f65-22389f6b057d&insert=AW&gdpr=&gdpr_consent=
Request Chain 398
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=28856900032455504438458012438010&pv=0 HTTP 302
  • https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
Request Chain 403
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEOYvMgIbETRWgOyJMoPCaW0&google_cver=1&google_push=AXcoOmSfOodadZ5Vwo7vP7dnZuB8ofnmzqkxORwRvsq1rmZoWSCjEuhqmnl4tS39OCoBx_-1LXseQCxHeEE0fPgvH366xLUJqQEgYw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823308758890
Request Chain 404
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFSeYnovsvyn3Nlvjdi0UEc&google_cver=1&google_push=AXcoOmTBa0Q5FdTOVF2lL8ZofS8W3Te1aduiTOEH2ZX_IqGc9kdbHQkoCJQJQjM2EZXychFijF6W-ZWOHFDsv0xDEx2N27-APIFuqQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFSeYnovsvyn3Nlvjdi0UEc&google_cver=1&google_push=AXcoOmTBa0Q5FdTOVF2lL8ZofS8W3Te1aduiTOEH2ZX_IqGc9kdbHQkoCJQJQjM2EZXychFijF6W-ZWOHFDsv0xDEx2N27-APIFuqQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ4NzM5ODA1ODY0Mjk3MTY4OA&google_push=AXcoOmTBa0Q5FdTOVF2lL8ZofS8W3Te1aduiTOEH2ZX_IqGc9kdbHQkoCJQJQjM2EZXychFijF6W-ZWOHFDsv0xDEx2N27-APIFuqQ
Request Chain 405
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECl-oCt6AmZGXJdi9v5DJJI&google_cver=1&google_push=AXcoOmRrwgKZS3fwumDrx_0TM6gzEam8vwWjXYifcR5QDZcE-pCoWQ39uqA2gGv3EqJm83ytpf_bMEiAk9f67aACPVONQyk_cdTt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECl-oCt6AmZGXJdi9v5DJJI&google_hm=ZPbfZ0qlawjyk8gODy6d8gAAFHAAAAIB&google_nid=index&google_push=AXcoOmRrwgKZS3fwumDrx_0TM6gzEam8vwWjXYifcR5QDZcE-pCoWQ39uqA2gGv3EqJm83ytpf_bMEiAk9f67aACPVONQyk_cdTt
Request Chain 407
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQU3lcX1U05aztW9NX1BtO9FQr2Vjt_W0bNTm8jrdNibS1Yx2UvTSqVBQcyGA9iXP9nKRFbYPmPtVFEZV9Mx12Mif-_epAppe4&google_gid=CAESEKQmpB0ow3t5x47t-AszADk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKQmpB0ow3t5x47t-AszADk&google_hm=T1BVNTBkYTgxYmE0MTAzNGVmMTk3YmEwOWI0MTEwNGFmOWU&google_nid=opera_norway_as&google_push=AXcoOmQU3lcX1U05aztW9NX1BtO9FQr2Vjt_W0bNTm8jrdNibS1Yx2UvTSqVBQcyGA9iXP9nKRFbYPmPtVFEZV9Mx12Mif-_epAppe4
Request Chain 408
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEFY0aiDUT8_2vVKwHpT95L0&google_cver=1&google_push=AXcoOmTi2fBCSLzug60v649HvUBTqNmK7XgzlbcBS2gKdJ1mUqlaxK-6i4ut7j9FNH8nrm53SAcqr6xFLGcQ3dGQ2tRGw3HqNojZffY HTTP 302
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEFY0aiDUT8_2vVKwHpT95L0&google_cver=1&google_push=AXcoOmTi2fBCSLzug60v649HvUBTqNmK7XgzlbcBS2gKdJ1mUqlaxK-6i4ut7j9FNH8nrm53SAcqr6xFLGcQ3dGQ2tRGw3HqNojZffY&chk=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NmI3YWY5NjFhNzVhOWRhOA&google_push=AXcoOmTi2fBCSLzug60v649HvUBTqNmK7XgzlbcBS2gKdJ1mUqlaxK-6i4ut7j9FNH8nrm53SAcqr6xFLGcQ3dGQ2tRGw3HqNojZffY HTTP 302
  • https://sync.gonet-ads.com/match/google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NmI3YWY5NjFhNzVhOWRhOA&google_push= HTTP 302
  • https://s0.2mdn.net/dot.gif?google_error=5
Request Chain 409
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDjuzDfZHzNy0oyBYFPE_WI&google_cver=1&google_push=AXcoOmQhpEV1V9FLaBhGWRArYB2fT6dAZB9O5cXZOKLPBMlzJl3di_gLUM0NaO-TP2pDdUQr91k6CFfUZjxH4mYTgK_Cwlzbv08jeQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Nzc4OTM4MjIyNzM1ODg2MDI4Nw%3D%3D&google_gid=CAESEDjuzDfZHzNy0oyBYFPE_WI&google_cver=1&google_push=AXcoOmQhpEV1V9FLaBhGWRArYB2fT6dAZB9O5cXZOKLPBMlzJl3di_gLUM0NaO-TP2pDdUQr91k6CFfUZjxH4mYTgK_Cwlzbv08jeQ
Request Chain 446
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7789382227358860287
Request Chain 448
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimRYtG2_onuEbDxGPOi2XotTqI9ENO_x0g
Request Chain 451
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Y13uLbMQnlrWxAkiIzm0Q-3Mh--ColqZspFU0UNl-iU
Request Chain 453
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESENtrAmKs4C6e4k2sws-KAq0&google_cver=1
Request Chain 469
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=795f1f27-d0a5-4a62-8cc2-5b9b350ffee5
Request Chain 470
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7789382227358860287
Request Chain 471
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3588537246703360151&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 473
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimRYtS0yOIJG7_O1nEOhPxUDsA3Y7UobSw
Request Chain 474
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=bSm8CFePDnJhJlhbT8VuSe46TJsnAQ9v5jZ6mBZuyYg
Request Chain 478
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7789382227358860287
Request Chain 483
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESENtrAmKs4C6e4k2sws-KAq0&google_cver=1
Request Chain 496
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6487398058642971688

530 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
www.bg3.co/a/ 		52 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
77e6dc54dc7dad79d423221d14d886719098bfde4af86a064451e11dadaa67d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=900
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 05 Sep 2023 07:57:23 GMT
etag
"ced6-/FRuMNVLaJfM06ygeZVjgcQrHaU"
expires
Tue, 05 Sep 2023 08:12:23 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
a303bdbfce6897ec74ce030b85480f417f9e17804f7a19b8f2a90feff115b94f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 05 Sep 2023 07:57:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72923
x-xss-protection
0
server
sffe
etag
"8f05ddb4de6114d6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Sep 2023 07:57:24 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
58cead55b65f3b0678c4b30ae3d13b6e12567e960e0bb85cdde591943acc9932
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 05 Sep 2023 07:57:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9638
x-xss-protection
0
server
sffe
etag
"3c97018a73867a04"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Sep 2023 07:57:24 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
b259bb222a39b3d352bd17275abf5799be7aba7c78275743c801ad55b7332531
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 05 Sep 2023 07:57:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7567
x-xss-protection
0
server
sffe
etag
"694191137fe44b1a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Sep 2023 07:57:24 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4362
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDM4tOMg5AA%2FGJe9DIp3nV8gVI1PEG5megvuxfiBGoFOgxJwzlbcsc6FihAAXq7x%2F1OxPImNR85HKdSVHhSld%2BobS9VXNjDkBLYbJL%2Fy%2FKP3YlaExGzgbvec78OKyj6TzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
801cebd4c8e10e27-MXP

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
player.js
cdn.unibotscdn.com/ubplayer/ 		244 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/player.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-7.bunnyinfra.net
Software
BunnyCDN-DE1-1047 /
Resource Hash
72733561a4030b10d08d15daed28ca2e67708a34c33aad818949c91bf1413787

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:23 GMT
content-encoding
br
cdn-edgestorageid
1049
cdn-storageserver
DE-382
cdn-cachedat
09/02/2023 08:40:33
cdn-pullzone
873945
last-modified
Sat, 02 Sep 2023 08:40:17 GMT
server
BunnyCDN-DE1-1047
cdn-fileserver
645
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64f2f4f1-3ce5e"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
d22eaa9cd47bc7b954db4c6e55ab3b6d
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-121.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
21ae83bd23677cdebc8138a1dc65b1479d03466c9200e943acfcf4a9adc33702

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Tue, 05 Sep 2023 07:57:24 GMT
x-ap-device
DESKTOP
content-encoding
br
last-modified
Tue, 05 Sep 2023 07:00:30 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-ap-geo
CH
content-length
10026
expires
Tue, 05 Sep 2023 08:57:24 GMT
adpushup.js
cdn.adpushup.com/42753/ 		658 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-65.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
0ca5dae92ef6608fe14a8ba5e56f72d38b31e7570d98f2287024bfe4a0d53c99

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Tue, 05 Sep 2023 07:57:24 GMT
x-ap-device
DESKTOP
content-encoding
br
last-modified
Thu, 31 Aug 2023 21:40:02 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-ap-geo
CH
server-timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1693900643986_389467969_553686159_438_2462_21_41_146";dur=1
content-length
141535
expires
Tue, 05 Sep 2023 08:57:24 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		492 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d18f454f7e603f14987f9bf125ed39f724ea896af2c6671415da8d9089b38f72

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
SFil6tBLkk3dfR8joynr4nYI9V59ug6S
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 07:57:23 GMT
x-amz-request-id
CW6JAEW0GMK5TTB3
age
9
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
53746
x-amz-id-2
FsZuXHNSnmYc/vzW2J+qbWihHrBypaDLiV8eqjzr7vNFOw4nsJYuIEYEoPF69KBeucIEJA3OrQ0=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 04 Sep 2023 14:25:00 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693900644.709342,VS0,VE1
etag
"8ba4cd1abf001826f0ca6c287790ea6b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
73
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
impl.20230904-6-RELEASE.js
cdn.taboola.com/libtrc/ 		804 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e22158808f2f86a0356dd020a0a86bdfded121d34ecc9055830973870e674115

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jk1U17_tVU9HHlI58kwr84SV8wNlkfRk
content-encoding
br
via
1.1 varnish
date
Tue, 05 Sep 2023 07:57:23 GMT
x-amz-request-id
8N3WWZS83FY7KXYZ
age
24074
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
170198
x-amz-id-2
1Pd1M/fJq1x3ptOaUCNdcj1gaKA8gdpblHHvPIZ1QnUvgFp7XWDXIFPigWO79nbvUhNRK8ed8aY=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 04 Sep 2023 08:57:08 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693900644.791325,VS0,VE0
etag
"7e2de674deacd469493acfda59783351"
vary
Accept-Encoding
content-type
application/javascript
abp
92
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
52381
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:23 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
219330
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		72 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=09%3A57%3A23.888&lti=deflated&data=%7B%22id%22%3A164%2C%22ii%22%3A%22%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1693837489150%2C%22vi%22%3A1693900643885%2C%22cv%22%3A%2220230904-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html%22%2C%22vpi%22%3A%22%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3324%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A726%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a58656445d097f968ab662bc5a79d6ae8e1a892c1a2db490b05bf923b04819e4

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
410
date
Tue, 05 Sep 2023 07:57:24 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
64114
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230054-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1693900644.911324,VS0,VE410
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
de37dc0e36c317ca19bb99f835970764.jpg
static.bg3.co/imgs/202105/ 		0
0
a68898c706bc6b04bc2dd3471b3e22f3.jpg
static.bg3.co/imgs/202105/ 		0
0
8a47051f735d869cecc5046fc47c3526.jpg
static.bg3.co/imgs/202105/ 		0
0
0dac90e1839c99d9d69d400ee20d9d38.jpg
static.bg3.co/imgs/202105/ 		0
0
b24eedd81e402f8cb5bef31289d1bb7d.jpg
static.bg3.co/imgs/202107/ 		0
0
2ecffc37e7a62c36e57164786223e95f.jpg
static.bg3.co/imgs/202105/ 		0
0
3ac291c7305c88901c3df6b174df8143.jpg
static.bg3.co/imgs/202105/ 		0
0
c2a649550fc5c3360a2f5119eb00a6e1.jpg
static.bg3.co/imgs/202105/ 		0
0
5dbffc6cc1e3699e2c875ed66acc2bbc.jpg
static.bg3.co/imgs/202201/ 		0
0
69eb2b7b007aeffffcc8f1aa329f3542.jpg
static.bg3.co/imgs/202105/ 		0
0
b938bdc40c30b7a73c865eab6d72dd6d.jpg
static.bg3.co/imgs/202105/ 		0
0
0d3827069cc5f886002c6cd231fbc527.jpg
static.bg3.co/imgs/202106/ 		0
0
fef30f1938401028641b272d4301e361.jpg
static.bg3.co/imgs/202105/ 		0
0
810a31968784ce18d51dff616f75fea2.jpg
static.bg3.co/imgs/202105/ 		0
0
11bb8aec63ef205b47665e9dd503d778.jpg
static.bg3.co/imgs/202105/ 		0
0
826d06cb51021708ffa6d2bf845c955e.jpg
static.bg3.co/imgs/202105/ 		0
0
b8cff058f989fa5bccb77eb4fdd2bcb1.jpg
static.bg3.co/imgs/202106/ 		0
0
5cd85a791fb4980fab8923eed5abbfc8.jpg
static.bg3.co/imgs/202204/ 		0
0
49c829efff5bbd729fe9b0608d67a305.jpg
static.bg3.co/imgs/202105/ 		0
0
67f991e2eaba519b52f510e8a9d5c834.jpg
static.bg3.co/imgs/202107/ 		0
0
923f2527bf69ca8f76bb42b2bb2269f2.jpg
static.bg3.co/imgs/202105/ 		0
0
0209803747d97e8f89902dc0d695149e.jpg
static.bg3.co/imgs/202106/ 		0
0
d4edd3f1f86be32eedec93e95668c194.jpg
static.bg3.co/imgs/202105/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012308181609000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
08d502e7f6319b0015d0ea006b216f287353f60e0cd84462a5a43d6294bfea7a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:08 GMT
age
559516
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2971
x-xss-protection
0
server
sffe
etag
"81fe35e806c986f9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:08 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012308181609000/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
c5a151f6d9e09fd60bf6973d09630854a1ea0545ac0cbeb88dec0790b3c04b7b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:08 GMT
age
559516
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23145
x-xss-protection
0
server
sffe
etag
"1e24d49ff16f97fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:08 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		4 KB
857 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
22dc79ab92abba87adc663fbd3b8d9242b1ede690743e6d92eca2d5d69ec597b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
509
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012308181609000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
a7c94d5780fa800afb0066d0ceed10b6488d78ec4cb2a85c42e5772b6218cd26
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:09 GMT
age
559515
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3937
x-xss-protection
0
server
sffe
etag
"256c2c03e8e2f982"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:09 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1693900644.dop260.fr8.t,1693900644.cds137.fr8.hn,1693900644.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-14e98"
vary
Accept-Encoding
x-hw
1693900644.dop260.fr8.t,1693900644.cds137.fr8.hn,1693900644.cds235.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
bg3.json
cdn.unibotscdn.com/clientdata/ 		19 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/bg3.json
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-7.bunnyinfra.net
Software
BunnyCDN-DE1-1047 /
Resource Hash
3f18968d0dacf1850dfce645f211ad6244443b9af0415f380ea27f0e835cb58f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
content-encoding
gzip
cdn-edgestorageid
1078
cdn-storageserver
DE-383
cdn-cachedat
09/03/2023 07:31:15
cdn-pullzone
873945
last-modified
Sun, 03 Sep 2023 07:30:40 GMT
server
BunnyCDN-DE1-1047
cdn-fileserver
652
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
5cae11d9abebc09fac7304d14b5c1d21
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
floating-unit.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0523c9f4c6e8ba75215efcb5a0dd935a921f2f7ab3fb4704ce76e1581b138f8f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
D3DglCOOW84JYQNqk7ID7S3_p_6CiWzs
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 07:57:24 GMT
x-amz-request-id
JPYDD4SSKR8MCTRS
age
62781
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2474
x-amz-id-2
UJkY4Kko6/wjFfNdTb+YVw9oqtVqSDVrVXmgBtTdHQCH6xmCWTsYiU5YHm42lVKGIWGDRO4XOkE=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 04 Sep 2023 14:31:03 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693900644.394321,VS0,VE0
etag
"2f075479883762ccb190880a2d99a178"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
83
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
13860
taboola-vignette-new-scanning.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c81fdea7c18bbcfa19c107195f178531a1894893820fa4f813e8a2d4626e7ee

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xmMBkYtuuW47LdSWY5BUbGy0ghMetvTo
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 07:57:24 GMT
x-amz-request-id
5T1KK2BNXZNSNX6G
age
62893
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
xlaJ5AIcaD0G55Vs1F8xxCsBXqsWGoFlelr7vfzD6PXk1tYbCGsFvp9Sr6qLMDZVXVItdTzNGhk=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 04 Sep 2023 14:29:11 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693900644.394326,VS0,VE0
etag
"b64dfc1b22cb23aa523b455c1b278478"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
18
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
10532
distance-from-article.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c96ae71aaa29dc81173e75f0decbce2c96524acc59f1dc3e99a0292560a2b892

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ruu4PbfFv9F.pklh3YFshckUHZATjcAR
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 07:57:24 GMT
x-amz-request-id
XNND8DQ3RKY2609S
age
62791
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
q1s/WHbGAxlpKmp/QE+hPKQdUp27403c9O3htQzUUBOO+gbngLFcqpcgNiDQUgdKniHQly7ilYw=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 04 Sep 2023 14:30:53 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693900644.417499,VS0,VE0
etag
"bb24e279c0edcbe16d2ff26dac9946d1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
67
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
118439
article-detection.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16c56af26101715bb14f3afe53bf3f2c60a1413cbe8e58a1d2c6d8296908f665

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
dAfcl7T78Er6rPdaZTzNlHoGxBe5RVzB
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 07:57:24 GMT
x-amz-request-id
KMP4KN8VQ3YDFGS3
age
62798
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
z3ad1XjZEvOi0XNVO1TJA7oEWrW3NjMEo/dlNzLoLaAaxd2593L3JzIky/coIXQqFH7X42AtOYQ=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 04 Sep 2023 14:30:46 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693900644.417483,VS0,VE0
etag
"314d847535f292f04cfd0a2d8c97c85c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
98
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
118360
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.2.9/ 		127 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3aae61f075cc64d2d2a1918694af9db5df06c7a638c6162f5840c5618f59bd03

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
63114
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
36490
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Mon, 04 Sep 2023 14:25:10 GMT
server
AmazonS3
x-timer
S1693900644.496366,VS0,VE0
etag
"fd7ae01836d3569c79370b947186fc34"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
zY8aCoBHNlS93pxqjFjaT-d-7We2oA4brP-hg1H22wJfPEM1hA9XIg==
x-cache-hits
9465
feed-card-placeholder.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53294044ef54aa72d219a20ecea405f082270bb7774af92c6117b2c7a5ea8013

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Sk1bcwleyN_qqithDpBNUsr0W1R2UqT8
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 07:57:24 GMT
x-amz-request-id
QRD5SFEZSNMA64D3
age
62786
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
gw1E9FklBAX1AZJLbIYs0t8+JOY+swBIOs61f76NHGWQLrhATLPRyOKykYCJpI3GCLvK188CIDQ=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 04 Sep 2023 14:30:58 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693900644.426311,VS0,VE0
etag
"fb5fdfa274fdc2467deb2cb66f816ee1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
54
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
108756
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 07:57:24 GMT
x-amz-request-id
CCG7A4WVWN5WJAVZ
age
99
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693900644.436286,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
27
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
132
userx.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
920e61c4d114a96b890545ff904a61109578821e50306b6d9f642cebead0eca3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
N6hfAjlKhFNePYVDpSYPJFlnUKeUcEBX
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 07:57:24 GMT
x-amz-request-id
M2FK4504D1G57G47
age
62890
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
LWact0OSJSY7gQeT1EFVPAJcfL13FmAFfs6ms38IClQUA4jrVHhdqajN24xuWkvvcLTHyf2NPd8=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 04 Sep 2023 14:29:15 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693900644.436259,VS0,VE0
etag
"bef5c48573436bea4af3bca2d3a096c2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
95
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
21958
explore-more.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f6a107a3fdb1536c81826561e818486e2a0ae0b230df8b15f908af89b0071e0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9aCR3CsxQRfi1yApXyNkSCs5mGjw4Dlp
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 07:57:24 GMT
x-amz-request-id
3E8D9AJGN56PHHM7
age
62788
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8803
x-amz-id-2
3PoOsd6dYM7cvva6dXf5VfR3NxruJDP9xi2dcvJy7iEKG2JD27VwKQzcJqxiM9j7hH108qd/14g=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 04 Sep 2023 14:30:56 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693900644.468272,VS0,VE0
etag
"faaae21a0564075e67ac64af0bda9aad"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
11
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
62539
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=12238&lti=deflated&ri=9876a55b96b3003c082b9837606c4b1b&sd=v2_4524d302bfab4ad2f721ecd5ec8a94c4_b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3_1693900643_1693900643_CNawjgYQ2YJdGK284qKmMSABKAEwKziy0A1Au4gQSK-i3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3&pi=/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&wi=-667720159184682491&pt=text&vi=1693900643885&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=09%3A57%3A24.380&id=384&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=12238&lti=deflated&ri=9876a55b96b3003c082b9837606c4b1b&sd=v2_4524d302bfab4ad2f721ecd5ec8a94c4_b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3_1693900643_1693900643_CNawjgYQ2YJdGK284qKmMSABKAEwKziy0A1Au4gQSK-i3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3&pi=/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&wi=-667720159184682491&pt=text&vi=1693900643885&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1693900644381%7D&tim=09%3A57%3A24.381&id=9786&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=12238&lti=deflated&ri=9876a55b96b3003c082b9837606c4b1b&sd=v2_4524d302bfab4ad2f721ecd5ec8a94c4_b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3_1693900643_1693900643_CNawjgYQ2YJdGK284qKmMSABKAEwKziy0A1Au4gQSK-i3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3&pi=/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&wi=-667720159184682491&pt=text&vi=1693900643885&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1693900644398%7D&tim=09%3A57%3A24.398&id=9089&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=12238&lti=deflated&ri=9876a55b96b3003c082b9837606c4b1b&sd=v2_4524d302bfab4ad2f721ecd5ec8a94c4_b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3_1693900643_1693900643_CNawjgYQ2YJdGK284qKmMSABKAEwKziy0A1Au4gQSK-i3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3&pi=/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&wi=-667720159184682491&pt=text&vi=1693900643885&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A57%3A24.456&id=8530&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A57%3A24.463&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=6907&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
51537
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A57%3A24.464&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=9471&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
51537
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A57%3A24.483&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=8883&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
51537
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A57%3A24.484&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=3226&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
51537
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A57%3A24.491&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=6773&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
51537
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A57%3A24.506&type=usage&msg=New_CTA-event-1693900644506&llvl=2&id=8524&cv=20230904-6-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~2675586259779403774~~aPXoj2ZzLS8bA%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
51537
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A57%3A24.506&type=usage&msg=New_CTA-event-1693900644506&llvl=2&id=3588&cv=20230904-6-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~2675586259779403774~~aPXoj2ZzLS8bA%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
51537
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A57%3A24.509&type=usage&msg=New_CTA-event-1693900644509&llvl=2&id=1234&cv=20230904-6-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~8312721823682263634~~XuTJC-a3PNDm4%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
51537
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A57%3A24.510&type=usage&msg=New_CTA-event-1693900644510&llvl=2&id=627&cv=20230904-6-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~8312721823682263634~~XuTJC-a3PNDm4%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
51537
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A57%3A24.520&type=usage&msg=New_CTA-event-1693900644520&llvl=2&id=7134&cv=20230904-6-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~2675586259779403774~~K3npCWm97PkwR%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
51537
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A57%3A24.520&type=usage&msg=New_CTA-event-1693900644520&llvl=2&id=7155&cv=20230904-6-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~2675586259779403774~~K3npCWm97PkwR%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
51537
f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_675%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_675%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
06cc100d762a6514b0dc5e5c9476cff5c49dd4b7f6cdc499ff36431d94609f56

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 07:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_675%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age
2365224
edge-cache-tag
413171760462916128786953021986728628513,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
413171760462916128786953021986728628513,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
427
expiration
expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://newstral.com/
content-length
35714
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100137-IAD, cache-iad-kiad7000066-IAD, cache-iad-kcgs7200138-IAD, cache-fra-eddf8230054-FRA
last-modified
Tue, 01 Aug 2023 07:50:36 GMT
server
nginx
x-timer
S1693900645.563372,VS0,VE1
etag
"bd3c9118152a191dbc5be6ad3e7a6028"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3, 1
f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8c0de8d914cf413918e4f780b2c92d4ca961c20d87ab023c55b5b6b2cc1438af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 07:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age
3029417
edge-cache-tag
413171760462916128786953021986728628513,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
413171760462916128786953021986728628513,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
305
expiration
expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sport1.de/
content-length
29512
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100071-IAD, cache-iad-kjyo7100071-IAD, cache-sna10723-LGB, cache-iad-kcgs7200082-IAD, cache-fra-eddf8230054-FRA
last-modified
Sat, 15 Jul 2023 14:43:31 GMT
server
nginx
x-timer
S1693900645.617296,VS0,VE1
etag
"6cbb6d3f5c4a9ef4c1d57377b9b82231"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 11, 1
eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7e03662baae2a170203c136b546c40cd0503823becb15ab80629e544af9efe19

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 07:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age
1316283
edge-cache-tag
486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
176
expiration
expiry-date="Mon, 18 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.freenet.de/
content-length
18500
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100114-IAD, cache-iad-kiad7000064-IAD, cache-iad-kcgs7200024-IAD, cache-fra-eddf8230054-FRA
last-modified
Fri, 18 Aug 2023 15:33:27 GMT
server
nginx
x-timer
S1693900645.684404,VS0,VE1
etag
"0a2c75440724365af393e298015be867"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 26, 0, 1
2019c936c024fa6fda3c941fa067ea81.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8382752dea1b971983eeee3c2d2059c386b0450cf813ae0b54227303c95d7213

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 05 Sep 2023 07:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
age
1530032
edge-cache-tag
495917111911929012461748354836139372250,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
495917111911929012461748354836139372250,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
244
expiration
expiry-date="Sun, 10 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.timesunion.com/preview/article/The-Capital-Region-s-75-essential-restaurants-13259370.php
content-length
27146
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200099-IAD, cache-iad-kjyo7100039-IAD, cache-sna10730-LGB, cache-iad-kjyo7100043-IAD, cache-fra-eddf8230054-FRA
last-modified
Thu, 10 Aug 2023 01:38:37 GMT
server
nginx
x-timer
S1693900645.693440,VS0,VE0
etag
"4da26575e1978428f0b62597ca689e9e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 939, 2
629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6378d47bbd6a1f775f532cb753cef86ae7c5dda82d0592ac896a73936dc9ccc3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 07:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age
1639008
edge-cache-tag
461980016182532422853203095584589787985,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
461980016182532422853203095584589787985,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
241
expiration
expiry-date="Sun, 10 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://ibctamil.com/
content-length
77796
x-backend-name
US_nlb106
x-served-by
cache-iad-kcgs7200159-IAD, cache-iad-kcgs7200159-IAD, cache-lga21978-LGA, cache-iad-kjyo7100056-IAD, cache-fra-eddf8230054-FRA
last-modified
Thu, 10 Aug 2023 20:02:04 GMT
server
nginx
x-timer
S1693900645.693452,VS0,VE1
etag
"71e7328a598628fe3e7dc8b93d19f889"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1, 0, 1
32a138fd7ef8b664e4231c98c5b25f9b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32a138fd7ef8b664e4231c98c5b25f9b.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bf6ad585e13e6e4b6832a8c8b75b1c83b4e7ee3683c5f786a274527b5fe7d27

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 07:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32a138fd7ef8b664e4231c98c5b25f9b.jpg
age
2517525
edge-cache-tag
588966396686879871830918856448821189567,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
588966396686879871830918856448821189567,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
95
expiration
expiry-date="Tue, 22 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.express.de/
content-length
25448
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200125-IAD, cache-iad-kjyo7100051-IAD, cache-sna10749-LGB, cache-iad-kiad7000098-IAD, cache-fra-eddf8230054-FRA
last-modified
Sat, 22 Jul 2023 09:02:45 GMT
server
nginx
x-timer
S1693900645.724279,VS0,VE1
etag
"34a86780c8427774629d3aba27d34975"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 237, 1
59dc2ff7d57394a42f2e1770eccf577d.jpg
images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c1046a7b5f56b3c23e1162005cfc50b1f0af39546ed1f194f63a1613acf2dea4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 05 Sep 2023 07:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
age
1287603
edge-cache-tag
553345370031307653688610699912439950752,547259280119040429728062571465126378377,29ecf9b93bbf306179626feeda1fab70
cache-tag
553345370031307653688610699912439950752,547259280119040429728062571465126378377,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
169
expiration
expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.staradvertiser.com/
content-length
10060
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000160-IAD, cache-iad-kiad7000087-IAD, cache-iad-kcgs7200057-IAD, cache-fra-eddf8230054-FRA
last-modified
Tue, 01 Aug 2023 05:55:16 GMT
server
nginx
x-timer
S1693900645.733340,VS0,VE0
etag
"d5f7a809c5582096c3cb0ce65205e40b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 200, 2
f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ddae47187a17644dbe7e02cdf7089521d014d35e172c5c068b16213702bd5c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 05 Sep 2023 07:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age
2473186
edge-cache-tag
413171760462916128786953021986728628513,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
413171760462916128786953021986728628513,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
321
expiration
expiry-date="Wed, 16 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tag24.de/
content-length
31858
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200103-IAD, cache-iad-kiad7000057-IAD, cache-sna10739-LGB, cache-iad-kiad7000139-IAD, cache-fra-eddf8230054-FRA
last-modified
Sun, 16 Jul 2023 08:21:22 GMT
server
nginx
x-timer
S1693900645.733309,VS0,VE0
etag
"98191e2eef5b9be911ac38d0d3a74348"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 113, 2
629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0fbbf4f8ecfd45e554e169f6ef4d672b2fd3bbc3a1a79728607a31f7395eba72

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 07:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age
2405411
edge-cache-tag
461980016182532422853203095584589787985,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
461980016182532422853203095584589787985,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
210
expiration
expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.autoplus.fr/
content-length
89246
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200145-IAD, cache-iad-kjyo7100071-IAD, cache-sna10725-LGB, cache-iad-kjyo7100170-IAD, cache-fra-eddf8230054-FRA
last-modified
Mon, 10 Jul 2023 13:45:40 GMT
server
nginx
x-timer
S1693900645.743358,VS0,VE1
etag
"ecebe3f0b20bc86f86907281770c8cb6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 4, 1
eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ca8807fbc1da6011747cf687c91060ced3e90e0e6ff78da4813186f5fc09e54e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 05 Sep 2023 07:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age
1316284
edge-cache-tag
486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
480
expiration
expiry-date="Mon, 18 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hoerzu.de/
content-length
42778
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100114-IAD, cache-iad-kiad7000064-IAD, cache-lga21931-LGA, cache-iad-kjyo7100053-IAD, cache-fra-eddf8230054-FRA
last-modified
Fri, 18 Aug 2023 15:33:27 GMT
server
nginx
x-timer
S1693900645.765491,VS0,VE0
etag
"0a2c75440724365af393e298015be867"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1345, 8
2019c936c024fa6fda3c941fa067ea81.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b1f092f6197eacc2363e809fd2dc07638f8a9859883130d144ca74903027b870

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 07:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
age
3414108
edge-cache-tag
495917111911929012461748354836139372250,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
495917111911929012461748354836139372250,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
435
expiration
expiry-date="Wed, 16 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://d-26223547671233016175.ampproject.net/
content-length
93950
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100071-IAD, cache-iad-kcgs7200092-IAD, cache-lga21974-LGA, cache-iad-kjyo7100020-IAD, cache-fra-eddf8230054-FRA
last-modified
Sun, 16 Jul 2023 11:09:14 GMT
server
nginx
x-timer
S1693900645.774379,VS0,VE1
etag
"fd2cfe471f8e594719367f0536a90b0a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 165, 1
next-up-widget.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36e0d542a26e9291d9a13b1686f8acf7f4499e4b386a7e9387e5e04ad46e4210

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
0N3fswomIeV_cgcMtz6pe3ujgSmnWMrF
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 07:57:24 GMT
x-amz-request-id
7G0BAK559MFPNTT5
age
62778
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
TwCJ1hzxIM4odpfA+nr9uD4ZePSTcrnHEQK5yEuyBhe9Pqlhuj81LeQCEmVT9kOE7IA/jgbf37s=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 04 Sep 2023 14:31:06 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693900645.563380,VS0,VE0
etag
"9668a4b280e1c3ec93ab1607871c6e9c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
87
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
13504
bg3.js
cdn.unibotscdn.com/clientdata/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/js/bg3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-7.bunnyinfra.net
Software
BunnyCDN-DE1-1047 /
Resource Hash
85644dd43bd4cd844ab209f5eb91ee8d46e01b891214145ff2e89a5a3ef5a00d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-168
cdn-cachedat
08/26/2023 12:01:21
cdn-pullzone
873945
last-modified
Sat, 26 Aug 2023 12:00:46 GMT
server
BunnyCDN-DE1-1047
cdn-fileserver
660
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64e9e96e-57f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
ec02025dbef492d780edcb79eb720a3f
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		975 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-7.bunnyinfra.net
Software
BunnyCDN-DE1-1047 /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-588
cdn-cachedat
08/09/2023 17:49:28
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1047
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-3cf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
a8eca7125247d9c82d69c4d2be750b2e
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-7.bunnyinfra.net
Software
BunnyCDN-DE1-1047 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-164
cdn-cachedat
08/28/2023 14:43:30
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1047
cdn-fileserver
576
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-eda"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
ba56f46687a953a7f3cb8136d765cd88
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-7.bunnyinfra.net
Software
BunnyCDN-DE1-1047 /
Resource Hash
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-680
cdn-cachedat
08/29/2023 14:59:51
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:08 GMT
server
BunnyCDN-DE1-1047
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf618-9cdf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
46cba878d1aacb0bd856bb5fae62b3bc
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
bg3.css
cdn.unibotscdn.com/clientdata/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/css/bg3.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-7.bunnyinfra.net
Software
BunnyCDN-DE1-1047 /
Resource Hash
c6dedbf49578df8b1ec598034daa1324e417fbeef3602a7b7ab570390fb46fd3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
content-encoding
br
cdn-edgestorageid
863
cdn-storageserver
DE-167
cdn-cachedat
08/09/2023 22:25:50
cdn-pullzone
873945
last-modified
Tue, 01 Aug 2023 11:45:19 GMT
server
BunnyCDN-DE1-1047
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64c8f04f-534"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
a3333475272adbc829a526fbc46f2290
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ub-player.css
cdn.unibotscdn.com/ubplayer/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/css/ub-player.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-7.bunnyinfra.net
Software
BunnyCDN-DE1-1047 /
Resource Hash
1e229e795661d9b3f0e7534df3b8af346ca934a563664581f9b978133c48e281

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
content-encoding
br
cdn-edgestorageid
1054
cdn-storageserver
DE-599
cdn-cachedat
09/03/2023 13:09:27
cdn-pullzone
873945
last-modified
Fri, 25 Aug 2023 08:08:48 GMT
server
BunnyCDN-DE1-1047
cdn-fileserver
647
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64e86190-1b06"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
55d987f0f9aa465caaf5381639e17082
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		356 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
sffe /
Resource Hash
cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125515
x-xss-protection
0
expires
Tue, 05 Sep 2023 07:57:25 GMT
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=12238&lti=deflated&ri=9876a55b96b3003c082b9837606c4b1b&sd=v2_4524d302bfab4ad2f721ecd5ec8a94c4_b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3_1693900643_1693900643_CNawjgYQ2YJdGK284qKmMSABKAEwKziy0A1Au4gQSK-i3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3&pi=/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&wi=-667720159184682491&pt=text&vi=1693900643885&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1091%7D%22%2C%22eventTime%22%3A1693900644688%7D&tim=09%3A57%3A24.688&id=7403&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A57%3A24.724&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2061&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
51537
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f10.1e100.net
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 06:29:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Sep 2023 07:57:25 GMT
spa-detector.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db94893653c53b70e0c63bd0b7c24b0cbf802b844f6613001062c7c0725d5b65

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
AgtIWe8RAu.bsPj0j8BR9nQYLc4oOb5r
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 07:57:24 GMT
x-amz-request-id
Y6JRJN1X18GXN11T
age
62772
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
779
x-amz-id-2
QxpVToeN+aqm/lXOi9Y/pMdrOLhUtAL0R1eM3/ZaRbvHHt9fxyjN6mjWwE8Un7cq5kxYw7itPEY=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 04 Sep 2023 14:31:13 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693900645.755375,VS0,VE0
etag
"658119ffa9cdad090a44b659ec9886c8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
48
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
63795
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=12238&lti=deflated&ri=9876a55b96b3003c082b9837606c4b1b&sd=v2_4524d302bfab4ad2f721ecd5ec8a94c4_b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3_1693900643_1693900643_CNawjgYQ2YJdGK284qKmMSABKAEwKziy0A1Au4gQSK-i3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3&pi=/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&wi=-667720159184682491&pt=text&vi=1693900643885&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A57%3A24.732&id=4954&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=12238&lti=deflated&ri=9876a55b96b3003c082b9837606c4b1b&sd=v2_4524d302bfab4ad2f721ecd5ec8a94c4_b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3_1693900643_1693900643_CNawjgYQ2YJdGK284qKmMSABKAEwKziy0A1Au4gQSK-i3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3&pi=/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&wi=-667720159184682491&pt=text&vi=1693900643885&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1693900644733%7D&tim=09%3A57%3A24.733&id=7564&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=12238&lti=deflated&ri=9876a55b96b3003c082b9837606c4b1b&sd=v2_4524d302bfab4ad2f721ecd5ec8a94c4_b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3_1693900643_1693900643_CNawjgYQ2YJdGK284qKmMSABKAEwKziy0A1Au4gQSK-i3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3&pi=/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&wi=-667720159184682491&pt=text&vi=1693900643885&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A57%3A24.735&id=2483&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=12238&lti=deflated&ri=9876a55b96b3003c082b9837606c4b1b&sd=v2_4524d302bfab4ad2f721ecd5ec8a94c4_b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3_1693900643_1693900643_CNawjgYQ2YJdGK284qKmMSABKAEwKziy0A1Au4gQSK-i3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3&pi=/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&wi=-667720159184682491&pt=text&vi=1693900643885&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1693900644737%7D&tim=09%3A57%3A24.737&id=1856&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=12238&lti=deflated&ri=9876a55b96b3003c082b9837606c4b1b&sd=v2_4524d302bfab4ad2f721ecd5ec8a94c4_b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3_1693900643_1693900643_CNawjgYQ2YJdGK284qKmMSABKAEwKziy0A1Au4gQSK-i3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3&pi=/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&wi=-667720159184682491&pt=text&vi=1693900643885&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2217.9375%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A57%3A24.781&id=1207&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A57%3A24.797&type=usage&msg=New_CTA-event-1693900644797&llvl=2&id=2462&cv=20230904-6-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~2675586259779403774~~RkeT1-jrD5oRN%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
50000
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A57%3A24.797&type=usage&msg=New_CTA-event-1693900644797&llvl=2&id=2391&cv=20230904-6-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22filter-next_up%22%2C%22itemId%22%3A%22~~V1~~2675586259779403774~~RkeT1-jrD5oRN%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
50000
f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b6f86771624c80556823d18c77850c02dc5265fba52e3f1459b5de3d0519f79f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 07:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age
2572541
edge-cache-tag
413171760462916128786953021986728628513,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
413171760462916128786953021986728628513,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
75
req-referer
https://ziarulunirea.ro/burse-pentru-elevii-cu-media-10-la-bacalaurea-si-evaluarea-nationala-cati-bani-vor-putea-primi-elevii-cu-coronita-844864/
content-length
4882
x-request-id
1c3feebb02d1c47c4b9f5b558eb4d1fa
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000099-IAD, cache-iad-kjyo7100049-IAD, cache-chi-klot8100137-CHI, cache-iad-kcgs7200157-IAD, cache-fra-eddf8230054-FRA
last-modified
Fri, 28 Jul 2023 15:42:18 GMT
server
nginx
x-timer
S1693900645.818429,VS0,VE1
etag
"99f28a0677ecaf7b097db6c8ed4612ca"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 29, 1
629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
131b7b6f2de2877da6acd13d298e826ca9f958e21b0795325f31a62120fe3807

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 07:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age
1060754
edge-cache-tag
461980016182532422853203095584589787985,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
461980016182532422853203095584589787985,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
696
req-referer
https://www.newshub.co.nz/
content-length
7746
x-request-id
f00da37abc7fb987ab04b5aad08798f0
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100142-IAD, cache-iad-kiad7000088-IAD, cache-lax10624-LGB, cache-iad-kcgs7200049-IAD, cache-fra-eddf8230054-FRA
last-modified
Thu, 10 Aug 2023 14:24:09 GMT
server
nginx
x-timer
S1693900645.827459,VS0,VE1
etag
"d0128170b80ae3f72d7f0bc017645d98"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
2019c936c024fa6fda3c941fa067ea81.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f81e307dd3880d9af250c4b63d17391beb0dcf32b33a665019945efee087ae21

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 05 Sep 2023 07:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
age
3862465
edge-cache-tag
495917111911929012461748354836139372250,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
495917111911929012461748354836139372250,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
58
req-referer
https://bestrated.co.nz/
content-length
5324
x-request-id
08df7fde17561117ce83bba0ae87ddc6
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100120-IAD, cache-iad-kjyo7100033-IAD, cache-chi-kigq8000143-CHI, cache-iad-kjyo7100112-IAD, cache-fra-eddf8230054-FRA
last-modified
Sat, 24 Jun 2023 00:38:22 GMT
server
nginx
x-timer
S1693900645.826782,VS0,VE0
etag
"baf6759a169ac17b06948f44bbb78a81"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 242, 2
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4162
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8Ywmv0SyDoEB4dMR9EaU4kjGcnE9Ib4%2F5P77ENddBf9MqWxNCn8akNr8ARZJJUNWyb26ast0lQOYnd67MSlPsHpQrUvYa%2FoHtk%2BIvdotw5OTNFddctBjgSzyn26eFmjTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
801cebd63b210e27-MXP
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
3dc74ba4c6ba2d6c2a2d3068f455fade4e15af0d846c145c7039a5209686b3ef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
3dc74ba4c6ba2d6c2a2d3068f455fade4e15af0d846c145c7039a5209686b3ef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-65.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
nginx/1.18.0
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693900645227_389467969_553686781_106_1799_35_0_146";dur=1
content-length
122286
expires
Wed, 04 Sep 2024 07:57:25 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-65.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693900645281_389467969_553686782_59_1778_35_40_146";dur=1
content-length
211
expires
Wed, 04 Sep 2024 07:57:25 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-65.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1693900645281_389467969_553686783_120_1795_35_40_146";dur=1
content-length
18371
expires
Tue, 05 Sep 2023 08:57:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
670b45e4609a11b828d7fbf9f31d3d6703c19d9e734f49228668d616ee4996e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29319
x-xss-protection
0
server
cafe
etag
364 / 19605 / m202308290101 / config-hash: 15830000896466728742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:57:25 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTM5MDA2NDQ4ODksInBhY2tldElkIjoiMDAwMEE3MDEtYzMxYWJkMWMtN2Y0Yy00Mzc3LWJhNGUtNjg4Njc5ZmIxNjZhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ppbi15b3Utemh1YW5nLXNoaS14aWFvLXNhbi15YW4tamluZy16aGFuZy10dS1tb3UtY2h1LWVuYWktbnUteW91LWpvZXljaHUtbWlhbi16aGkta29uZy5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJDSCJ9&c_b=3471.800003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:25 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:25 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012308181609000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
923690f3c0feaf6346a2755af20e2b8580a048126501966a8ccd0fd31c6b53e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:08 GMT
age
559516
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10348
x-xss-protection
0
server
sffe
etag
"279670ab552e383b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:08 GMT
il95o8vjrn
www.clarity.ms/tag/ 		650 B
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/il95o8vjrn
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b64b1e2a757b2e9a3fe1d0073a847dc628f88cb1e47acc13ebf26fe6215dfc25

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
date
Tue, 05 Sep 2023 07:57:25 GMT
x-azure-ref
0Zd/2ZAAAAABRSsH+r4D+SonR5oCY8VjyWlJIRURHRTEzMDYANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
650
expires
-1
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.3333433005946944&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.8282501434421681&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012308181609000/v0/ 		213 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
af0d502a9a7d67163adf186df31255bc15e9f08004dd1ef115c3145c3657da04
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:35:15 GMT
age
559330
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57645
x-xss-protection
0
server
sffe
etag
"2fe8959ce43a8d1d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:35:15 GMT
block.jpg
delivery.adrecover.com/ 		631 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1693900644990
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-121.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Tue, 05 Sep 2023 07:57:25 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
accept-ranges
bytes
content-length
631
expires
Tue, 05 Sep 2023 08:57:25 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTM5MDA2NDQ5OTgsInBhY2tldElkIjoiMDAwMEE3MDEtYzMxYWJkMWMtN2Y0Yy00Mzc3LWJhNGUtNjg4Njc5ZmIxNjZhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ppbi15b3Utemh1YW5nLXNoaS14aWFvLXNhbi15YW4tamluZy16aGFuZy10dS1tb3UtY2h1LWVuYWktbnUteW91LWpvZXljaHUtbWlhbi16aGkta29uZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3580.1000022888184
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:25 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTM5MDA2NDUwMDIsInBhY2tldElkIjoiMDAwMEE3MDEtYzMxYWJkMWMtN2Y0Yy00Mzc3LWJhNGUtNjg4Njc5ZmIxNjZhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ppbi15b3Utemh1YW5nLXNoaS14aWFvLXNhbi15YW4tamluZy16aGFuZy10dS1tb3UtY2h1LWVuYWktbnUteW91LWpvZXljaHUtbWlhbi16aGkta29uZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3584.1000022888184
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:25 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTM5MDA2NDUwMDMsInBhY2tldElkIjoiMDAwMEE3MDEtYzMxYWJkMWMtN2Y0Yy00Mzc3LWJhNGUtNjg4Njc5ZmIxNjZhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ppbi15b3Utemh1YW5nLXNoaS14aWFvLXNhbi15YW4tamluZy16aGFuZy10dS1tb3UtY2h1LWVuYWktbnUteW91LWpvZXljaHUtbWlhbi16aGkta29uZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlY3Rpb25OYW1lIjoiQVBfSV9EXzMzNlgyODBfODYxZTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzMzNlgyODBfODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VydmljZXMiOls1XSwiYWRVbml0VHlwZSI6OH1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3585.2000007629395
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:25 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTM5MDA2NDQ5OTgsInBhY2tldElkIjoiMDAwMEE3MDEtYzMxYWJkMWMtN2Y0Yy00Mzc3LWJhNGUtNjg4Njc5ZmIxNjZhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ppbi15b3Utemh1YW5nLXNoaS14aWFvLXNhbi15YW4tamluZy16aGFuZy10dS1tb3UtY2h1LWVuYWktbnUteW91LWpvZXljaHUtbWlhbi16aGkta29uZy5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3590.900001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:25 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
st
imprammp.taboola.com/ Frame E91A 		577 B
506 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&cmcv=&pix=undefined&cb=1693900645015&uv=3333&tms=1693900645015&abt=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=53b14d04-8647-4b8b-b60c-e79a0f295c92&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ffbda24a8edb461f54bf7058f3bb2ebc66adbb9a0f7143709c0bb2e6de9136d5

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Tue, 05 Sep 2023 07:57:25 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230054-FRA
x-timer
S1693900645.079992,VS0,VE10
sync
am-match.taboola.com/ Frame 1375 		439 B
525 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6f66418be196f2d155fc603bcefbbc69f075a6f2efe0b8ca408ecfe0d962ce2a

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 05 Sep 2023 07:57:25 GMT
machineid
3401
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693900645023&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1547&pt=-1053474370&tz=120&viewable=true&ddast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0a2295778a2842ba08319bc9af15b0a23e1b323fadccd1a8db8c43422798891b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1456
x-cache
MISS
x-served-by
cache-fra-eddf8230054-FRA
pragma
no-cache
server
nginx
x-timer
S1693900645.080196,VS0,VE34
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://vast.aniview.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&cmcv=&pix=31589837&cb=1693900645015&uv=3333&tms=1693900645015&abt=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1693900641418.6!ts:1693900645015&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-length
0
server
nginx
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012308181609000/v0/ 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-analytics-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
53202a3c73552b3385ff4cc5598c6cdabfa4d37acc87cd2fd8c0577494143285
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:03 GMT
age
559522
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32193
x-xss-protection
0
server
sffe
etag
"473971c650298c2f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:03 GMT
nameframe.html
d-19878241193655553232.ampproject.net/2308181609000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-19878241193655553232.ampproject.net/2308181609000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame E91A 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&cmcv=&pix=undefined&cb=1693900645015&uv=3333&tms=1693900645015&abt=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=53b14d04-8647-4b8b-b60c-e79a0f295c92&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3
pr-bh.ybp.yahoo.com/sync/taboola/ Frame E91A 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&cmcv=&pix=undefined&cb=1693900645015&uv=3333&tms=1693900645015&abt=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=53b14d04-8647-4b8b-b60c-e79a0f295c92&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.32.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-32-106.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.html
eus.rubiconproject.com/ Frame 5038 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&cmcv=&pix=undefined&cb=1693900645015&uv=3333&tms=1693900645015&abt=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=53b14d04-8647-4b8b-b60c-e79a0f295c92&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Sep 2023 07:57:25 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
googleanalytics.json
cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/ 		2 KB
951 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:09 GMT
age
559516
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"0fc0eb4a65ca6481"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:09 GMT
ga4.json
amp.analytics-debugger.com/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 05 Sep 2023 07:57:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWHI6X%2Fke4eFIY%2F046TmmB3HQsf8U7f4Lg%2F4CXHgoFab0ZpY3At5EgjeXML92tLSElgmYANV5YcI6%2B%2F0Azz5nSxP17vK%2BNCXc%2FRyeWGWKHNtSj5B2WpV4qkKC%2B5KdtQ4ctcAzK0BCFu%2F1%2F32RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=86400
access-control-allow-credentials
true
x-debug-em-all-ga4amp-version
20230607
cf-ray
801cebda9f2c0e9d-MXP
alt-svc
h3=":443"; ma=86400
gtag.json
cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:10 GMT
age
559515
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
926
x-xss-protection
0
server
sffe
etag
"d9a6653d564716b0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:10 GMT
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_3_3/infra/ 		880 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_3_3/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c600d02f8bebdaca2fbf4897976470c59689fd3712ddc62f8d41d87990e24c82

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1693838046
date
Tue, 05 Sep 2023 07:57:25 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
GDVPGBM0CKBZMQXG
age
62479
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693838047
x-amz-meta-mode
33188
content-length
147083
x-amz-id-2
4Qw50STbd9w98z3B424DeWcJD34Fw0qeBH2pMk2Su0SAPyQaXrNon6guyoaFCyIdd2gcE3pDPTE=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Mon, 04 Sep 2023 14:34:08 GMT
server
AmazonS3-br
x-timer
S1693900645.151387,VS0,VE0
etag
"262be2c25286136101a7edbd0c6c9d71"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
65487
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_3_3/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_3_3/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1693838065
date
Tue, 05 Sep 2023 07:57:25 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
SVM9V49GYTH5Q0RV
age
62481
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693838065
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
SJy+zXmfrrZN8TpDKF2ZWtcZt+lDl8V3GpCKiCksSbU6iKxOYe6TUqyGujqAoWzRiM0ADVAy15s=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Mon, 04 Sep 2023 14:34:26 GMT
server
AmazonS3-br
x-timer
S1693900645.152079,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
88023
amp
www.googletagmanager.com/gtag/ 		684 B
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1375 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 1375 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.32.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-32-106.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 1375 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_3/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1675513
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1693900645.295355,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
169004
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.7/ 		448 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.7/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_3/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e80ab41aa28c4b4ed16b6aa5c8a00ec1b094b866fdc0f72147feaa324829a393

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1693839775
date
Tue, 05 Sep 2023 07:57:25 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HRC22A5QK3T16WNA
age
60829
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693839788
x-amz-meta-mode
33188
content-length
86080
x-amz-id-2
trgASv92kd2SdiuQnfqpq1fGKZOJVAdS6uE7WOVq7mFkwVA/Kh/t4NRhGlaeNkiDPt9HKHhUzXo=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Mon, 04 Sep 2023 15:03:09 GMT
server
AmazonS3-br
x-timer
S1693900645.359428,VS0,VE0
etag
"cf6efc37bc8557b512b19e1e57d64560"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
71775
sync
am-match.taboola.com/ Frame 464B 		439 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_3/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6f66418be196f2d155fc603bcefbbc69f075a6f2efe0b8ca408ecfe0d962ce2a

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 05 Sep 2023 07:57:25 GMT
machineid
3402
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&cmcv=&pix=&cb=1693900645276&uv=3333&tms=1693900645276&su=&abt=nonrv_vA!t120!ufm_vG!ufwfrtb_vA!unf_vA&ft=0&unm=FEED_MANAGER&mntl=1&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-length
0
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&cmcv=&pix=31579697&cb=1693900645313&uv=3333&tms=1693900645313&su=3&abt=nonrv_vA!t120!ufm_vG!ufwfrtb_vA!unf_vA&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-length
0
server
nginx
usync.js
eus.rubiconproject.com/ Frame 5038 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
04ca16cb8689e125ba1b2da9f1cbb75c07693045569adbf250c717279b91c932

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 07:57:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2023 23:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54620
Connection
keep-alive
Content-Length
10124
Expires
Tue, 05 Sep 2023 23:07:45 GMT
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Tue, 05 Sep 2023 07:57:25 GMT
via
1.1 6c19750e796252a348d1690986c10426.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
FCO50-P1
age
2498933
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1693900645.436294,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
z8uBX5rs5yx079LlNzOhRt0m40lBcgssXUNlz-RDQ6Zqn78U46CZIg==
x-cache-hits
697094
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 55E3 		714 B
610 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
3485
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
801cebda58fd0e27-MXP
content-encoding
br
content-type
text/html
date
Tue, 05 Sep 2023 07:57:25 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8izOg3lAF9IdyKnttoeEMDHnk2DtZkNPZUgg1OOcJJXjWusFV%2BctjJYiQMmA1zjPpllR4hUcft5DJWIvvfcCbd0BOPvxrb5E2Ip92mJ3Lp9PFjgXCJwyEVZK8tIigbCOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E64C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Sep 2023 07:57:25 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 05 Sep 2023 07:57:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Tue, 05 Sep 2023 07:57:25 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame CB3E 		714 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
3485
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
801cebda59000e27-MXP
content-encoding
br
content-type
text/html
date
Tue, 05 Sep 2023 07:57:25 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPIU20jYeiUPy208hBQ0Y5lqvM7j8ATaklhohys4fJ%2FZtNI5hMiHvR2%2FLG3nMkN5eDRLjK6%2B0U%2Bew%2BCmtchRMuBqveurIO1iLK%2BmBW6ydLd0DnFVKVihU%2FsRp6%2BqCC9bkw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 66C9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Sep 2023 07:57:25 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 05 Sep 2023 07:57:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
video.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		524 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-7.bunnyinfra.net
Software
BunnyCDN-DE1-1047 /
Resource Hash
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
br
cdn-edgestorageid
860
cdn-storageserver
DE-570
cdn-cachedat
07/06/2023 22:30:42
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:19 GMT
server
BunnyCDN-DE1-1047
cdn-fileserver
340
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"642bf623-830a3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
560fb3452beb8850a0afd42c1ff25ee4
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
generic
match.adsrvr.org/track/cmf/ Frame 464B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 464B 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.32.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-32-106.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 464B 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5D0D 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
bf72b72ccb840c222117ab1c562fdd0b4d40dd6a23ba707be6f8ff09301f20ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7902
x-xss-protection
0
server
cafe
etag
5225405423436696742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:57:25 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame E86E 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0d676b76c53b833818c6e1a63c1fdfe4cfd1c19798f92705e2813522ef468721
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7895
x-xss-protection
0
server
cafe
etag
5064618199515866780
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:57:26 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 12 Sep 2023 07:57:26 GMT
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=10637&tvi50=12238&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
75
date
Tue, 05 Sep 2023 07:57:25 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
63970
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230054-FRA
pragma
no-cache
server
nginx
x-timer
S1693900646.589347,VS0,VE75
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 55E3 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
91cbd4410595f94fa3f3deda346e9245190ac77f4ba4e6326f407a32f4afb086
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28965
x-xss-protection
0
server
cafe
etag
273 / 19605 / 31077576 / config-hash: 15830000896466728742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:57:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame CB3E 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
037087ee621182db62aa2e50c458f28b21525e8bf6e9acd6ea7d2cf631d43e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28958
x-xss-protection
0
server
cafe
etag
541 / 19605 / 31077537 / config-hash: 15830000896466728742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:57:25 GMT
khaos.jpg
token.rubiconproject.com/ Frame 5038 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
vast.aniview.com/api/adserver61/vast/ 		817 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=645c834590f2c48ad908f465&AV_CHANNELID=6469fbec71f13c58010ba477&AV_URL=https%3A%2F%2Fwww.bg3.co&cb=R0.1693900645675&AV_WIDTH=700&AV_HEIGHT=393&AV_GDPR=1&AV_CONSENT=&AV_CCPA=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.7/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
42ebf2a6b299761f5cb258a35a52cb76a1deac34e6b377aca052e81494c20846

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Date
Tue, 05 Sep 2023 07:57:26 GMT
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
X-Bamboo-C-SkSt
1
Transfer-Encoding
chunked
X-Bamboo-WL-Track
track1.aniview.com
Connection
Keep-Alive
X-Bamboo-WL-Player
https://player.aniview.com
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.bg3.co
X-Bamboo-WL-Serve
gov.aniview.com
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
X-HW
1693900645.dop216.fr8.t,1693900645.cds253.fr8.shn,1693900645.dop216.fr8.t,1693900645.cds167.fr8.sc,1693900646.cds167.fr8.p
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230905
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a4e9036d025288ebf7fb62c883e6832633ef0e3f452cceb210921928e4e34b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14192
x-jsd-version
1.0.1803
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4521-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-/kDvqNfeC7N/eJfHvYT50wUxctU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86jd5jiHQsSoU%2BGRqHQEqZk2Bnay1nA0pYVIWI0DgPHv8kZA4nNfPuPVOyNQsrjw5spoewucvkRJeln9WO2d9r2LFScihVeiHyWo2H%2BJrT4Y1KzNRmHFLlWXvbnpl7ZRmIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
801cebde2c150f72-MXP
auction
tlx.3lift.com/header/ 		19 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.149.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-149-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:26 GMT
accept-ch
sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness
x-auction-status
29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 05 Sep 2023 07:57:25 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		255 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4725791b2709623352569ead56317fa9ed6fa76c499cf838d7fa988f5a9b0579
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:26 GMT
an-x-request-uuid
c5c0fe15-0298-4758-9463-c67df76f6496
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.238.175.89; 178.238.175.89; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
255
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		14 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
699631281b60306768d152003e37940875bb02385c377fd1e4f86e76f454fcff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 05 Sep 2023 07:57:25 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 05 Sep 2023 07:57:25 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
hbjson
grid.bidswitch.net/ 		36 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.136.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-136-176.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f1147e61df3d7174fe757616ddb66d15c466bc45c4a62a7f9ac7a1c817dbcaf4

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 05 Sep 2023 07:57:26 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
16441
prebid-request
onetag-sys.com/ 		15 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
14
content-length
3
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
30d5fdb38360c8c0186300d6db338aabb3d7a8362f2908c84b44a033ae673c12

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		9 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=4a8a63d0-e364-4af2-a5e6-81b0fff3ad86%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E9%87%91%E5%8F%8B%E8%8E%8A%E6%98%AF%E5%B0%8F%E4%B8%89%EF%BC%9F%E7%9C%BC%E9%8F%A1%E5%BC%B5%E7%AA%81%E5%86%92%E5%87%BAE%E5%A5%B6%E5%A5%B3%E5%8F%8BJoey%E5%87%BA%E9%9D%A2%E6%8C%87%E6%8E%A7&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=688ea59c-2225-41af-ae99-9e663ea11d0e%3Bc41d1074-b883-4968-b001-894504770507&l_pb_bid_id=374208e214fb733%3B381c88a0e968f4b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=688ea59c-2225-41af-ae99-9e663ea11d0e%3Bc41d1074-b883-4968-b001-894504770507&rp_maxbids=1&slots=2&rand=0.5506046307543153
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5dd1c05968d3cb18639b7b13aaf7ac4a057ccc810ad26d5aae21eff022c73c50

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		39 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f7c168f64aa438778c67a1a94c60e5328b7b18b44c08154d41280d9b5f94491

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiZi59aFKQNbmT5uHH8eXIqtlQm5rnknzBuNnsEv1dsvEoQdVrvg3ZEQGdhzoapU4pXAbAC90mNzuBAisXipH8aFyQfvLweOHnjFNV%2B8BYuxR%2FhZESJ%2FvXIN5Vt35I38e7JXTCN1"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
801cebdca95001f0-ZRH
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f9614fac2f5b3aed8e550af092e65d00d17dbc37eb73d2658f915b9f37dd549

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlzkORR8aRJ0%2FFOUrhP1PnHxeWBCRNH7BQRbUvubZl4Euvdh9GeH213ZfrGXafuISzmvy9Mo5KfnulagW%2B%2B4rmWm2rJ7w1mZbffgVsu7ySGlnNqqtp%2FIH9X9%2Fc%2BZgikt5SRWJtpi"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
801cebdca95201f0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f9614fac2f5b3aed8e550af092e65d00d17dbc37eb73d2658f915b9f37dd549

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMuPk10mn3GLFnm3Y7sgG%2FyCi9Yc5hYS%2FYm%2FjyZsjpamxtGxj7dlrjz64HQ8fDlm0zC%2FSsBTEm3cf93m4riwbHRNjOPeedDZvMkTgbb5rzHKNk6PitF5e%2FJFirpTyt2l768Viriq"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
801cebdca95301f0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
bid-request
a.teads.tv/hb/ 		16 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 05 Sep 2023 07:57:26 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
36c7969430e26934723d71d780cd01618a16adc0cb23051a77ada9e736e7a14e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 05 Sep 2023 07:57:25 GMT
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
801cebdcdeff0d64-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
801cebdcdf000d64-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=97606396380&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 05 Sep 2023 07:57:25 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
adreq
ads.servenobid.com/ 		981 B
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=884
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
usync.js
eus.rubiconproject.com/ Frame E64C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
04ca16cb8689e125ba1b2da9f1cbb75c07693045569adbf250c717279b91c932

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 07:57:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2023 23:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54620
Connection
keep-alive
Content-Length
10124
Expires
Tue, 05 Sep 2023 23:07:45 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/ 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:01:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
64537
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129682
x-xss-protection
0
server
cafe
etag
12917394590533080382
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 03 Sep 2024 14:01:48 GMT
clarity.js
www.clarity.ms/s/0.7.10/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.10/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/il95o8vjrn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
br
last-modified
Sun, 03 Sep 2023 09:54:41 GMT
x-azure-ref-originshield
0Paf1ZAAAAABYjtsTnetJTrt/dHBaaDwjRlJBMjMxMDUwNDE3MDMxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DBAC63CB8CA026"
x-azure-ref
0Zd/2ZAAAAAAYValO98YgR4LniB9JxP6QWlJIRURHRTEzMDYANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
1a169a0d-401e-0047-386d-de4580000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
usync.js
eus.rubiconproject.com/ Frame 66C9 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
04ca16cb8689e125ba1b2da9f1cbb75c07693045569adbf250c717279b91c932

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 07:57:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2023 23:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54620
Connection
keep-alive
Content-Length
10124
Expires
Tue, 05 Sep 2023 23:07:45 GMT
videojs.ads.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-7.bunnyinfra.net
Software
BunnyCDN-DE1-1047 /
Resource Hash
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
08/09/2023 21:21:30
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:21 GMT
server
BunnyCDN-DE1-1047
cdn-fileserver
577
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf625-16c3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
7ddca761cc032175bf088c8d273c81e3
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		84 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-7.bunnyinfra.net
Software
BunnyCDN-DE1-1047 /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
br
cdn-edgestorageid
1077
cdn-storageserver
DE-165
cdn-cachedat
07/07/2023 01:07:44
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:22 GMT
server
BunnyCDN-DE1-1047
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"642bf626-14fe2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
93b27c104cd512ca35c4ab15ada58284
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-7.bunnyinfra.net
Software
BunnyCDN-DE1-1047 /
Resource Hash
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
br
cdn-edgestorageid
1049
cdn-storageserver
DE-164
cdn-cachedat
08/28/2023 19:09:21
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:16 GMT
server
BunnyCDN-DE1-1047
cdn-fileserver
565
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf620-2ae4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
0d50bfcce88530c64331f88ec1633b48
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-7.bunnyinfra.net
Software
BunnyCDN-DE1-1047 /
Resource Hash
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:25 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-167
cdn-cachedat
08/29/2023 17:57:29
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:20 GMT
server
BunnyCDN-DE1-1047
cdn-fileserver
573
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf624-13b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
4fbf5adff8712a5fb42c8f94870b9d8a
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Tue, 05 Sep 2023 07:57:25 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
5404
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1693900646.902363,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
92
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
4301
7833529d-1737-499a-9e56-9c969aae47ed
https://www.bg3.co/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/7833529d-1737-499a-9e56-9c969aae47ed
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ Frame 55E3 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
61141
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129723
x-xss-protection
0
server
cafe
etag
14901160554504536944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 03 Sep 2024 14:58:24 GMT
khaos.jpg
token.rubiconproject.com/ Frame E64C 		284 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
collect
www.google-analytics.com/r/ 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E9%87%91%E5%8F%8B%E8%8E%8A%E6%98%AF%E5%B0%8F%E4%B8%89%EF%BC%9F%E3%80%80%E7%9C%BC%E9%8F%A1%E5%BC%B5%E7%AA%81%E5%86%92%E5%87%BAE%E5%A5%B6%E5%A5%B3%E5%8F%8BJoey%E5%87%BA%E9%9D%A2%E6%8C%87%E6%8E%A7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.1999319526047707&gjid=0.600261462351541&_r=1&a=4981&z=0.43325683680768146&gtm=45De1110
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 66C9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM60PJDJ-1N-6YYL
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM60PJDJ-1N-6YYL
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Tue, 05 Sep 2023 07:57:26 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/ Frame CB3E 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 18:47:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
47394
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129682
x-xss-protection
0
server
cafe
etag
12917394590533080382
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 03 Sep 2024 18:47:32 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=4981&cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&dr=&dt=%E9%87%91%E5%8F%8B%E8%8E%8A%E6%98%AF%E5%B0%8F%E4%B8%89%EF%BC%9F%E3%80%80%E7%9C%BC%E9%8F%A1%E5%BC%B5%E7%AA%81%E5%86%92%E5%87%BAE%E5%A5%B6%E5%A5%B3%E5%8F%8BJoey%E5%87%BA%E9%9D%A2%E6%8C%87%E6%8E%A7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1693900646&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308181609000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&aip=1&sid=1693900646&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308181609000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ubpvideos
newsbot.unibots.in/get_videos/ 		521 B
693 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://newsbot.unibots.in/get_videos/ubpvideos
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.105.43.230 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-105-43-230.ip.linodeusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2f7fd1d6651e37c961b69957f5037d3237ea523fd55d5d3a60ddc3fc2b61ecaf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 05 Sep 2023 07:57:26 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Length
521
Content-Type
application/json
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
Date
Tue, 05 Sep 2023 05:08:19 GMT
Via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
10148
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
DZg4ikum7gF-NAPGP6TY6qX2xwdPr-FfpcmWW4vPwmwWoQeBoxNuEA==
esp.js
cdn.id5-sync.com/api/1.0/ 		119 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
PZWZRGMGZGC1FZZC
age
9
x-amz-server-side-encryption
AES256
x-amz-id-2
S58JdPqukaHa1PfPpov4GyEz83dr63BKbaJmuhDvlOSU38dLMdr4IM2RoJbb53yBIZS0UEGIoH8=
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
etag
W/"e6744398f78bbd5138fa1a9e34f686e4"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
801cebe0fe0bba8b-MXP
expires
Tue, 05 Sep 2023 08:57:26 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26006
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBUvjw9utpcOD8eJysS1igj69X8kHq2dCSFJO6w%2FTQBRf9Z0%2B%2B5yyq9znF6DqeOokesqR2lXdcX19owvjt1ng%2BYMDGOuxb%2FkLdpMJKZjGHBQ0FJtWJj1V4F5vMUq%2BibEMXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
801cebe0fb2d4bde-MXP
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 02 Jan 1970 00:00:00 GMT
server
nginx
etag
W/"15180-ab99"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 06 Sep 2023 07:57:26 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 04:27:21 GMT
content-encoding
gzip
age
703805
x-guploader-uploadid
ADPycdvO63Bs2hpfvrq4P31AF9LvzTxHSA_jJUqYOnbEjFh1BfJWVElI9jTga5pYHwO5mvT4IwwwIh1cSCracbb_xVSxAQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 27 Aug 2024 04:27:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
966 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3103434981226959&correlator=1110043240455245&eid=44777900&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1693900646156&lmt=1693893446&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1237583289.1693900646&ga_sid=1693900646&ga_hid=4981&ga_fc=false&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&dlt=1693900643603&idt=2522&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_0_0_pv%26cluster_reporting%3Dchrome_DESKTOP_0_1_active_0_pv%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv5_c%26faid%3Dfalse&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
efc40d4736f5df7b6b81980bfa7a5da60b8ffe25a49e561435cbfc651ded42a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
752
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 831B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:26 GMT
expires
Wed, 04 Sep 2024 07:57:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
b7f7b4d4ef31836eb7a95af9e7c212ee1ad1ee0cd20f75d298ee708fb7eb0a77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 01:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
21581
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13569
x-xss-protection
0
server
cafe
etag
6174382377942399123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 04 Sep 2024 01:57:45 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 5D0D 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
60eae163338ae064c8e56ac9860b94c3ae046b7ad97cdbd9b410206ff447f353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50527
x-xss-protection
0
server
cafe
etag
5718541417925966637
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:57:26 GMT
collect
p.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bg3.co
Date
Tue, 05 Sep 2023 07:57:26 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
ads
securepubads.g.doubleclick.net/gampad/ Frame 55E3 		498 B
616 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4420980233775180&correlator=3231107360525557&eid=31077576&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1693900646240&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=hcslmrd24ltx&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=2145851838.1693900646&ga_sid=1693900646&ga_hid=826062613&ga_fc=false&dlt=1693900645571&idt=645&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
b7bebc0e0f1f555943373a72d729ebedc8886d053f50a42020ce84ca83ceb582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1498e9a87847adf599e80018330f4b11.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D276 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1498e9a87847adf599e80018330f4b11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:26 GMT
expires
Wed, 04 Sep 2024 07:57:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-30.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:17:17 GMT
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2410
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
LNQr_GBjuwFLOht-fcbwAqRY32uQIolEQXwyZ2Zx3ddwX2woRsiyrA==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame E86E 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ed092c9ebb55d10e58f710417c3544211983fdb3915f242f5111cc2fac5c2759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50546
x-xss-protection
0
server
cafe
etag
18624251200155380
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:57:26 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 784D 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-30908086731758617527&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3224&oid=2&is_amp=5&amp_v=2308181609000&d_imp=1&c=332004981&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&ga_hid=4981&dt=1693900646030&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&bdt=2427&dtd=69&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308181609000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:26 GMT
expires
Tue, 05 Sep 2023 07:57:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame CB3E 		492 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1847957331006104&correlator=3212151483065317&eid=31076474%2C31077537%2C31077232%2C44769661&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1693900646314&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=32xoljs84z5s&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=410293644.1693900646&ga_sid=1693900646&ga_hid=237794353&ga_fc=false&dlt=1693900645573&idt=718&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
605f8002c76218327eaaacaee48bfe313d10c906bc4b68f1f3df00fae58c17dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d8903c0bd540ae6455ed24cd35a0bcff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3942 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d8903c0bd540ae6455ed24cd35a0bcff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:26 GMT
expires
Wed, 04 Sep 2024 07:57:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AVmanager.js
player.aniview.com/script/6.1/ Frame 6BFD 		476 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.162.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-162-159.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
c7a451b1fee1889fa50cb8015955d034ac4f2d0bc0d4bd12ff199fc6beed8228

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvCplYbt1OCcEQvQIgb7D9fomHiaumbT9b8pdMBvErQa4hcyOIxpwRgfBTp8le355WgOYhul1nJA2MuuVEqVRb7fQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130527
last-modified
Tue, 05 Sep 2023 05:35:53 GMT
server
UploadServer
etag
"70004d040c5610504b08ae8542383df7"
vary
Accept-Encoding
x-goog-generation
1693892153238655
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=0alUKg==, md5=cABNBAxWEFBLCK6FQjg99w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130527
accept-ranges
bytes
expires
Tue, 05 Sep 2023 08:07:26 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&rid=esp&cc=1
85 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&rid=esp&cc=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
f9ea102e63f49b54d9490d059531d7de7cd6a97b368739dce2c13b16b350885a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-+6uyXxVnDDSG8RAoso+q99p+Aho"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 05 Sep 2023 07:57:26 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.bg3.co
location
/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/ Frame 5D0D 		377 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js?bust=31077588
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
956af125560a696c9a73e1f193473351550cd944332c4a00399aaef5d4491fe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131228
x-xss-protection
0
server
cafe
etag
797005459351771401
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:57:26 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/ Frame CF0F 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
54450
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 16:49:56 GMT
etag
9878862242593084568
expires
Mon, 18 Sep 2023 16:49:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9qaW4teW91LXpodWFuZy1zaGkteGlhby1zYW4teWFuLWppbmctemhhbmctdHUtbW91LWNodS1lbmFpLW51LXlvdS1qb2V5Y2h1LW1pYW4temhpLWtvbmcuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWMzMWFiZDFjLTdmNGMtNDM3Ny1iYTRlLTY4ODY3OWZiMTY2YSIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiIxNDFmZTM0OS0yZGNhLTRmNGYtYWZhZi05NzEyMTg3ODlmOWYiLCJ0aW1lT2ZBdWN0aW9uIjoxNjkzOTAwNjQ1NzIyLCJiaWRzIjpbeyJjcG0iOjAuMDEsImFkSWQiOiI3NTA0ZWE0MjI5NGY2NjUiLCJvcmlnaW5hbENwbSI6MC4wMSwiYmlkZGVyIjoib3BlbngiLCJyZXZlbnVlIjowLjAwMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0NTUsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjkzOTAwNjQ2MTg4fSx7ImNwbSI6MC4wNCwiYWRJZCI6Ijc2ZWIzNmM0ZDk1NWY2YSIsIm9yaWdpbmFsQ3BtIjowLjA0LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ0NywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTM5MDA2NDYxOTR9LHsiY3BtIjowLjA1NDYyMTAwMDAwMDAwMDAxLCJhZElkIjoiODBlZTU1NTk1MTBjYjYxIiwib3JpZ2luYWxDcG0iOjAuMDY0MjYwMDAwMDAwMDAwMDEsImJpZGRlciI6ImFkbGl2ZXRlY2giLCJyZXZlbnVlIjowLjAwMDA1NDYyMTAwMDAwMDAwMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo2MTcsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjkzOTAwNjQ2MzUzfSx7ImNwbSI6MC4wMywiYWRJZCI6IjgxYWRjMTA5NjEwNTMzZSIsIm9yaWdpbmFsQ3BtIjowLjAzLCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTcsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjY4NiwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTM5MDA2NDY0Mjl9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoiYWRsaXZldGVjaCIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiODBlZTU1NTk1MTBjYjYxIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDA1NDYyMTAwMDAwMDAwMDAxfSx7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiIxNDFmZTM0OS0yZGNhLTRmNGYtYWZhZi05NzEyMTg3ODlmOWYiLCJ0aW1lT2ZBdWN0aW9uIjoxNjkzOTAwNjQ1NzIyLCJiaWRzIjpbeyJjcG0iOjAuMDQsImFkSWQiOiI3NzlhODJhOGVhYmNiMzkiLCJvcmlnaW5hbENwbSI6MC4wNCwiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDA0LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0NDgsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjkzOTAwNjQ2MTk1fSx7ImNwbSI6MC4wNCwiYWRJZCI6Ijc4MzgyY2QwOTMzMTA4YiIsIm9yaWdpbmFsQ3BtIjowLjA0LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ0OCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTM5MDA2NDYxOTV9LHsiY3BtIjowLjA1NDYyMTAwMDAwMDAwMDAxLCJhZElkIjoiNzlmMzE2Yzc1ZTUzOTkyIiwib3JpZ2luYWxDcG0iOjAuMDY0MjYwMDAwMDAwMDAwMDEsImJpZGRlciI6ImFkbGl2ZXRlY2giLCJyZXZlbnVlIjowLjAwMDA1NDYyMTAwMDAwMDAwMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo2MTcsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjkzOTAwNjQ2MzUzfSx7ImNwbSI6MC4wMiwiYWRJZCI6IjgyNmE2YmU2NTNmZjJmIiwib3JpZ2luYWxDcG0iOjAuMDIsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDAyLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo2ODcsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjkzOTAwNjQ2NDMwfV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6ImFkbGl2ZXRlY2giLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc5ZjMxNmM3NWU1Mzk5MiIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwNTQ2MjEwMDAwMDAwMDAwMX1dLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=5015.200000762939
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:26 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 07:57:26 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
663
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1693900646.480728,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
42
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
3823
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 07:57:26 GMT
x-amz-request-id
AXB48TVMJDNAM2N4
age
23752
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693900646.480783,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
73
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
31063
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308300101/ Frame E86E 		377 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308300101/show_ads_impl_fy2021.js?bust=31077587
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
3829d0d4087c415ba2ecccd39d783056b6326f9c72f8929f38f481f6448101a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131099
x-xss-protection
0
server
cafe
etag
16310512025096744659
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:57:26 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		298 KB
64 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3103434981226959&correlator=1188142850009534&eid=44777900&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height%2Cheight&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1693900646465&lmt=1693893446&adxs=236%2C315&adys=60%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&vis=1&psz=728x-1%7C970x-1&msz=728x-1%7C970x-1&fws=4%2C516&ohw=728%2C1600&ga_vid=1237583289.1693900646&ga_sid=1693900646&ga_hid=4981&ga_fc=false&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&dlt=1693900643603&idt=2522&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_0_0%26cluster_reporting%3Dchrome_DESKTOP_0_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.05%26hb_ap_adid%3D79f316c75e53992%26hb_ap_bidder%3Dadlivetech%26fcEnabled%3D0%7CstopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_0_0%26cluster_reporting%3Dchrome_DESKTOP_0_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.05%26hb_ap_adid%3D80ee5559510cb61%26hb_ap_bidder%3Dadlivetech%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv5_c%26faid%3Dfalse&adks=1420297610%2C2825066673&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
15da23ecdb6a1c72d6411c127b53df9b0b93ea275fe0dfa6eb0f774566e27ea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65076
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pips.taboola.com/ 		4 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230061-FRA
date
Tue, 05 Sep 2023 07:57:26 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=b6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 05 Sep 2023 07:57:26 GMT
cache-control
no-store
server
nginx
increment
id5-sync.com/api/esp/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 05 Sep 2023 07:57:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame 417E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:26 GMT
server
Kestrel
server-processing-duration-in-ticks
295010
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie.js
partner.googleadservices.com/gampad/ Frame 5D0D 		210 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js?bust=31077588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
832a72f2596bbbc425309519b1f0bb8e22dee773bc06692db0dca5df63360c2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6F58 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js?bust=31077588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
4e3b6cd7469e62a94f395ef409b1731737233cb9f67a6ac9b4417a11bd087be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12399
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1a12c1bfdeb0699cfbf476da554a65b6fa88d0312b46d048ad7ab09bdeb49d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90537
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 07:57:26 GMT
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
0e6f02ed-4bdf-4fbf-9629-0a6c6b4b154c
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/0e6f02ed-4bdf-4fbf-9629-0a6c6b4b154c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
5b92977b-fd62-45ce-b5b1-2dcf1d9296c6
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/5b92977b-fd62-45ce-b5b1-2dcf1d9296c6
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
L2EvamluLXlvdS16aHVhbmctc2hpLXhpYW8tc2FuLXlhbi1qaW5nLXpoYW5nLXR1LW1vdS1jaHUtZW5haS1udS15b3Utam9leWNodS1taWFuLXpoaS1rb25nLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvamluLXlvdS16aHVhbmctc2hpLXhpYW8tc2FuLXlhbi1qaW5nLXpoYW5nLXR1LW1vdS1jaHUtZW5haS1udS15b3Utam9leWNodS1taWFuLXpoaS1rb25nLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-65.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Tue, 05 Sep 2023 07:57:26 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=7, origin; dur=90, ak_p; desc="1693900646754_389467969_553687506_9673_2304_19_0_219";dur=1
content-length
555
expires
Tue, 05 Sep 2023 08:57:26 GMT
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
json
gum.criteo.com/sid/ Frame 417E 		446 B
561 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f7bb935690a673c52a966ac02462cff6af3ce97ffa967252ef969d4863dadcf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
889187
expires
0
cookie.js
partner.googleadservices.com/gampad/ Frame E86E 		210 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308300101/show_ads_impl_fy2021.js?bust=31077587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
3b1122a5e4e7b37a9dcdcb6a9139cd03ac14fb5098ac7e22585d5c59eb93f47a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3C5A 		38 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308300101/show_ads_impl_fy2021.js?bust=31077587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
3950ecf64c838806c228fa081848c109a18c4b549089e258db646f3b9a27d0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16208
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel;r=117853614;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html;uh=e51ed67dfb8d91dc24b15e2ac...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=117853614;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1524822824-1693900646250;pbc=4a8a63d0-e364-4af2-a5e6-81b0fff3ad86;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1693900646786;tzo=-120;ogl=;ses=780ca7b5-e316-4dd0-a985-b11e0617747e;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 55E3 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
baca47ee6750ca1af1c095cf5898d6e12af2faa1cea6c82dbe2f88512cfc9820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11798
x-xss-protection
0
collect
p.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bg3.co
Date
Tue, 05 Sep 2023 07:57:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-7.bunnyinfra.net
Software
BunnyCDN-DE1-1047 /
Resource Hash
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:26 GMT
content-encoding
gzip
cdn-edgestorageid
860
cdn-storageserver
DE-677
cdn-cachedat
08/17/2023 06:30:53
cdn-pullzone
873945
last-modified
Thu, 17 Aug 2023 06:20:20 GMT
server
BunnyCDN-DE1-1047
cdn-fileserver
655
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=2592000
cdn-requestid
288ee8bfd9305b9217e359efbd88a409
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
pd
google-bidout-d.openx.net/w/1.0/ Frame D2C3 		594 B
813 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d9c8ca2a09ace021c2048354be5bc5218343c3494f2ea9e0e144a6c823e204eb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
386
content-type
text/html
date
Tue, 05 Sep 2023 07:57:27 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
bridge3.587.0_en.html
imasdk.googleapis.com/js/core/ Frame C627 		720 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
sffe /
Resource Hash
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
44144
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236429
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 19:41:42 GMT
expires
Tue, 03 Sep 2024 19:41:42 GMT
last-modified
Wed, 30 Aug 2023 15:21:00 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 07:57:27 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4EEA 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 05 Sep 2023 08:20:02 GMT
playlist.m3u8
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/ 		171 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/playlist.m3u8
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
09db039251766d76dd3ec8b446813be70778c66e060c306b63ceb96aa200b4af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
cdn-edgestorageid
1055
cdn-storageserver
DE-661
cdn-cachedat
08/18/2023 10:37:57
cdn-pullzone
829957
last-modified
Fri, 18 Aug 2023 08:18:43 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
637
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
aa6d2a423e8aa947d496bbce8dc50473
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je38u0&_p=4981&cid=1237583289.1693900646&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1693900646&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&dt=%E9%87%91%E5%8F%8B%E8%8E%8A%E6%98%AF%E5%B0%8F%E4%B8%89%EF%BC%9F%E3%80%80%E7%9C%BC%E9%8F%A1%E5%BC%B5%E7%AA%81%E5%86%92%E5%87%BAE%E5%A5%B6%E5%A5%B3%E5%8F%8BJoey%E5%87%BA%E9%9D%A2%E6%8C%87%E6%8E%A7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		263 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
40456f3defa74e97774033f745df5823754059dd958f6f0c6ebe360f1db0fb06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89454
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 07:57:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 55E3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Sep 2023 07:57:27 GMT
1f6af113-3805-44a3-839b-8796be7c8caa
https://www.bg3.co/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/1f6af113-3805-44a3-839b-8796be7c8caa
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
022c0275-de17-4cb1-ace7-bcae23e86e21
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/022c0275-de17-4cb1-ace7-bcae23e86e21
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
e487714d-c568-4c87-8aa3-2dc03e9d018e
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/e487714d-c568-4c87-8aa3-2dc03e9d018e
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
sodar
pagead2.googlesyndication.com/getconfig/ Frame CB3E 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308290101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
16a0e51f2c5618ae9d2419deac410c51dbdaccf60f88777ffe0e03537bce8ea5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11650
x-xss-protection
0
truncated
/ Frame 6BFD 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gov.aniview.com/api/adserver/tag/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.bg3.co&AV_GDPR=1&AV_CONSENT=&AV_CCPA=1---&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=645c834590f2c48ad908f465&AV_CHANNELID=6469fbec71f13c58010ba477&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.bg3.co&AV_DADPOS=1&AV_GPID=/645c834590f2c48ad908f465/6469fbec71f13c58010ba477/www.bg3.co&d36=6.2.125&responsive=1&sver=4&avtoken=647125&omv=1.0.1&clsid=44a8d7fc-f9cc-4d51-937f-ad3050eadbf4&rando=55&AV_WIDTH=700&AV_HEIGHT=393&AV_DNT=0&cb=1693900647128&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.97.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-97-198.compute-1.amazonaws.com
Software
/
Resource Hash
d3e75d6e2c4466fc16b30a1918ba0e32d7963663641c2c75ada324c1e3a439aa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Thu, 24 Aug 2023 18:10:47 GMT
track
track1.aniview.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.bg3.co&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=&d36=6.2.125&apppkg=&fv=1&proto=https&clsid=44a8d7fc-f9cc-4d51-937f-ad3050eadbf4&rando=55&pid=645c834590f2c48ad908f465&cid=6469fbec71f13c58010ba477&stagid=&stplid=&e=inventory&vi=0&cb=1693900647127
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.34.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-34-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F58 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CikVGAWCh4cnzKjUfSIMaKiPBZQ5iY0Li6oKZrllNap41ZPKte4sKWOK9AcBY0BWDDVfuRw-ARiqiJMTxeWROmyoDyc6fd1sal8VVIf_8y_ZJOBok
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F58 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14534706862075403597&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6F58 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:57:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 6F58 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 05:49:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
7692
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 05:49:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 6F58 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
64994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 13:54:13 GMT
l
www.google.com/ads/measurement/ Frame 6F58 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRSMtctZQRbcY0poHySJcB8p8YITRo9vYVLAX9FVHvylM6n5zCUrVOcp_OC0icJ0sPp1L93ZcuupitA1jUJR7q1DUQvw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6F58 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:57:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 3C5A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 05:49:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
7692
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 05:49:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 3C5A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
64994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 13:54:13 GMT
l
www.google.com/ads/measurement/ Frame 3C5A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJqxUh8D6eLoexp05LUD0dOlGT-MdlL9oyZ8txXABq9Jh8R2X0LEEuJzSrP-eWu-UBI8nLIo5DC3yI8emEWm9-pFWmCQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3C5A 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:57:27 GMT
b85e0605-8d4e-ee4b-e26c-cd9df3c35274
pr-bh.ybp.yahoo.com/sync/openx/ Frame D2C3 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/b85e0605-8d4e-ee4b-e26c-cd9df3c35274?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.32.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-32-106.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame D2C3
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=744f1c3c-0148-c7f8-13b5-59ff64a754dd
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=744f1c3c-0148-c7f8-13b5-59ff64a754dd&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=744f1c3c-0148-c7f8-13b5-59ff64a754dd&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 07:57:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TYQ9GT95YQN3638B98E4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 07:57:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EDJC68K2A7B4VECPY81Y
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=744f1c3c-0148-c7f8-13b5-59ff64a754dd&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame D2C3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=2c996041-1de2-7c02-d3bb-db680c949f3d&gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D2C3 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDBmNmIzOGItZDQ5NS0yMmE2LWM2NWItODFkMWM2NzY1MTVk
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D2C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM_ys_BKA6DZGqi0vCMe33M&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM_ys_BKA6DZGqi0vCMe33M&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM_ys_BKA6DZGqi0vCMe33M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A328 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:26 GMT
expires
Wed, 04 Sep 2024 07:57:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 62A1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:26 GMT
expires
Wed, 04 Sep 2024 07:57:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3E92 		478 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNV5Xj8Tsc9CJ3t2mJogBVCU3brgQSVcDCXBe3Jg-xmDLfOVL7cin8dQjpIoAGaYBXIcupk1loku_kGZY-qgw-am7eDfWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:27 GMT
expires
Tue, 05 Sep 2023 07:57:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CB3E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Sep 2023 07:57:27 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 6C7F 		49 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPbfZgAMjCgFkVfmAAZ0VRZDtyC7TyYQW5K6jA&u=%7CzkoH2%2F1Bx5ZnvOahl%2F%2F1TQFajSPqMhiZn5QixIieh6o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjpM_htxWq_02_kHkTXEKA7t5b5PnP0dyOIKDn9GYACS4Y4_18eJ1W-8iR4E83NfzWi6U3IFpwSezzTv_26lCU3JpYO1Ul4uomtQXdR7iQjCcDIjdimm7ZmEvJYMQNn0g7k25M6a-peFOZkJGWzTxK7jGoHVtp8nTebuHpFO2muawCqNoy-qoP0fPRPMPEigJKbbcnzl9CN7pkpNO3Ptus46w-SLaEmFPSebR8akv-5A01TONu2B_MQODeDlJmkngi9u4fQ8iy_1CkmGSLB-4zZnsszm-h69dDGH0q2_V7-Ao6ht2u7ER-KCLm9oLGxKANOElG4C_wzTkLbixOsdk5tAF8VtpSPhmWgtNJDuIfz7tBKWOzC4SmQYn6alB7hIj44y7Acgn6N5NG4J9eYNXJE-BjFsvhzQvhZh4KsiHK4SEFhGZogzK_AqrVVTr7UlQ5gKTt2CVASJvXn2weqx6CCnu1beM8vL3xfVVmCEd31H5MVCE0VTenHg6-Z-kmX2qc8dgAtZ7Ofen4AkatpQkheQbbW8Skh6x44xr4AOvHqND_A5F-yeVigrh1SukEhyHbCKQYfBr1_JOl4b3nIvrrhdNR3xUUM7AuwnKYF_8VN1yBBuEKfjWHwPjjJD3QIxV8dgksB5jzXgTPb2WyD_R4gMTkKXm1DsoNGLwcL6nRtFlzRcS5tpTPe7Si6T7GFskkw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI0YbZt_2ZKiYMuavxdwP1eiZkA7JntKxXNWdkfdwwI23ARABIABg9YWAgLQEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArhE27bwGLI-qAMByAMCqgSXAk_QlXlkQ0CQe4L0Z0UmDFsqyj_51FDNJIxUmzw9H2QnFVniWyLq39PGQsXyAVcqJ00OTsgBqgacE5zJInLoHS3qoAoNH8Nn9rovIZdbAYRjlUDfaTDrzkunX95HoIcxx3bdNbHaXkLLhg7PP9x3J3NHDc9pbpFbofzwtTPR7UpzspfFFGTopAiTYP2EvI2KsRvn5cuv6cXh0W8HOP7qiQmctuH4xjLyn5nzUJGOcfmGLGkFvghWCpS60CmoEvaKfhYJ1yb1MiFcd9vkgGlsxA0WFoEMJDqM1CoEt5gaed_YE6loAtskYDTvp_8vi6E3EhgFLTfdcTpylrM71SC44gWTZ7GnRzpYLy_6J4t-4roRKWFyHCgZAYAGxJ2TzZ2-mPJioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Kx1zX4GLefE3wVuaXGAbYDL7PKw%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6e253854859a50b68369ab5489d9d32eaf73bf9eb29502d446aa0f29e50f8523
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:27 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=oBsFwuTzNgLg0XTaM_COlbxDVKchxFC-J0OMcmhjgQFbkJ93HwNP8p7TC68UXUiMe-XXeyp6RLoHjckgqKokmYRvtFJ462R3_IPfpDuhzVIay7cafqTRMnV5ICUr9AJOpm35SAQA9totf6hqMz8JgmnUkTdSAAq-alDyAwjbpl1i6Eq_K9wKXkqtkuCdgbGFIes2PLo3SpYmBbZpUFeQErNbsi3uiPo__zs_6KLNa-MZ_L8g3TxuMKBuzIgvehVjijEmOA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2903258
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38u0&_p=4981&cid=1237583289.1693900646&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693900647&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&dt=%E9%87%91%E5%8F%8B%E8%8E%8A%E6%98%AF%E5%B0%8F%E4%B8%89%EF%BC%9F%E3%80%80%E7%9C%BC%E9%8F%A1%E5%BC%B5%E7%AA%81%E5%86%92%E5%87%BAE%E5%A5%B6%E5%A5%B3%E5%8F%8BJoey%E5%87%BA%E9%9D%A2%E6%8C%87%E6%8E%A7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 018B 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
74608
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 11:13:59 GMT
etag
48472445140208031
expires
Tue, 05 Sep 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame A328 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f10.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 06:33:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Sep 2023 07:57:27 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame A328 		2 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
64994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 13:54:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame A328 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
64994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 13:54:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame A328 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 05:49:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
7692
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 05:49:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8B7E 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
74608
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 11:13:59 GMT
etag
48472445140208031
expires
Tue, 05 Sep 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame A328 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
64994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 13:54:13 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame A328 		225 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 09:44:05 GMT
x-content-type-options
nosniff
server
cafe
age
80002
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Tue, 05 Sep 2023 09:44:05 GMT
l
www.google.com/ads/measurement/ Frame A328 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR8Ea9SkiQ6QggPiRnl_v5joyAzGV3MmjaaRs64LALoHX7DpKmpFWe1V72H_KNFic9dZ1vo6BHVRQCHRZNjRosOsT7cVg
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A328 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:57:27 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame A328 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 02:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
366498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 21:27:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 02:09:09 GMT
pixel
cm.g.doubleclick.net/ Frame 3E92 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNV5Xj8Tsc9CJ3t2mJogBVCU3brgQSVcDCXBe3Jg-xmDLfOVL7cin8dQjpIoAGaYBXIcupk1loku_kGZY-qgw-am7eDfWA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3E92
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGunkOVSnXbXbgFppuR8EM&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGunkOVSnXbXbgFppuR8EM&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGunkOVSnXbXbgFppuR8EM&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNV5Xj8Tsc9CJ3t2mJogBVCU3brgQSVcDCXBe3Jg-xmDLfOVL7cin8dQjpIoAGaYBXIcupk1loku_kGZY-qgw-am7eDfWA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 07:57:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 07:57:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEHGunkOVSnXbXbgFppuR8EM&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 3E92
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPbfZ0qlawjyk8gODy6d8gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGunkOVSnXbXbgFppuR8EM&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGunkOVSnXbXbgFppuR8EM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNV5Xj8Tsc9CJ3t2mJogBVCU3brgQSVcDCXBe3Jg-xmDLfOVL7cin8dQjpIoAGaYBXIcupk1loku_kGZY-qgw-am7eDfWA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 07:57:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGunkOVSnXbXbgFppuR8EM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
data=7sd7kgCA1vwEIy9YtSE4FT1uTIGsBu_3Mv6eGJ0SQ7l8uHGKLwc5UBeXs_BGwS2_xrPzoss9Q6pR46dYwQJ4He7On6mvmAr1Y1MgGND5uQ_BPT50TqLXTT_HqQ
mts0.google.com/vt/ Frame A328 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mts0.google.com/vt/data=7sd7kgCA1vwEIy9YtSE4FT1uTIGsBu_3Mv6eGJ0SQ7l8uHGKLwc5UBeXs_BGwS2_xrPzoss9Q6pR46dYwQJ4He7On6mvmAr1Y1MgGND5uQ_BPT50TqLXTT_HqQ
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
83b00667bd143f66e8d9ce78d3b7c36a5400640106083b89a4b3a455cf3f2faf
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:28 GMT
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=81
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52768
x-xss-protection
0
x-server-version-bin
CggIBBDa0sCnBg==
server
scaffolding on HTTPServer2
etag
0deaf8384c45a11cd
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
expires
Tue, 05 Sep 2023 08:57:28 GMT
truncated
/ Frame A328 		244 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A328 		333 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
video.m3u8
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video.m3u8
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
e4612453ee1173a62d2c517be3b9a8f79de7f91e219909cc72b4f165bf2e1e96

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
cdn-edgestorageid
1055
cdn-storageserver
DE-664
cdn-cachedat
08/18/2023 10:37:58
cdn-pullzone
829957
last-modified
Fri, 18 Aug 2023 08:17:58 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
646
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
6cd5fd591ee202ca213df1b076a2940b
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ Frame 62A1 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f10.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 06:40:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Sep 2023 07:57:27 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 62A1 		225 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 09:44:05 GMT
x-content-type-options
nosniff
server
cafe
age
80002
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Tue, 05 Sep 2023 09:44:05 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 62A1 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
64994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 13:54:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame 62A1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
64994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 13:54:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 62A1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 05:49:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
7692
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 05:49:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5E9B 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
74608
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 11:13:59 GMT
etag
48472445140208031
expires
Tue, 05 Sep 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 62A1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
64994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 13:54:13 GMT
l
www.google.com/ads/measurement/ Frame 62A1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbbFPwlRFE6MgCyeA9vDDaOItzhOsaBt5FtSNFw5oGOs7DxjeJ8lcLICceVK7VPeIQoUGofXe-kZsGNFuvR-JEeMqkzw
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 62A1 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:57:27 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame 62A1 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 02:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
366498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 21:27:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 02:09:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F58 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6068953873198&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F58 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6068953873198&version=m202307240101&ct=77&x=1&cor=14534706862075404000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6F58 		15 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpFhErNxD6eYsWWHwlGkB3EvV4lF31kkpM4H36ZKLpU1kmltj1KrfBkBA_06VFcw2ZDkrQaYBIqjgsWvo3DWicaHXNPrzEIA2oGqtKwiMKFK95YS945DiuvvRxgT48KkPabPIiu9hyoB9bLoEkiQRpDhVrMXAh0nqF82m3ahqhnXl6qcc&cry=1&dbm_d=AKAmf-BzIkcISZdpf2phYJQ5fABfrE1ae4FpCAqoine1-2e1EHhDLfdrFhvyo5y6bAet9pOIkqcAEHhPHE-_xQfcQnGEBAISw8-b6hMaNwtCcXOegmFSOpL3kAFhG_pkF3Tz2I-XMSzdVWZDvhzePvEC55FMbuoZ7fufRrLVSAaylbIgwi55yUu4QUncm-xMD2heK0EdIpojC4xaCtAcRoDejT__mX1xwkgH7rQu921I60Fbl-MqEAvEGemtD6gyLeOlFfR40dyrgbhz2NwjkutJs0MmPnGGGDn_noHxYdO6yFs88nZkELufUxA8IVjrCv7-vwzIYCZQwNI0a7IIZaYxOA0anhZP3H7GPFd8uiyoPL527bd1RoVBfNfZTVr3kprOK54xp7bIHoehT1bPq2ckgQlKGQAL-_FrEWEWUu-aAYb2p56-Ece8S-O0vjxbpin4TZtaQ9efAPK91CDBT1HTQwcACrCJFoHaWoI0GThvNFW97NmQ43fGRUMnZot1axEmyo1g5CtqmR9mFNjDUaSv2js9pRWlvtkslLSCX1MEQlz-fLkJB5JuOTmNIgf3bX0tQrjBKZXfzqGOCnXzFfEr0KMWNeMD8Yzi7Qpwj5NxdoKgKXyAAcp3Mh79bk5aJw7bhKbAw4zVNyvfnnGMkVnYHS0yXVBsTeqONSWbgnRiXgVCir7_FeXapkSQauwM54jOYsp3_l0UsqgUaNw9pBsaFXB_Mt5_3rLqyzDdIfeIwUi7kSVZ8cCco8bqDCGrFr4ALK1Z4bTsMh8kOc7_ptW2uXr11TYjeunVSL_99X6Zf20XkTHnVjkFsrHuxJncZo3bz20xSWLypOyYXJeZTvmDVQoX6T7NyFp0vMPTHlWdmMVbC7OFwuOGl5PxcOjTpbannExNG31E3UwAUqAtaZ2p_YL4xQVY0SmofxIzW8XRzvkj8njpUh8LYnI84EijD-J8GA54jc9Zu_85o1ScoO9d_05aC_cGunJtHdhHsFDRTns1S9ByyHZSdfla8P1h2y842qzWQEeIA_jPR0vKGt_f_HqDQldPGEH6scpKdcTSciHFVeVbAKnVYsrOOfO8xZ0gFns0yiRbMeu8qtWE4z_QyrZbzNpjjZqwvymk7RnXjFQeohRQ_qsct9eTvV8o0pQngb6ZNkuaVHtEIglTA43SIsUnYtxwnvvl_c8bNm7IFz-ggdcvPGINzJE979pP69BbuwiY88RTyoPiwtoPaXWDb3YjpXxoyxuCs7mTXuLtp7QTBE6vXK22YdV-eEiz0dEMc9boQnhT9Sepw8FCKXvQBt0uo0RL9kzodJGyTC1RooqX2d8QhdnuWlpDQs3DN7At4s3V_-Sd5Z_-QgwR49n3G4fW-VB9s_P2_b6AtQ1momDM78PNtZoFwM8VQ9GjI8nP5HG5goSs5ETsUWAcmk8S_zffV5EU9ITz6kenRhhsPQT6lYmXZCErY-RpSp69b9Clv88BYc8-qEOO3JsLBg5tO1NjGeLEjgIJCi6Xmi5lR5wrgnHemoXqsSwz0B1Noa6ATQdQ8TX4ouWXY68sM6skbJrorz-wYxp52EyRnpRD9NKZkieg0dV5Fac07xk2c8077c-KSNI93hZNOVYORb10JTe9IePsg58GPFOAInwiNBCDSE8b4GwxOk4tPV-yxQoFIQ1-2VbaNIM-bHDH3g7FjuESre9Cf7secD1r17vWRI1DtMmQBgYHosv13yCmTdw-DnYOEPG7ca2e9OnGX77jsyP6c3DTGCnyUOzWAThLkMnItb100jl8t1IvNXSIudXMjDBJdVtLcg4n_oAsPkq_suuU1sJU4uXQRbrdUoDHlLgGD8UgqV2c9ujFNNkoRP4FNlJlIuXJmww2meH27gXYS6KibkRBYxm_YUbp6qe2rM0rQBvwbmGGDAZeJrACVLvbeDhq8XKHJoX5UIjB1pRl2_-IHHJUg6DQwLCRTO1g4roxXQ6Jpl7Lgu0TjFCIYwhsZEP4UfrFMhhlfg5viHfWKzFh8nnrqLSOBQkYznzhHrnufOK2qzOabEx_zR-j6NzZy4ZP2qrDzjLF2J6jbNQQ0FGXFEASB-JM7xw7oSuhdvQHD5BCnW8vrSAn_5yzZT1UxkKpLNEy78JSRLgw7UzKKh5JOvAx-qW1A6EI4ia6BNHPfB7xoRJmdv23aF58JATNugXWn_EHRM-dsyvndWDpH3sQBFySyCq-AZXzJNxZn1HWHNB2pwNPC4kSG8y8ktxy9e1XwbgYhz62OZBICxd5AyXuPax-oJDT3x5G05sisIxYXJptF_2Pvs7dAWYbS3GkxLasuxpnL0K_JzpOs_pWCch1Z4THbfdB-3PB_DqNWSbVAOm8lUsOnS70LNwj2feTKC-5G561MYxvZ8FHbpFE4IivTKVYB6TfsvCdHajzuvJ0PUxGzIRMu3DRTY2mOUR9q7oKpjDqMhMOh87HJjEwMuWSaaQ98ya4WcvR1Ng-xNtHz_2bAONOV5Q3b01u79OEAfGb8R9cevmXCmOKpdQlAeRkfWRFi18xQudsCOy10wIKSNIWAy0u5O8gMrxcuceYjm_csJZjReC3Jc6qeJCQS-41HX-VPPjTL8necgEyBoVjeC8XNBx6miNsjEbWITu9pV95ALZaQNl1pR_tfN9PQHkV47_BgBGyWm08ydW2f9DZvzNF5VEOoAnc3wgo0FxnHw3x3QIC4gVYfs_67skJNiCTqoKU3Yip0uXmUFzezElDkejbNQSdHmnDVHuj6vxQEK1Yg2S16eKyzAoVVHD981dWK4RTKMAJDKRPkmBxwxb662jrNss6Y-R0m3PcdSVS1Hef0zk_YBdYeIPiQxxHf7jG0HyCwUCP2ThrFEBK4lV-kFR6JrlZeeVj0jErFauHf_o5aeN3TIjWgdOoQFgeJO1jIRzfMbaCKg59oo04t3ajly9c7ohh_7zflhnJ-gXrzYehqRHXrxQxVZiHKlH9KIqpoojKM9gV8En9EIy54Hr4iO7zwTY1w8G8OmJAD9sMzGA46UEJBmDBEX7qmpP4Ob7dF29QcA3iWHG9xdyVa3iqk9aLhV4BRVCzwksm6GuMtpxkff4ZLE7CGPFSqHy1kNBTjapz-ew5rDUPcZUTMeL2_oWEBuc191IoOCOxCOfUcwya29E-Dqj0-UOqJLvjGlEAw3P2--II-sOYlKX-6lowuqLbxURApMmijq23r5u-c0RD48fylIR9jhT7C6sdBbDXDQK6yYs4fYMWUvAl5dHmUG-UUAZ05mwMT94xJf-jRQ00kFqHRlg-v8DN6acHFhDVc3IECGNCzSfSh7wYjmaGapf8ybQttDtQATNWPDV40GscTz28SBgC6gxnmcX7c4dfay3wQymQsTbirnquVZNcjqXLY0NZBQYtl2lzt-Dm9soaVOsXkl1eYbbaPEjukKHZG3IV_9nXyVzz_5XRQnKrtfBpJqd6DramLgFwUo_eWX5Fr79IvCQ4oTmb3NgerDs1A7of7iNSS7qJfpULtmIHNnIDIpiOBAwHVd3-XctdqDiDScRR3DD7Zs4S0-I3OXGzymHJqohbtIja1012Lv_F0Md5PSGqS8sx5ZU8FjXYJAmtoZRplezmchtqzx6C2MuE2O_nZQSvsXwTWmoyfVjZWyz1dgrpBsp1QOSsp-2HXUdhrBi6sUvK_BK12X6WqDzpCIagrvXdY10WJfHb3zWB6ppX8ejROHm_I1TdzzfqBPawvuuhE65c_kRmKcdganBGOKT29DqKFHu8qyk6BDQrBGX3GFJldLBoWNpBSc9-OkWfR4dV2BSUqfHpKUPLg3PlGCpOhQ&cid=CAQSPABpAlJWgVso435YyrFHMKM_2T5tJdO33EtiADrLjTbet8czCTTFIb3UWAkWUVwVA8jp0nbH3Evgh1O-cRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=14534706862075404000&adk=3522027986&idt=252&cac=0&dtd=39
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
823214013aef02896daea501500d03afb1df772ae7c15f63542324c850b4f8c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11797
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
15451848048506905298
tpc.googlesyndication.com/simgad/ Frame 62A1 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15451848048506905298?w=100&h=100
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
e68a0785b0c2b5e718c7a448c71b763d8d74d5734e33f22996572c2e2bf739c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 08:12:22 GMT
x-content-type-options
nosniff
age
258305
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1330
x-xss-protection
0
last-modified
Tue, 02 Aug 2022 06:51:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 01 Sep 2024 08:12:22 GMT
truncated
/ Frame 62A1 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9B7B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
7692
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 05:49:15 GMT
expires
Wed, 04 Sep 2024 05:49:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8CBA 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
c44b20c4a583afca9b1919762accced239ecfc8eb1a4dcf722945b40f3aaae33
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yqlzLEFP66gb4tQHdkioYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-yqlzLEFP66gb4tQHdkioYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:27 GMT
expires
Tue, 05 Sep 2023 07:57:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8D95 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
7692
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 05:49:15 GMT
expires
Wed, 04 Sep 2024 05:49:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 64D6 		829 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
2ba17066c7732292767f90668f1efc4bd0d7e3ce0335806bbb764ad157a77ef3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g8Hspx8q56Sc_P8Ak_yD9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-g8Hspx8q56Sc_P8Ak_yD9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:27 GMT
expires
Tue, 05 Sep 2023 07:57:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
video0.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		310 KB
311 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video0.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
bd09c8a7b93803aa5920748a2f7b9dbfeac2c74bcff72e52f72c7c9abfab7534

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
08/18/2023 10:37:58
cdn-pullzone
829957
content-length
317720
last-modified
Fri, 18 Aug 2023 08:17:58 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
636
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
2746549aeccd2e18f87c858556302390
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
truncated
/ Frame 3C5A 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75e8be63f5d5de6819180d7b1aa8af1a9d12966daaf0ccc05ceda4785c348c0c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 018B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC-8iIITRhqmg8G9ynqtjJk&google_cver=1&google_push=AXcoOmRgLaFI3XI8XPbqfSWaksZ75Nbegh09NjoWtsSsEkeEdXfSjK_UMMoG9vUioQOzIW5Yb5rlc9NpcezhkW...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NTI0Nzg4MTU1ODQ4OTI0Mg%3D%3D&google_push=AXcoOmRgLaFI3XI8XPbqfSWaksZ75Nbegh09NjoWtsSsEkeEdXfSjK_UMMoG9vUioQOzIW5Yb5rlc9NpcezhkWSAzC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NTI0Nzg4MTU1ODQ4OTI0Mg%3D%3D&google_push=AXcoOmRgLaFI3XI8XPbqfSWaksZ75Nbegh09NjoWtsSsEkeEdXfSjK_UMMoG9vUioQOzIW5Yb5rlc9NpcezhkWSAzCXpsZtstqUi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NTI0Nzg4MTU1ODQ4OTI0Mg%3D%3D&google_push=AXcoOmRgLaFI3XI8XPbqfSWaksZ75Nbegh09NjoWtsSsEkeEdXfSjK_UMMoG9vUioQOzIW5Yb5rlc9NpcezhkWSAzCXpsZtstqUi
Date
Tue, 05 Sep 2023 07:57:27 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 018B
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMyn9ZKIg2FWa1xVNE6w61w&google_cver=1&google_push=AXcoOmR4zrbv53Fn0opAXvFXOsY1xNy9v0G8uq5ZXUpQRkW7aEsB8PqKS34rqPS9U2cr_uxuF5RPNlwLU6VT16ll...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NU7c2kjfRCeg6Hb1Y1CxPQ2&google_push=AXcoOmR4zrbv53Fn0opAXvFXOsY1xNy9v0G8uq5ZXUpQRkW7aEsB8PqKS34rqPS9U2cr_uxuF5RPNlwLU6VT16llGOLGIbQsauQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NU7c2kjfRCeg6Hb1Y1CxPQ2&google_push=AXcoOmR4zrbv53Fn0opAXvFXOsY1xNy9v0G8uq5ZXUpQRkW7aEsB8PqKS34rqPS9U2cr_uxuF5RPNlwLU6VT16llGOLGIbQsauQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Sep 2023 07:57:27 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NU7c2kjfRCeg6Hb1Y1CxPQ2&google_push=AXcoOmR4zrbv53Fn0opAXvFXOsY1xNy9v0G8uq5ZXUpQRkW7aEsB8PqKS34rqPS9U2cr_uxuF5RPNlwLU6VT16llGOLGIbQsauQ
x-host
tde-deliveryengine-production-684d5dc7fc-c2949
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 018B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSQaO...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-vNWqhptMXbkUOkkmFBWm2q5zsnPjYGG_4odTvg&google_push=AXcoOmSQaOIIs9Fk2vRgdS7spyAsYkL6niHuvYZAPLDU4La3HoZL9D6aRQNRO9y31rzRH4X4XjKFIBXGt3bE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-vNWqhptMXbkUOkkmFBWm2q5zsnPjYGG_4odTvg&google_push=AXcoOmSQaOIIs9Fk2vRgdS7spyAsYkL6niHuvYZAPLDU4La3HoZL9D6aRQNRO9y31rzRH4X4XjKFIBXGt3bELCxPjPN5oszDCdmK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-vNWqhptMXbkUOkkmFBWm2q5zsnPjYGG_4odTvg&google_push=AXcoOmSQaOIIs9Fk2vRgdS7spyAsYkL6niHuvYZAPLDU4La3HoZL9D6aRQNRO9y31rzRH4X4XjKFIBXGt3bELCxPjPN5oszDCdmK
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1067687
content-length
0
expires
Tue, 05 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 018B
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v43yVKSuSumQ74VoPlTmNQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v43yVKSuSumQ74VoPlTmNQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQA7dpicNxa0QX9SWsC5rtWvrCsgWfEg_PKbGKPtq4izO9oBIcntTIg_zJMmbyCE-_K6xeNuNqKrMzhU8N1MrNz_9Xdq844
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v43yVKSuSumQ74VoPlTmNQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQA7dpicNxa0QX9SWsC5rtWvrCsgWfEg_PKbGKPtq4izO9oBIcntTIg_zJMmbyCE-_K6xeNuNqKrMzhU8N1MrNz_9Xdq844
date
Tue, 05 Sep 2023 07:57:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 018B
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQWnbI0fKWF02pwtOwSLjBIJLI7QPWxJM2GZDiyLxbhL5scI1bta0-o9ZXNMzF39NDozp9xy_wKNL...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQWnbI0fKWF02pwtOwSLjBIJLI7QPWxJM2GZDiyLxbhL5scI1bta0-o9ZXNMzF39NDozp9xy_wKNLK2T7eBsgwkNUgi2KbV&google_hm=6e322d1d-c191-4c59-bc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQWnbI0fKWF02pwtOwSLjBIJLI7QPWxJM2GZDiyLxbhL5scI1bta0-o9ZXNMzF39NDozp9xy_wKNLK2T7eBsgwkNUgi2KbV&google_hm=6e322d1d-c191-4c59-bc97-56e0ac836789
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-193
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQWnbI0fKWF02pwtOwSLjBIJLI7QPWxJM2GZDiyLxbhL5scI1bta0-o9ZXNMzF39NDozp9xy_wKNLK2T7eBsgwkNUgi2KbV&google_hm=6e322d1d-c191-4c59-bc97-56e0ac836789
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 018B
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQ6q6fdDYZSIJr8Yfq01HG_eYFFP_E29R3vJpC-DU6wg3U-ThOfH3AAk32jfE1oI31rUt6KMgAB1MH_Y9UJrfyj8vKU8I7j&google_gid=CAESEKQmpB0ow3t5x...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKQmpB0ow3t5x47t-AszADk&google_hm=T1BVNTBkYTgxYmE0MTAzNGVmMTk3YmEwOWI0MTEwNGFmOWU&google_nid=opera_norway_as&google_push=AXcoOmQ6q6fd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKQmpB0ow3t5x47t-AszADk&google_hm=T1BVNTBkYTgxYmE0MTAzNGVmMTk3YmEwOWI0MTEwNGFmOWU&google_nid=opera_norway_as&google_push=AXcoOmQ6q6fdDYZSIJr8Yfq01HG_eYFFP_E29R3vJpC-DU6wg3U-ThOfH3AAk32jfE1oI31rUt6KMgAB1MH_Y9UJrfyj8vKU8I7j
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKQmpB0ow3t5x47t-AszADk&google_hm=T1BVNTBkYTgxYmE0MTAzNGVmMTk3YmEwOWI0MTEwNGFmOWU&google_nid=opera_norway_as&google_push=AXcoOmQ6q6fdDYZSIJr8Yfq01HG_eYFFP_E29R3vJpC-DU6wg3U-ThOfH3AAk32jfE1oI31rUt6KMgAB1MH_Y9UJrfyj8vKU8I7j
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
324
expires
Mon, 01 Jan 1990 00:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame 018B
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEPJcL-2MXlws8ZYkSiBXhAs?ext-param=AXcoOmQWamd8hTsRarOUCRVdxOOAdyoMisc2uSzHwasx27cPA-ARuEuqMer6XAJ6DbG2OpXxiLORv8j3d0dBDz1jTjR-KmvIBEKG&partner-tag=yandex_ag&g...
  • https://an.yandex.ru/mapuid/google/CAESEPJcL-2MXlws8ZYkSiBXhAs?redir-setuniq=1&ext-param=AXcoOmQWamd8hTsRarOUCRVdxOOAdyoMisc2uSzHwasx27cPA-ARuEuqMer6XAJ6DbG2OpXxiLORv8j3d0dBDz1jTjR-KmvIBEKG&partner...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEPJcL-2MXlws8ZYkSiBXhAs&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Protocol
H2
Server
87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 20 Aug 2024 07:57:28 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 018B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IjPo-o4_ALX8P-ahlGP-SCbj_7M6nocXMLAavzWTK3nXwFC_GD4j4laHFhCaGyQWlnqQtLnkk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
google
match.adsrvr.org/track/cmf/ Frame 8B7E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIlJdub66SjSPL0lpTYKRYw&google_cver=1&google_push=AXcoOmQv6a1zShVgZoqgno0SWI6mj_Nm87pIx0LBvZVgIfVP_-sUjDgTSOkVXntzmCw-spfh2Hin_Lrlr4eQwLoRMcDCbD0-VAW5
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 8B7E
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESELfJQ6oNEkAhBIjxo4NTSjs&google_cver=1&google_push=AXcoOmQcYckJejoo48G6n_vGQKIaQo-UgcHmESz2ePvy9R1AcAaZiDFS6nfPfvUOYTfw8KHiDkkYl04SzNw...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQcYckJejoo48G6n_vGQKIaQo-UgcHmESz2ePvy9R1AcAaZiDFS6nfPfvUOYTfw8KHiDkkYl04SzNwdp5ZfUGbIql9TqOY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQcYckJejoo48G6n_vGQKIaQo-UgcHmESz2ePvy9R1AcAaZiDFS6nfPfvUOYTfw8KHiDkkYl04SzNwdp5ZfUGbIql9TqOY
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQcYckJejoo48G6n_vGQKIaQo-UgcHmESz2ePvy9R1AcAaZiDFS6nfPfvUOYTfw8KHiDkkYl04SzNwdp5ZfUGbIql9TqOY
Date
Tue, 05 Sep 2023 07:57:27 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame 8B7E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIQTjqO1WS_xyei85sbv7WY&google_cver=1&google_push=AXcoOmS4S3A1mR4h8tg4j_SIA9DOzTD0YMMqS2j-vdeAkAfl8eJBZdRKJynLs5zek11bDjdV8gTzweIS99K1i...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIQTjqO1WS_xyei85sbv7WY&google_push=AXcoOmS4S3A1mR4h8tg4j_SIA9DOzTD0YMMqS2j-vdeAkAfl8eJBZdRKJynLs5zek11bDjdV8gTzweIS99K1i...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmS4S3A1mR4h8tg4j_SIA9DOzTD0YMMqS2j-vdeAkAfl8eJBZdRKJynLs5zek11bDjdV8gTzweIS99K1i7026oOuH7vdd3g&google_hm=M2U0VVg5Sy12RVFPbnFxZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmS4S3A1mR4h8tg4j_SIA9DOzTD0YMMqS2j-vdeAkAfl8eJBZdRKJynLs5zek11bDjdV8gTzweIS99K1i7026oOuH7vdd3g&google_hm=M2U0VVg5Sy12RVFPbnFxZlpmOWc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 07:57:28 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmS4S3A1mR4h8tg4j_SIA9DOzTD0YMMqS2j-vdeAkAfl8eJBZdRKJynLs5zek11bDjdV8gTzweIS99K1i7026oOuH7vdd3g&google_hm=M2U0VVg5Sy12RVFPbnFxZlpmOWc=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8B7E
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tfF2ukjkSzSNj8WIkm-zfw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tfF2ukjkSzSNj8WIkm-zfw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQGk9EZOAln8PQEr4d8U_-Rmv1W1ZxcEj3EdN1Idbj736fwETUQjpis-dw54udXI8LndNgb56m9BvEDpcR_Zec30w-xFsX1
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tfF2ukjkSzSNj8WIkm-zfw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQGk9EZOAln8PQEr4d8U_-Rmv1W1ZxcEj3EdN1Idbj736fwETUQjpis-dw54udXI8LndNgb56m9BvEDpcR_Zec30w-xFsX1
date
Tue, 05 Sep 2023 07:57:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 8B7E
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMLgJY6ULVQA05MVQ7ktl4M&google_cver=1&google_push=AXcoOmQx2prH7flqP0-gcGb0ax-cbC9e0irNZ_9iBjCDRHsy0qcGYPhdRn-fPnDL6EoarhDVed89XWs5IqPN8f0QL...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMLgJY6ULVQA05MVQ7ktl4M&google_cver=1&google_push=AXcoOmQx2prH7flqP0-gcGb0ax-cbC9e0irNZ_9iBjCDRHsy0qcGYPhdRn-fPnDL6EoarhDVed89XWs5IqPN8f0QL...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQx2prH7flqP0-gcGb0ax-cbC9e0irNZ_9iBjCDRHsy0qcGYPhdRn-fPnDL6EoarhDVed89XWs5IqPN8f0QLoVYnJCBpjOL&google_hm=HRO9uGZH6amqaCH-TPK6rahK
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQx2prH7flqP0-gcGb0ax-cbC9e0irNZ_9iBjCDRHsy0qcGYPhdRn-fPnDL6EoarhDVed89XWs5IqPN8f0QLoVYnJCBpjOL&google_hm=HRO9uGZH6amqaCH-TPK6rahK
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 05 Sep 2023 07:57:28 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQx2prH7flqP0-gcGb0ax-cbC9e0irNZ_9iBjCDRHsy0qcGYPhdRn-fPnDL6EoarhDVed89XWs5IqPN8f0QLoVYnJCBpjOL&google_hm=HRO9uGZH6amqaCH-TPK6rahK
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8B7E
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESECpRV6g_uzbJ_1aa_zLk1kU&google_cver=1&google_push=AXcoOmToGZnLcBryqVGn-0NY2T9UZBEMrAtzroi96qnSSiduHJDHUr4TrZoyI-87MCxRAanO8NfePgEzrqImBEgDNPHDu7V6QNRc
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmToGZnLcBryqVGn-0NY2T9UZBEMrAtzroi96qnSSiduHJDHUr4TrZoyI-87MCxRAanO8NfePgEzrqImBEgDNPHDu7V6QNRc&google_hm=M1JJXzdjY1FRWWNsUnBX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmToGZnLcBryqVGn-0NY2T9UZBEMrAtzroi96qnSSiduHJDHUr4TrZoyI-87MCxRAanO8NfePgEzrqImBEgDNPHDu7V6QNRc&google_hm=M1JJXzdjY1FRWWNsUnBXUHg4SE0=
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmToGZnLcBryqVGn-0NY2T9UZBEMrAtzroi96qnSSiduHJDHUr4TrZoyI-87MCxRAanO8NfePgEzrqImBEgDNPHDu7V6QNRc&google_hm=M1JJXzdjY1FRWWNsUnBXUHg4SE0=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8B7E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMUlmvxr0ORoirjfe07_ri0&google_cver=1&google_push=AXcoOmSZMk1dZoxmFILDRALiIdrrciSza3wQQkeGmSONRv0KFv6I96szjVfyvuwXs8GKbMr2U2...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14QXlReFlWRTJ1RWRvR3FqUHZiVUNDSUFzZGFKRl95Un5B&google_push=AXcoOmSZMk1dZoxmFILDRALiIdrrciSza3wQQkeGmSONRv0KFv6I96szj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14QXlReFlWRTJ1RWRvR3FqUHZiVUNDSUFzZGFKRl95Un5B&google_push=AXcoOmSZMk1dZoxmFILDRALiIdrrciSza3wQQkeGmSONRv0KFv6I96szjVfyvuwXs8GKbMr2U2W7t4LwapsxxNMBs00A7np6uEOzHg
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14QXlReFlWRTJ1RWRvR3FqUHZiVUNDSUFzZGFKRl95Un5B&google_push=AXcoOmSZMk1dZoxmFILDRALiIdrrciSza3wQQkeGmSONRv0KFv6I96szjVfyvuwXs8GKbMr2U2W7t4LwapsxxNMBs00A7np6uEOzHg
date
Tue, 05 Sep 2023 07:57:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 8B7E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LScvPT3-waEFNv051I_j3m_iJeAYpL0eLQPPtc4NPRFBRekqiu8iEoeIglFUF0fpXxF4XoLQ
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
ads
pubads.g.doubleclick.net/gampad/ Frame C627 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=760625571452123&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=BE84E5BA-6020-4ED8-8030-60DE0A255179&a3p=EhkKCnB1YmNpZC5vcmcYwdHioqYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGIrO4qKmMUgAUgIIZBIZCgp1aWRhcGkuY29tGInO4qKmMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lMM3BXWmtkTVVteFJMMWRLWWxKUFFXRk1UM04zUVQwOUluMD0Y49PioqYxSAASGwoMaWQ1LXN5bmMuY29tGIvT4qKmMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&dt=1693900647752&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&scor=3815066996298713&ged=ve4_td4_tt0_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6F58 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpFhErNxD6eYsWWHwlGkB3EvV4lF31kkpM4H36ZKLpU1kmltj1KrfBkBA_06VFcw2ZDkrQaYBIqjgsWvo3DWicaHXNPrzEIA2oGqtKwiMKFK95YS945DiuvvRxgT48KkPabPIiu9hyoB9bLoEkiQRpDhVrMXAh0nqF82m3ahqhnXl6qcc&cry=1&dbm_d=AKAmf-BzIkcISZdpf2phYJQ5fABfrE1ae4FpCAqoine1-2e1EHhDLfdrFhvyo5y6bAet9pOIkqcAEHhPHE-_xQfcQnGEBAISw8-b6hMaNwtCcXOegmFSOpL3kAFhG_pkF3Tz2I-XMSzdVWZDvhzePvEC55FMbuoZ7fufRrLVSAaylbIgwi55yUu4QUncm-xMD2heK0EdIpojC4xaCtAcRoDejT__mX1xwkgH7rQu921I60Fbl-MqEAvEGemtD6gyLeOlFfR40dyrgbhz2NwjkutJs0MmPnGGGDn_noHxYdO6yFs88nZkELufUxA8IVjrCv7-vwzIYCZQwNI0a7IIZaYxOA0anhZP3H7GPFd8uiyoPL527bd1RoVBfNfZTVr3kprOK54xp7bIHoehT1bPq2ckgQlKGQAL-_FrEWEWUu-aAYb2p56-Ece8S-O0vjxbpin4TZtaQ9efAPK91CDBT1HTQwcACrCJFoHaWoI0GThvNFW97NmQ43fGRUMnZot1axEmyo1g5CtqmR9mFNjDUaSv2js9pRWlvtkslLSCX1MEQlz-fLkJB5JuOTmNIgf3bX0tQrjBKZXfzqGOCnXzFfEr0KMWNeMD8Yzi7Qpwj5NxdoKgKXyAAcp3Mh79bk5aJw7bhKbAw4zVNyvfnnGMkVnYHS0yXVBsTeqONSWbgnRiXgVCir7_FeXapkSQauwM54jOYsp3_l0UsqgUaNw9pBsaFXB_Mt5_3rLqyzDdIfeIwUi7kSVZ8cCco8bqDCGrFr4ALK1Z4bTsMh8kOc7_ptW2uXr11TYjeunVSL_99X6Zf20XkTHnVjkFsrHuxJncZo3bz20xSWLypOyYXJeZTvmDVQoX6T7NyFp0vMPTHlWdmMVbC7OFwuOGl5PxcOjTpbannExNG31E3UwAUqAtaZ2p_YL4xQVY0SmofxIzW8XRzvkj8njpUh8LYnI84EijD-J8GA54jc9Zu_85o1ScoO9d_05aC_cGunJtHdhHsFDRTns1S9ByyHZSdfla8P1h2y842qzWQEeIA_jPR0vKGt_f_HqDQldPGEH6scpKdcTSciHFVeVbAKnVYsrOOfO8xZ0gFns0yiRbMeu8qtWE4z_QyrZbzNpjjZqwvymk7RnXjFQeohRQ_qsct9eTvV8o0pQngb6ZNkuaVHtEIglTA43SIsUnYtxwnvvl_c8bNm7IFz-ggdcvPGINzJE979pP69BbuwiY88RTyoPiwtoPaXWDb3YjpXxoyxuCs7mTXuLtp7QTBE6vXK22YdV-eEiz0dEMc9boQnhT9Sepw8FCKXvQBt0uo0RL9kzodJGyTC1RooqX2d8QhdnuWlpDQs3DN7At4s3V_-Sd5Z_-QgwR49n3G4fW-VB9s_P2_b6AtQ1momDM78PNtZoFwM8VQ9GjI8nP5HG5goSs5ETsUWAcmk8S_zffV5EU9ITz6kenRhhsPQT6lYmXZCErY-RpSp69b9Clv88BYc8-qEOO3JsLBg5tO1NjGeLEjgIJCi6Xmi5lR5wrgnHemoXqsSwz0B1Noa6ATQdQ8TX4ouWXY68sM6skbJrorz-wYxp52EyRnpRD9NKZkieg0dV5Fac07xk2c8077c-KSNI93hZNOVYORb10JTe9IePsg58GPFOAInwiNBCDSE8b4GwxOk4tPV-yxQoFIQ1-2VbaNIM-bHDH3g7FjuESre9Cf7secD1r17vWRI1DtMmQBgYHosv13yCmTdw-DnYOEPG7ca2e9OnGX77jsyP6c3DTGCnyUOzWAThLkMnItb100jl8t1IvNXSIudXMjDBJdVtLcg4n_oAsPkq_suuU1sJU4uXQRbrdUoDHlLgGD8UgqV2c9ujFNNkoRP4FNlJlIuXJmww2meH27gXYS6KibkRBYxm_YUbp6qe2rM0rQBvwbmGGDAZeJrACVLvbeDhq8XKHJoX5UIjB1pRl2_-IHHJUg6DQwLCRTO1g4roxXQ6Jpl7Lgu0TjFCIYwhsZEP4UfrFMhhlfg5viHfWKzFh8nnrqLSOBQkYznzhHrnufOK2qzOabEx_zR-j6NzZy4ZP2qrDzjLF2J6jbNQQ0FGXFEASB-JM7xw7oSuhdvQHD5BCnW8vrSAn_5yzZT1UxkKpLNEy78JSRLgw7UzKKh5JOvAx-qW1A6EI4ia6BNHPfB7xoRJmdv23aF58JATNugXWn_EHRM-dsyvndWDpH3sQBFySyCq-AZXzJNxZn1HWHNB2pwNPC4kSG8y8ktxy9e1XwbgYhz62OZBICxd5AyXuPax-oJDT3x5G05sisIxYXJptF_2Pvs7dAWYbS3GkxLasuxpnL0K_JzpOs_pWCch1Z4THbfdB-3PB_DqNWSbVAOm8lUsOnS70LNwj2feTKC-5G561MYxvZ8FHbpFE4IivTKVYB6TfsvCdHajzuvJ0PUxGzIRMu3DRTY2mOUR9q7oKpjDqMhMOh87HJjEwMuWSaaQ98ya4WcvR1Ng-xNtHz_2bAONOV5Q3b01u79OEAfGb8R9cevmXCmOKpdQlAeRkfWRFi18xQudsCOy10wIKSNIWAy0u5O8gMrxcuceYjm_csJZjReC3Jc6qeJCQS-41HX-VPPjTL8necgEyBoVjeC8XNBx6miNsjEbWITu9pV95ALZaQNl1pR_tfN9PQHkV47_BgBGyWm08ydW2f9DZvzNF5VEOoAnc3wgo0FxnHw3x3QIC4gVYfs_67skJNiCTqoKU3Yip0uXmUFzezElDkejbNQSdHmnDVHuj6vxQEK1Yg2S16eKyzAoVVHD981dWK4RTKMAJDKRPkmBxwxb662jrNss6Y-R0m3PcdSVS1Hef0zk_YBdYeIPiQxxHf7jG0HyCwUCP2ThrFEBK4lV-kFR6JrlZeeVj0jErFauHf_o5aeN3TIjWgdOoQFgeJO1jIRzfMbaCKg59oo04t3ajly9c7ohh_7zflhnJ-gXrzYehqRHXrxQxVZiHKlH9KIqpoojKM9gV8En9EIy54Hr4iO7zwTY1w8G8OmJAD9sMzGA46UEJBmDBEX7qmpP4Ob7dF29QcA3iWHG9xdyVa3iqk9aLhV4BRVCzwksm6GuMtpxkff4ZLE7CGPFSqHy1kNBTjapz-ew5rDUPcZUTMeL2_oWEBuc191IoOCOxCOfUcwya29E-Dqj0-UOqJLvjGlEAw3P2--II-sOYlKX-6lowuqLbxURApMmijq23r5u-c0RD48fylIR9jhT7C6sdBbDXDQK6yYs4fYMWUvAl5dHmUG-UUAZ05mwMT94xJf-jRQ00kFqHRlg-v8DN6acHFhDVc3IECGNCzSfSh7wYjmaGapf8ybQttDtQATNWPDV40GscTz28SBgC6gxnmcX7c4dfay3wQymQsTbirnquVZNcjqXLY0NZBQYtl2lzt-Dm9soaVOsXkl1eYbbaPEjukKHZG3IV_9nXyVzz_5XRQnKrtfBpJqd6DramLgFwUo_eWX5Fr79IvCQ4oTmb3NgerDs1A7of7iNSS7qJfpULtmIHNnIDIpiOBAwHVd3-XctdqDiDScRR3DD7Zs4S0-I3OXGzymHJqohbtIja1012Lv_F0Md5PSGqS8sx5ZU8FjXYJAmtoZRplezmchtqzx6C2MuE2O_nZQSvsXwTWmoyfVjZWyz1dgrpBsp1QOSsp-2HXUdhrBi6sUvK_BK12X6WqDzpCIagrvXdY10WJfHb3zWB6ppX8ejROHm_I1TdzzfqBPawvuuhE65c_kRmKcdganBGOKT29DqKFHu8qyk6BDQrBGX3GFJldLBoWNpBSc9-OkWfR4dV2BSUqfHpKUPLg3PlGCpOhQ&cid=CAQSPABpAlJWgVso435YyrFHMKM_2T5tJdO33EtiADrLjTbet8czCTTFIb3UWAkWUVwVA8jp0nbH3Evgh1O-cRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=14534706862075404000&adk=3522027986&idt=252&cac=0&dtd=39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
274572
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 03:41:15 GMT
i.match
s.tribalfusion.com/z/ Frame 5E9B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHhLfDRq3Yx_sWbnTDxCk5U&google_cver=1&google_push=AXcoOmRwIHRKpoDbAVEWTevgfiwxrB2RC2gEEZf6Djmvvzlwwse_BF-wUuQG9MfumZrI_SVAdkgB2y8-KkYB1Nm_AtepkkPwEfV1Z...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHhLfDRq3Yx_sWbnTDxCk5U&google_cver=1&google_push=AXcoOmRwIHRKpoDbAVEWTevgfiwxrB2RC2gEEZf6Djmvvzlwwse_BF-wUuQG9MfumZrI_SVAdkgB2y8-KkYB1Nm_AtepkkPwEfV...
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHhLfDRq3Yx_sWbnTDxCk5U&google_cver=1&google_push=AXcoOmRwIHRKpoDbAVEWTevgfiwxrB2RC2gEEZf6Djmvvzlwwse_BF-wUuQG9MfumZrI_SVAdkgB2y8-KkYB1Nm_AtepkkPwEfV1Zg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRwIHRKpoDbAVEWTevgfiwxrB2RC2gEEZf6Djmvvzlwwse_BF-wUuQG9MfumZrI_SVAdkgB2y8-KkYB1Nm_AtepkkPwEfV1Zg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
801cebecca025248-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
136
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHhLfDRq3Yx_sWbnTDxCk5U&google_cver=1&google_push=AXcoOmRwIHRKpoDbAVEWTevgfiwxrB2RC2gEEZf6Djmvvzlwwse_BF-wUuQG9MfumZrI_SVAdkgB2y8-KkYB1Nm_AtepkkPwEfV1Zg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRwIHRKpoDbAVEWTevgfiwxrB2RC2gEEZf6Djmvvzlwwse_BF-wUuQG9MfumZrI_SVAdkgB2y8-KkYB1Nm_AtepkkPwEfV1Zg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
801cebeb1fff5248-MXP
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5E9B
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEPs9wZiID9UEf98kVw59QLk&c_param1=AXcoOmTNjdmT6fuuNOPsKg1dsuF8gpzlfnlzuqLwcPzESpbbxaofvXdFQiwRFwX-oRxsMu14Jfvc9fi1w_ikFOJDXG_z1W6j61hWSg&gdpr=%%GDPR%...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTNjdmT6fuuNOPsKg1dsuF8gpzlfnlzuqLwcPzESpbbxaofvXdFQiwRFwX-oRxsMu14Jfvc9fi1w_ikFOJDXG_z1W6j61hWSg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTNjdmT6fuuNOPsKg1dsuF8gpzlfnlzuqLwcPzESpbbxaofvXdFQiwRFwX-oRxsMu14Jfvc9fi1w_ikFOJDXG_z1W6j61hWSg
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTNjdmT6fuuNOPsKg1dsuF8gpzlfnlzuqLwcPzESpbbxaofvXdFQiwRFwX-oRxsMu14Jfvc9fi1w_ikFOJDXG_z1W6j61hWSg
date
Tue, 05 Sep 2023 07:57:27 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5E9B
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEA3QGcbJSIp44Kdl9_Wm0mg&google_cver=1&google_push=AXcoOmTE4prQNWCE9rfMPU8NniCkFgeWkrczHwMP1nxBr9lpbXMjn1NYYJ_-YcPQtr_5krqF4iItSWYMxHsK49pOHNoFUlYlvkHW8A
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTE4prQNWCE9rfMPU8NniCkFgeWkrczHwMP1nxBr9lpbXMjn1NYYJ_-YcPQtr_5krqF4iItSWYMxHsK49pOHNoFUlYlvkHW8A&google_hm=88_qfbRkxSw1z5ff342lhw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTE4prQNWCE9rfMPU8NniCkFgeWkrczHwMP1nxBr9lpbXMjn1NYYJ_-YcPQtr_5krqF4iItSWYMxHsK49pOHNoFUlYlvkHW8A&google_hm=88_qfbRkxSw1z5ff342lhw==
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTE4prQNWCE9rfMPU8NniCkFgeWkrczHwMP1nxBr9lpbXMjn1NYYJ_-YcPQtr_5krqF4iItSWYMxHsK49pOHNoFUlYlvkHW8A&google_hm=88_qfbRkxSw1z5ff342lhw==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
pixel
cm.g.doubleclick.net/ Frame 5E9B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIQTjqO1WS_xyei85sbv7WY&google_cver=1&google_push=AXcoOmTh1lbldc9_18YTBA1xdcffCLB1JJp6av4--UVyKtLVCYi6PrdQpt7X0TsrltV8rL0pHMZh3Q7FLYrxh...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIQTjqO1WS_xyei85sbv7WY&google_push=AXcoOmTh1lbldc9_18YTBA1xdcffCLB1JJp6av4--UVyKtLVCYi6PrdQpt7X0TsrltV8rL0pHMZh3Q7FLYrxh...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTh1lbldc9_18YTBA1xdcffCLB1JJp6av4--UVyKtLVCYi6PrdQpt7X0TsrltV8rL0pHMZh3Q7FLYrxhRhGojBYLrE_Ezqm7w&google_hm=M2U0VVg5Sy12RVFPbn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTh1lbldc9_18YTBA1xdcffCLB1JJp6av4--UVyKtLVCYi6PrdQpt7X0TsrltV8rL0pHMZh3Q7FLYrxhRhGojBYLrE_Ezqm7w&google_hm=M2U0VVg5Sy12RVFPbnFxZlpmOWc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 07:57:28 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTh1lbldc9_18YTBA1xdcffCLB1JJp6av4--UVyKtLVCYi6PrdQpt7X0TsrltV8rL0pHMZh3Q7FLYrxhRhGojBYLrE_Ezqm7w&google_hm=M2U0VVg5Sy12RVFPbnFxZlpmOWc=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
238
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5E9B
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMLgJY6ULVQA05MVQ7ktl4M&google_cver=1&google_push=AXcoOmQFDY0O0B2dVRW9KdI2uz187zK-IwbPdP138fbiyG_tbo7SanxUhjnk5RYxAyMvroqWM2tOFlEA3pf1D7gBO...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMLgJY6ULVQA05MVQ7ktl4M&google_cver=1&google_push=AXcoOmQFDY0O0B2dVRW9KdI2uz187zK-IwbPdP138fbiyG_tbo7SanxUhjnk5RYxAyMvroqWM2tOFlEA3pf1D7gBO...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQFDY0O0B2dVRW9KdI2uz187zK-IwbPdP138fbiyG_tbo7SanxUhjnk5RYxAyMvroqWM2tOFlEA3pf1D7gBOHYRdWDLiSeUBQ&google_hm=HRO9uGZH6amqaCH-TPK6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQFDY0O0B2dVRW9KdI2uz187zK-IwbPdP138fbiyG_tbo7SanxUhjnk5RYxAyMvroqWM2tOFlEA3pf1D7gBOHYRdWDLiSeUBQ&google_hm=HRO9uGZH6amqaCH-TPK6rahK
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 05 Sep 2023 07:57:28 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQFDY0O0B2dVRW9KdI2uz187zK-IwbPdP138fbiyG_tbo7SanxUhjnk5RYxAyMvroqWM2tOFlEA3pf1D7gBOHYRdWDLiSeUBQ&google_hm=HRO9uGZH6amqaCH-TPK6rahK
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 5E9B
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEJajGoKxPJDDyQvwxcdV30E&google_cver=1&google_push=AXcoOmQRWs7kXh_rCZZ0SqoK4B_qq-8at1TmUY3JbwrXsB9Vc8wnJun5hVUWiy3Wx9T9INf2i-upuLlYg4crDCYYa2iEYnP...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NGNhMGE2NzMzMGMxNGEwZGFkMmFhNDNiNGFmODlkYWI%3D&UIDF=CAESEJajGoKxPJDDyQvwxcdV30E&google_cver=1&google_push=AXcoOmQRWs7kXh_rCZZ0SqoK4B_q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NGNhMGE2NzMzMGMxNGEwZGFkMmFhNDNiNGFmODlkYWI%3D&UIDF=CAESEJajGoKxPJDDyQvwxcdV30E&google_cver=1&google_push=AXcoOmQRWs7kXh_rCZZ0SqoK4B_qq-8at1TmUY3JbwrXsB9Vc8wnJun5hVUWiy3Wx9T9INf2i-upuLlYg4crDCYYa2iEYnPXAF297g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NGNhMGE2NzMzMGMxNGEwZGFkMmFhNDNiNGFmODlkYWI%3D&UIDF=CAESEJajGoKxPJDDyQvwxcdV30E&google_cver=1&google_push=AXcoOmQRWs7kXh_rCZZ0SqoK4B_qq-8at1TmUY3JbwrXsB9Vc8wnJun5hVUWiy3Wx9T9INf2i-upuLlYg4crDCYYa2iEYnPXAF297g
date
Tue, 05 Sep 2023 07:57:28 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
/
cc.adingo.jp/adx/push/ Frame 5E9B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEBmx4XR_SUuKWzQwO8TnxAI&google_cver=1&google_push=AXcoOmRsAKdkV2QvYOTprI6k-8X-2OWmD07zF6jAhHWd9bD4KqF6iz-Ou8sGqeydEe2k0YtKla6s56OdFy2U2N9pa3hAIg_xlPM1wg
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.83.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-83-56.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:28 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame 5E9B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JDMhx76G4SyILsgfCtti0FQIPL_WBYOrQYQ0GXcRz2zZoHM8QJitnyIDuEIXx6whGFaUFz
Requested by
Host: 8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
URL: https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6C7F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPbfZgAMjCgFkVfmAAZ0VRZDtyC7TyYQW5K6jA&u=%7CzkoH2%2F1Bx5ZnvOahl%2F%2F1TQFajSPqMhiZn5QixIieh6o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjpM_htxWq_02_kHkTXEKA7t5b5PnP0dyOIKDn9GYACS4Y4_18eJ1W-8iR4E83NfzWi6U3IFpwSezzTv_26lCU3JpYO1Ul4uomtQXdR7iQjCcDIjdimm7ZmEvJYMQNn0g7k25M6a-peFOZkJGWzTxK7jGoHVtp8nTebuHpFO2muawCqNoy-qoP0fPRPMPEigJKbbcnzl9CN7pkpNO3Ptus46w-SLaEmFPSebR8akv-5A01TONu2B_MQODeDlJmkngi9u4fQ8iy_1CkmGSLB-4zZnsszm-h69dDGH0q2_V7-Ao6ht2u7ER-KCLm9oLGxKANOElG4C_wzTkLbixOsdk5tAF8VtpSPhmWgtNJDuIfz7tBKWOzC4SmQYn6alB7hIj44y7Acgn6N5NG4J9eYNXJE-BjFsvhzQvhZh4KsiHK4SEFhGZogzK_AqrVVTr7UlQ5gKTt2CVASJvXn2weqx6CCnu1beM8vL3xfVVmCEd31H5MVCE0VTenHg6-Z-kmX2qc8dgAtZ7Ofen4AkatpQkheQbbW8Skh6x44xr4AOvHqND_A5F-yeVigrh1SukEhyHbCKQYfBr1_JOl4b3nIvrrhdNR3xUUM7AuwnKYF_8VN1yBBuEKfjWHwPjjJD3QIxV8dgksB5jzXgTPb2WyD_R4gMTkKXm1DsoNGLwcL6nRtFlzRcS5tpTPe7Si6T7GFskkw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI0YbZt_2ZKiYMuavxdwP1eiZkA7JntKxXNWdkfdwwI23ARABIABg9YWAgLQEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArhE27bwGLI-qAMByAMCqgSXAk_QlXlkQ0CQe4L0Z0UmDFsqyj_51FDNJIxUmzw9H2QnFVniWyLq39PGQsXyAVcqJ00OTsgBqgacE5zJInLoHS3qoAoNH8Nn9rovIZdbAYRjlUDfaTDrzkunX95HoIcxx3bdNbHaXkLLhg7PP9x3J3NHDc9pbpFbofzwtTPR7UpzspfFFGTopAiTYP2EvI2KsRvn5cuv6cXh0W8HOP7qiQmctuH4xjLyn5nzUJGOcfmGLGkFvghWCpS60CmoEvaKfhYJ1yb1MiFcd9vkgGlsxA0WFoEMJDqM1CoEt5gaed_YE6loAtskYDTvp_8vi6E3EhgFLTfdcTpylrM71SC44gWTZ7GnRzpYLy_6J4t-4roRKWFyHCgZAYAGxJ2TzZ2-mPJioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Kx1zX4GLefE3wVuaXGAbYDL7PKw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 30 Aug 2024 07:57:27 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6C7F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPbfZgAMjCgFkVfmAAZ0VRZDtyC7TyYQW5K6jA&u=%7CzkoH2%2F1Bx5ZnvOahl%2F%2F1TQFajSPqMhiZn5QixIieh6o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjpM_htxWq_02_kHkTXEKA7t5b5PnP0dyOIKDn9GYACS4Y4_18eJ1W-8iR4E83NfzWi6U3IFpwSezzTv_26lCU3JpYO1Ul4uomtQXdR7iQjCcDIjdimm7ZmEvJYMQNn0g7k25M6a-peFOZkJGWzTxK7jGoHVtp8nTebuHpFO2muawCqNoy-qoP0fPRPMPEigJKbbcnzl9CN7pkpNO3Ptus46w-SLaEmFPSebR8akv-5A01TONu2B_MQODeDlJmkngi9u4fQ8iy_1CkmGSLB-4zZnsszm-h69dDGH0q2_V7-Ao6ht2u7ER-KCLm9oLGxKANOElG4C_wzTkLbixOsdk5tAF8VtpSPhmWgtNJDuIfz7tBKWOzC4SmQYn6alB7hIj44y7Acgn6N5NG4J9eYNXJE-BjFsvhzQvhZh4KsiHK4SEFhGZogzK_AqrVVTr7UlQ5gKTt2CVASJvXn2weqx6CCnu1beM8vL3xfVVmCEd31H5MVCE0VTenHg6-Z-kmX2qc8dgAtZ7Ofen4AkatpQkheQbbW8Skh6x44xr4AOvHqND_A5F-yeVigrh1SukEhyHbCKQYfBr1_JOl4b3nIvrrhdNR3xUUM7AuwnKYF_8VN1yBBuEKfjWHwPjjJD3QIxV8dgksB5jzXgTPb2WyD_R4gMTkKXm1DsoNGLwcL6nRtFlzRcS5tpTPe7Si6T7GFskkw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI0YbZt_2ZKiYMuavxdwP1eiZkA7JntKxXNWdkfdwwI23ARABIABg9YWAgLQEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArhE27bwGLI-qAMByAMCqgSXAk_QlXlkQ0CQe4L0Z0UmDFsqyj_51FDNJIxUmzw9H2QnFVniWyLq39PGQsXyAVcqJ00OTsgBqgacE5zJInLoHS3qoAoNH8Nn9rovIZdbAYRjlUDfaTDrzkunX95HoIcxx3bdNbHaXkLLhg7PP9x3J3NHDc9pbpFbofzwtTPR7UpzspfFFGTopAiTYP2EvI2KsRvn5cuv6cXh0W8HOP7qiQmctuH4xjLyn5nzUJGOcfmGLGkFvghWCpS60CmoEvaKfhYJ1yb1MiFcd9vkgGlsxA0WFoEMJDqM1CoEt5gaed_YE6loAtskYDTvp_8vi6E3EhgFLTfdcTpylrM71SC44gWTZ7GnRzpYLy_6J4t-4roRKWFyHCgZAYAGxJ2TzZ2-mPJioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Kx1zX4GLefE3wVuaXGAbYDL7PKw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 30 Aug 2024 07:57:27 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6C7F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPbfZgAMjCgFkVfmAAZ0VRZDtyC7TyYQW5K6jA&u=%7CzkoH2%2F1Bx5ZnvOahl%2F%2F1TQFajSPqMhiZn5QixIieh6o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjpM_htxWq_02_kHkTXEKA7t5b5PnP0dyOIKDn9GYACS4Y4_18eJ1W-8iR4E83NfzWi6U3IFpwSezzTv_26lCU3JpYO1Ul4uomtQXdR7iQjCcDIjdimm7ZmEvJYMQNn0g7k25M6a-peFOZkJGWzTxK7jGoHVtp8nTebuHpFO2muawCqNoy-qoP0fPRPMPEigJKbbcnzl9CN7pkpNO3Ptus46w-SLaEmFPSebR8akv-5A01TONu2B_MQODeDlJmkngi9u4fQ8iy_1CkmGSLB-4zZnsszm-h69dDGH0q2_V7-Ao6ht2u7ER-KCLm9oLGxKANOElG4C_wzTkLbixOsdk5tAF8VtpSPhmWgtNJDuIfz7tBKWOzC4SmQYn6alB7hIj44y7Acgn6N5NG4J9eYNXJE-BjFsvhzQvhZh4KsiHK4SEFhGZogzK_AqrVVTr7UlQ5gKTt2CVASJvXn2weqx6CCnu1beM8vL3xfVVmCEd31H5MVCE0VTenHg6-Z-kmX2qc8dgAtZ7Ofen4AkatpQkheQbbW8Skh6x44xr4AOvHqND_A5F-yeVigrh1SukEhyHbCKQYfBr1_JOl4b3nIvrrhdNR3xUUM7AuwnKYF_8VN1yBBuEKfjWHwPjjJD3QIxV8dgksB5jzXgTPb2WyD_R4gMTkKXm1DsoNGLwcL6nRtFlzRcS5tpTPe7Si6T7GFskkw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI0YbZt_2ZKiYMuavxdwP1eiZkA7JntKxXNWdkfdwwI23ARABIABg9YWAgLQEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArhE27bwGLI-qAMByAMCqgSXAk_QlXlkQ0CQe4L0Z0UmDFsqyj_51FDNJIxUmzw9H2QnFVniWyLq39PGQsXyAVcqJ00OTsgBqgacE5zJInLoHS3qoAoNH8Nn9rovIZdbAYRjlUDfaTDrzkunX95HoIcxx3bdNbHaXkLLhg7PP9x3J3NHDc9pbpFbofzwtTPR7UpzspfFFGTopAiTYP2EvI2KsRvn5cuv6cXh0W8HOP7qiQmctuH4xjLyn5nzUJGOcfmGLGkFvghWCpS60CmoEvaKfhYJ1yb1MiFcd9vkgGlsxA0WFoEMJDqM1CoEt5gaed_YE6loAtskYDTvp_8vi6E3EhgFLTfdcTpylrM71SC44gWTZ7GnRzpYLy_6J4t-4roRKWFyHCgZAYAGxJ2TzZ2-mPJioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Kx1zX4GLefE3wVuaXGAbYDL7PKw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 30 Aug 2024 07:57:27 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6C7F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPbfZgAMjCgFkVfmAAZ0VRZDtyC7TyYQW5K6jA&u=%7CzkoH2%2F1Bx5ZnvOahl%2F%2F1TQFajSPqMhiZn5QixIieh6o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjpM_htxWq_02_kHkTXEKA7t5b5PnP0dyOIKDn9GYACS4Y4_18eJ1W-8iR4E83NfzWi6U3IFpwSezzTv_26lCU3JpYO1Ul4uomtQXdR7iQjCcDIjdimm7ZmEvJYMQNn0g7k25M6a-peFOZkJGWzTxK7jGoHVtp8nTebuHpFO2muawCqNoy-qoP0fPRPMPEigJKbbcnzl9CN7pkpNO3Ptus46w-SLaEmFPSebR8akv-5A01TONu2B_MQODeDlJmkngi9u4fQ8iy_1CkmGSLB-4zZnsszm-h69dDGH0q2_V7-Ao6ht2u7ER-KCLm9oLGxKANOElG4C_wzTkLbixOsdk5tAF8VtpSPhmWgtNJDuIfz7tBKWOzC4SmQYn6alB7hIj44y7Acgn6N5NG4J9eYNXJE-BjFsvhzQvhZh4KsiHK4SEFhGZogzK_AqrVVTr7UlQ5gKTt2CVASJvXn2weqx6CCnu1beM8vL3xfVVmCEd31H5MVCE0VTenHg6-Z-kmX2qc8dgAtZ7Ofen4AkatpQkheQbbW8Skh6x44xr4AOvHqND_A5F-yeVigrh1SukEhyHbCKQYfBr1_JOl4b3nIvrrhdNR3xUUM7AuwnKYF_8VN1yBBuEKfjWHwPjjJD3QIxV8dgksB5jzXgTPb2WyD_R4gMTkKXm1DsoNGLwcL6nRtFlzRcS5tpTPe7Si6T7GFskkw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI0YbZt_2ZKiYMuavxdwP1eiZkA7JntKxXNWdkfdwwI23ARABIABg9YWAgLQEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArhE27bwGLI-qAMByAMCqgSXAk_QlXlkQ0CQe4L0Z0UmDFsqyj_51FDNJIxUmzw9H2QnFVniWyLq39PGQsXyAVcqJ00OTsgBqgacE5zJInLoHS3qoAoNH8Nn9rovIZdbAYRjlUDfaTDrzkunX95HoIcxx3bdNbHaXkLLhg7PP9x3J3NHDc9pbpFbofzwtTPR7UpzspfFFGTopAiTYP2EvI2KsRvn5cuv6cXh0W8HOP7qiQmctuH4xjLyn5nzUJGOcfmGLGkFvghWCpS60CmoEvaKfhYJ1yb1MiFcd9vkgGlsxA0WFoEMJDqM1CoEt5gaed_YE6loAtskYDTvp_8vi6E3EhgFLTfdcTpylrM71SC44gWTZ7GnRzpYLy_6J4t-4roRKWFyHCgZAYAGxJ2TzZ2-mPJioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Kx1zX4GLefE3wVuaXGAbYDL7PKw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 30 Aug 2024 07:57:27 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 6C7F 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=f_JTS--3RjrXjtke6O5doNcG14ALECPCQ4JrBrc3XHMmOzBg05Ov8XXjodzCEjYdoziZQRmR_aRZ59QgQUdc9y65t1Ls35pqmA4hXn4Kz7yeobh6M9lTk-ERBedgYbFVaESZQmog_wEx9AScH9iqy9CIwUfhuKTpM8f4j66FHiGwaQKNa3FvrhQyNhEAY4HQuxeNVRBoSymkidJBNyDxj9QrQhblbp_ZYpzw-HjRm2dOOWaRzmo6ZhBSXfoGe8F_pRfoKVSB2bbT1QX3BQUfHBj9GevCdUjvtiNx8xyd571gKYHuidwIeeIBDZzbQBr3vDmzQe_nuuZJuIhKhqtXjb8yoovrnHZXJax74zY9SjXb-z4nE-Jd_UYsp4YHLIKULlU7l7tdJdN7aHPF7zgPEAFmEKCPSC8QCsSF9wTelDvZRp6iTPkfOc9mtCKnpuxfGhCZQuiw4uP-qX1q9Y6qTbMy8W8yfj5Dn3OCHB0YCK8PkyB49OpH68Yg38f7Jihwf80-Kjn13WDHGA2gw8Hb7Dg6SucLvOFxekRSjKwKrj9s-1RahRO2nkK138pW6dQyS1SJHg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPbfZgAMjCgFkVfmAAZ0VRZDtyC7TyYQW5K6jA&u=%7CzkoH2%2F1Bx5ZnvOahl%2F%2F1TQFajSPqMhiZn5QixIieh6o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjpM_htxWq_02_kHkTXEKA7t5b5PnP0dyOIKDn9GYACS4Y4_18eJ1W-8iR4E83NfzWi6U3IFpwSezzTv_26lCU3JpYO1Ul4uomtQXdR7iQjCcDIjdimm7ZmEvJYMQNn0g7k25M6a-peFOZkJGWzTxK7jGoHVtp8nTebuHpFO2muawCqNoy-qoP0fPRPMPEigJKbbcnzl9CN7pkpNO3Ptus46w-SLaEmFPSebR8akv-5A01TONu2B_MQODeDlJmkngi9u4fQ8iy_1CkmGSLB-4zZnsszm-h69dDGH0q2_V7-Ao6ht2u7ER-KCLm9oLGxKANOElG4C_wzTkLbixOsdk5tAF8VtpSPhmWgtNJDuIfz7tBKWOzC4SmQYn6alB7hIj44y7Acgn6N5NG4J9eYNXJE-BjFsvhzQvhZh4KsiHK4SEFhGZogzK_AqrVVTr7UlQ5gKTt2CVASJvXn2weqx6CCnu1beM8vL3xfVVmCEd31H5MVCE0VTenHg6-Z-kmX2qc8dgAtZ7Ofen4AkatpQkheQbbW8Skh6x44xr4AOvHqND_A5F-yeVigrh1SukEhyHbCKQYfBr1_JOl4b3nIvrrhdNR3xUUM7AuwnKYF_8VN1yBBuEKfjWHwPjjJD3QIxV8dgksB5jzXgTPb2WyD_R4gMTkKXm1DsoNGLwcL6nRtFlzRcS5tpTPe7Si6T7GFskkw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI0YbZt_2ZKiYMuavxdwP1eiZkA7JntKxXNWdkfdwwI23ARABIABg9YWAgLQEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArhE27bwGLI-qAMByAMCqgSXAk_QlXlkQ0CQe4L0Z0UmDFsqyj_51FDNJIxUmzw9H2QnFVniWyLq39PGQsXyAVcqJ00OTsgBqgacE5zJInLoHS3qoAoNH8Nn9rovIZdbAYRjlUDfaTDrzkunX95HoIcxx3bdNbHaXkLLhg7PP9x3J3NHDc9pbpFbofzwtTPR7UpzspfFFGTopAiTYP2EvI2KsRvn5cuv6cXh0W8HOP7qiQmctuH4xjLyn5nzUJGOcfmGLGkFvghWCpS60CmoEvaKfhYJ1yb1MiFcd9vkgGlsxA0WFoEMJDqM1CoEt5gaed_YE6loAtskYDTvp_8vi6E3EhgFLTfdcTpylrM71SC44gWTZ7GnRzpYLy_6J4t-4roRKWFyHCgZAYAGxJ2TzZ2-mPJioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Kx1zX4GLefE3wVuaXGAbYDL7PKw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2244933
expires
Mon, 26 Jul 1997 05:00:00 GMT
9348ac51547c42e6ac4ed91fa93d3063_image_ad_336x280.jpeg
static.criteo.net/design/dt/92327/4936840/ Frame 6C7F 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/92327/4936840/9348ac51547c42e6ac4ed91fa93d3063_image_ad_336x280.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPbfZgAMjCgFkVfmAAZ0VRZDtyC7TyYQW5K6jA&u=%7CzkoH2%2F1Bx5ZnvOahl%2F%2F1TQFajSPqMhiZn5QixIieh6o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjpM_htxWq_02_kHkTXEKA7t5b5PnP0dyOIKDn9GYACS4Y4_18eJ1W-8iR4E83NfzWi6U3IFpwSezzTv_26lCU3JpYO1Ul4uomtQXdR7iQjCcDIjdimm7ZmEvJYMQNn0g7k25M6a-peFOZkJGWzTxK7jGoHVtp8nTebuHpFO2muawCqNoy-qoP0fPRPMPEigJKbbcnzl9CN7pkpNO3Ptus46w-SLaEmFPSebR8akv-5A01TONu2B_MQODeDlJmkngi9u4fQ8iy_1CkmGSLB-4zZnsszm-h69dDGH0q2_V7-Ao6ht2u7ER-KCLm9oLGxKANOElG4C_wzTkLbixOsdk5tAF8VtpSPhmWgtNJDuIfz7tBKWOzC4SmQYn6alB7hIj44y7Acgn6N5NG4J9eYNXJE-BjFsvhzQvhZh4KsiHK4SEFhGZogzK_AqrVVTr7UlQ5gKTt2CVASJvXn2weqx6CCnu1beM8vL3xfVVmCEd31H5MVCE0VTenHg6-Z-kmX2qc8dgAtZ7Ofen4AkatpQkheQbbW8Skh6x44xr4AOvHqND_A5F-yeVigrh1SukEhyHbCKQYfBr1_JOl4b3nIvrrhdNR3xUUM7AuwnKYF_8VN1yBBuEKfjWHwPjjJD3QIxV8dgksB5jzXgTPb2WyD_R4gMTkKXm1DsoNGLwcL6nRtFlzRcS5tpTPe7Si6T7GFskkw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI0YbZt_2ZKiYMuavxdwP1eiZkA7JntKxXNWdkfdwwI23ARABIABg9YWAgLQEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArhE27bwGLI-qAMByAMCqgSXAk_QlXlkQ0CQe4L0Z0UmDFsqyj_51FDNJIxUmzw9H2QnFVniWyLq39PGQsXyAVcqJ00OTsgBqgacE5zJInLoHS3qoAoNH8Nn9rovIZdbAYRjlUDfaTDrzkunX95HoIcxx3bdNbHaXkLLhg7PP9x3J3NHDc9pbpFbofzwtTPR7UpzspfFFGTopAiTYP2EvI2KsRvn5cuv6cXh0W8HOP7qiQmctuH4xjLyn5nzUJGOcfmGLGkFvghWCpS60CmoEvaKfhYJ1yb1MiFcd9vkgGlsxA0WFoEMJDqM1CoEt5gaed_YE6loAtskYDTvp_8vi6E3EhgFLTfdcTpylrM71SC44gWTZ7GnRzpYLy_6J4t-4roRKWFyHCgZAYAGxJ2TzZ2-mPJioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Kx1zX4GLefE3wVuaXGAbYDL7PKw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d8f4f1156b777f28c22685aade9fdaf51c55bb238e296637eb3d916482d6c714
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Sep 2023 06:38:37 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64f186ed-10a2c"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
68140
expires
Fri, 30 Aug 2024 07:57:27 GMT
8w7qrx09r0fs
hal9000.redintelligence.net/zone/ Frame 6F58 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-UxZZt_2ZLriLPysxdwPwoyd0AaRwdCbafvwg5LcD_AuEAEg0syBGmD1hYCAtATIAQmpAnFU_MewG7I-qAMByAObBKoE4AFP0Jd3hpxOWKwLu7KgAc1KxS8nNLM-lbmkVRHHip2U72_J75GK9ugFogwJFWbZ5FTMpIYIaKuMK57WsWoDTG83Uv6K3SHpgZ14rNglpWfIkVK1HzybrlJ4JyEZmvVs19CiWvq-IObyi5nph4dvcwory9DBSIb0LCOWjCLRKMLriT9CCacDlz2NirG0GKIqL33u4uiDpt285fZXQbpSRFxmh-36N1E7h8UXqRU_BAEwBV0tQtQmGZb7_PmHdOT1y2lJGmoC-8pXk27SvIsavqq8qgwVnjgYBPVHDr0dAY7S5sAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIuq3V0v-SgQMVfFaRBR1CRgdqEAEYASAAEgIYo_D_BwE%26num%3D1%26cid%3DCAQSPABpAlJWgVso435YyrFHMKM_2T5tJdO33EtiADrLjTbet8czCTTFIb3UWAkWUVwVA8jp0nbH3Evgh1O-cRgB%26sig%3DAOD64_15VRnvzIuHbAZ1FiCbEIkJmXT8Ow%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-BRhvOm_o-2YEfbGhNNLJMmyU2e0gZuQSe9GQBSe8jBZwOdbdVsHyX5GEUjs9AmrBTDoAC_Yl6mFdIOpALneQS52PyE1poZWunfYGlseQi7vNNaFRlfpNZNAcIecyHMP_xWztjSDYgIGHHgw4wTzAS8buPUl4B5A5DtKaFmPOleDRao8j4%26cry%3D1%26dbm_d%3DAKAmf-B9nk4JELj-njT7FjpWeItt_tzvm_EZ1YykOO57fGYiAU-9t7idWx1g0OBwO_IJh2a8k0lvBMoxtRlY53xJbxY2CN3QMejyhl8au7o_d-ZQru6CE2dk9GclOMm4qKn5GVylqRvUR8solwD0m2wL42yPDbgRwhI4BiuesAey14Jx5xnDo8KU7YDVLm0RDF1x_fOpv0rvW5TInb3bQnbt7uI1U-1jbiqfVT-W0asHolxbETKrqrIjiHO94wKAEEvwzSiHG0ng9t2xM5_vnc3WU8QJrq7td8dOTLLDrYXEzLXGM5Pf1Zyyi-mOQSWwZoumTJVGVxnYwqXHZwHtxz6oJUQ93NhOBG2BC6EeS5Q5Eo3zmNGUejqXTe5IXiP6spG7xTz751BcFGVp-8j__dH51RCDMc-6Rzlt_p4T36qtJEEO3TbPrTxKl-qEa5XmKZulODP4rZBx4WIaXvZzEsKhOYe5EvGK45Ns9ik1IRLN3k_R3wnBsubpHa8wdP1IBGkqDVQ3I-PFt-7ixWQkj3BJl3OQmaEBr0Ub6lZV8dKRSkxvUC4-JP-BMuI_x8t96pwdZaMYboH8jMH4euQtIf6cDW52A4YJu7iUNc0BAhULayKf9484vp8xZSwpSeJrlqNPqIU7ocRmWjcsOLvJ2gcQcdau3OlCiwvSYoW6N1w66C0C9WDajL8%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
a2f6e8624590cde432e4d22e48b460ab43dc4df4777750a36b0ac9414ed0460c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 07:57:27 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4251
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
truncated
/ Frame A328 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d002fecf6ab94932d8851fa5c07275ce5807839e3ef7b73191d71614d17f553a

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CFHyGZt_2ZJj1IMm9-wav-KWIAoermpNx9Me97vwRuuHomcsBEAEguoTAM2D1hYCAtASgAfnf_OsDyAEJqQLtD5OemvKyPuACAKgDAcgDywSqBMUCT9BlH_6U_-hJMVd5QwOQr6EbvboTFTQwEkSr7ErvA_kDky2cjeCAoOnIPMXUjvUoR7-IvwP2HItzj_nHoYXCJ3XlFf3RXdT2-tjgnfK-7JQZgCsL2V5rlI0PfO3Goq40lwezYj1JXx8C1mb3SLg0SHeOdOTPcf9_y-HXllsxMP6S-dYwzrFUuKu80oDvTdyUWuvRUPP8KIfmBE0hQOs3_1KV-7uDjpSyV51htGqF8gPij9nDJd63a-z23ax7GnzoBj8fTrqc2rRj0E3py5H5EvRU4hgzfuZTUgerirI90nrrgTCZuYg24h01PXaOSLnlfEu4mFW8FK3xYt2Ca6vlhavU8C5QdP8bgju5FwoVF-rL9sk_mnJiGDstb25KEfyCtPmJKiOWwX9nTdtZT8pDv3XoKoGA3Xwe3plLY1KQ21XTGaQ1xcAErb7FjKAE4AQBiAW4x5mXSpIFBAgEGAGSBQQIBRgEoAYugAfvn4MUqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQnbUG0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCaCSVodHRwczovL3d3dy5tb2JpbGV6b25lLmNoL2RlL2ZsZXhyYXRlgAoDyAsBmAzZ7v6BngTaDBEKCxCA-Mvd5q2Z6rYBEgIBA7gTgwTYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItMTMyNTM0MDQyOTgyMzUwMhjKqx4&sigh=mIf1si67Lxw&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWSpsQ7t26dMZyH5wsc0pLBSaNf9Nspe-CCOEKyKmvVYZ-asx3Ke1mvU1y96hTf4WDZjCbe3c_gBgB&template_id=515&cbvp=2&vis=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 05 Sep 2023 07:57:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame A328
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CFHyGZt_2ZJj1IMm9-wav-KWIAoermpNx9Me97vwRuuHomcsBEAEguoTAM2D1hYCAtASgAfnf_OsDyAEJqQLtD5OemvKyPuACAKgDAcgDywSqBMUCT9BlH_6U_-hJMVd5QwOQr6EbvboT...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf5d71a1de156ea9e0000000000000000%22,%222%22:%220x88a33002921141e70000000000000000%22,%223%22:%220x101aba...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf5d71a1de156ea9e0000000000000000%22,%222%22:%220x88a33002921141e70000000000000000%22,%223%22:%220x101aba228d147f130000000000000000%22,%224%22:%220xa75babc2f1e1ff120000000000000000%22,%225%22:%220x7400bc5399ddfa70000000000000000%22},%22debug_key%22:%226834138944872776132%22,%22debug_reporting%22:true,%22destination%22:%22https://mobilezone.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221031745529%22],%224%22:[%2209-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213340321609862003265%22}&andc=true
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xf5d71a1de156ea9e0000000000000000","2":"0x88a33002921141e70000000000000000","3":"0x101aba228d147f130000000000000000","4":"0xa75babc2f1e1ff120000000000000000","5":"0x7400bc5399ddfa70000000000000000"},"debug_key":"6834138944872776132","debug_reporting":true,"destination":"https://mobilezone.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1031745529"],"4":["09-05"],"6":["true"]},"priority":"500","source_event_id":"13340321609862003265"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 05 Sep 2023 07:57:29 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 05 Sep 2023 07:57:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xf5d71a1de156ea9e0000000000000000","2":"0x88a33002921141e70000000000000000","3":"0x101aba228d147f130000000000000000","4":"0xa75babc2f1e1ff120000000000000000","5":"0x7400bc5399ddfa70000000000000000"},"debug_key":"6834138944872776132","debug_reporting":true,"destination":"https://mobilezone.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1031745529"],"4":["09-05"],"6":["true"]},"priority":"500","source_event_id":"13340321609862003265"}&andc=true
access-control-allow-origin
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A328 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 05:14:28 GMT
x-content-type-options
nosniff
age
528180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Aug 2024 05:14:28 GMT
truncated
/ Frame 62A1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c9a10e5e0c899caa26953d42672df74d99ce3171681d139a3026606fa462c2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZiMiZt_2ZJn1IMm9-wav-KWIAoermpNxxMi97vwRmujS4LIBEAEguoTAM2D1hYCAtASgAfnf_OsDyAEJqQLtD5OemvKyPuACAKgDAcgDywSqBMcCT9Bn1PtcnpX1KEwhFjfGqBZdmy8mMS-xy7R8dfL1u23Y9Np2nrIJj7IPcgsV7iAxrdHszYIecx7mG1924mCJ6S9MAcoXuAuiOxDW0IENW8SJ3a3s5vI1-c4yCRqNfGDWwt-MFe4oOflAwIpNO_X3AZmXdqDRT1vDtUk26-3DLZV3FOYya4vO5eYtmiblGNbS64MH226FI3AcgDUCY5SRP2LPlKFmEcWQu_9KVggt8-rg2oJ18HvpsDVT67IEmuYdggOnnrhrN0yKklURkv6MUkRtfVbfRXbHgO8aDXlh7cqPsOMGmu8-aJ_hi1mlHEnuzoKMDdi0ENL81kaiqhJizz9r20yJjs5Vd2I4JH_2DJI-rj_zeDdjnV6judvwUZRoO8vW8pwso8MjH-O1zsO4BXdBvsKlCNMA_VeF9O1uYuKM_YJ69m3wwAStvsWMoATgBAGIBbjHmZdKkgUECAQYAZIFBAgFGASgBi6AB--fgxSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCpiwvSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MJoJJWh0dHBzOi8vd3d3Lm1vYmlsZXpvbmUuY2gvZGUvZmxleHJhdGWACgPICwGYDNnu_oGeBNoMEAoKEIDEo_O-sK6mIhICAQO4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=oVP2SCbkHVY&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWSpsQ7t26dMZyH5wsc0pLBSaNf9Nspe-CCOEKyKmvVYZ-asx3Ke1mvU1y96hTf4WDZjCbe3c_gBgB&template_id=515&cbvp=2&vis=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 05 Sep 2023 07:57:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 62A1
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CZiMiZt_2ZJn1IMm9-wav-KWIAoermpNxxMi97vwRmujS4LIBEAEguoTAM2D1hYCAtASgAfnf_OsDyAEJqQLtD5OemvKyPuACAKgDAcgDywSqBMcCT9Bn1PtcnpX1KEwhFjfGqBZdmy8m...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf5d71a1de156ea9e0000000000000000%22,%222%22:%220x88a33002921141e70000000000000000%22,%223%22:%220x101aba...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf5d71a1de156ea9e0000000000000000%22,%222%22:%220x88a33002921141e70000000000000000%22,%223%22:%220x101aba228d147f130000000000000000%22,%224%22:%220xa75babc2f1e1ff120000000000000000%22,%225%22:%220x7400bc5399ddfa70000000000000000%22},%22debug_key%22:%227210543352976726%22,%22debug_reporting%22:true,%22destination%22:%22https://mobilezone.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221031745529%22],%224%22:[%2209-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215022928065615302385%22}&andc=true
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xf5d71a1de156ea9e0000000000000000","2":"0x88a33002921141e70000000000000000","3":"0x101aba228d147f130000000000000000","4":"0xa75babc2f1e1ff120000000000000000","5":"0x7400bc5399ddfa70000000000000000"},"debug_key":"7210543352976726","debug_reporting":true,"destination":"https://mobilezone.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1031745529"],"4":["09-05"],"6":["true"]},"priority":"500","source_event_id":"15022928065615302385"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 05 Sep 2023 07:57:29 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 05 Sep 2023 07:57:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xf5d71a1de156ea9e0000000000000000","2":"0x88a33002921141e70000000000000000","3":"0x101aba228d147f130000000000000000","4":"0xa75babc2f1e1ff120000000000000000","5":"0x7400bc5399ddfa70000000000000000"},"debug_key":"7210543352976726","debug_reporting":true,"destination":"https://mobilezone.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1031745529"],"4":["09-05"],"6":["true"]},"priority":"500","source_event_id":"15022928065615302385"}&andc=true
access-control-allow-origin
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cookiesyncendpoint
sync.aniview.com/ Frame D847
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693900647062-923943597839-001164-003-004420%26biddername%3D105%26pid%3D6444c64...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693900647062-923943597839-001164-003-004420&biddername=105&pid=6444c646246df090c706ac34&key=&gdpr=1
0
0
all
csm.eu.criteo.net/ Frame 6C7F 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=oBsFwuTzNgLg0XTaM_COlbxDVKchxFC-J0OMcmhjgQFbkJ93HwNP8p7TC68UXUiMe-XXeyp6RLoHjckgqKokmYRvtFJ462R3_IPfpDuhzVIay7cafqTRMnV5ICUr9AJOpm35SAQA9totf6hqMz8JgmnUkTdSAAq-alDyAwjbpl1i6Eq_K9wKXkqtkuCdgbGFIes2PLo3SpYmBbZpUFeQErNbsi3uiPo__zs_6KLNa-MZ_L8g3TxuMKBuzIgvehVjijEmOA&sds=2&rev=88100&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPbfZgAMjCgFkVfmAAZ0VRZDtyC7TyYQW5K6jA&u=%7CzkoH2%2F1Bx5ZnvOahl%2F%2F1TQFajSPqMhiZn5QixIieh6o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjpM_htxWq_02_kHkTXEKA7t5b5PnP0dyOIKDn9GYACS4Y4_18eJ1W-8iR4E83NfzWi6U3IFpwSezzTv_26lCU3JpYO1Ul4uomtQXdR7iQjCcDIjdimm7ZmEvJYMQNn0g7k25M6a-peFOZkJGWzTxK7jGoHVtp8nTebuHpFO2muawCqNoy-qoP0fPRPMPEigJKbbcnzl9CN7pkpNO3Ptus46w-SLaEmFPSebR8akv-5A01TONu2B_MQODeDlJmkngi9u4fQ8iy_1CkmGSLB-4zZnsszm-h69dDGH0q2_V7-Ao6ht2u7ER-KCLm9oLGxKANOElG4C_wzTkLbixOsdk5tAF8VtpSPhmWgtNJDuIfz7tBKWOzC4SmQYn6alB7hIj44y7Acgn6N5NG4J9eYNXJE-BjFsvhzQvhZh4KsiHK4SEFhGZogzK_AqrVVTr7UlQ5gKTt2CVASJvXn2weqx6CCnu1beM8vL3xfVVmCEd31H5MVCE0VTenHg6-Z-kmX2qc8dgAtZ7Ofen4AkatpQkheQbbW8Skh6x44xr4AOvHqND_A5F-yeVigrh1SukEhyHbCKQYfBr1_JOl4b3nIvrrhdNR3xUUM7AuwnKYF_8VN1yBBuEKfjWHwPjjJD3QIxV8dgksB5jzXgTPb2WyD_R4gMTkKXm1DsoNGLwcL6nRtFlzRcS5tpTPe7Si6T7GFskkw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI0YbZt_2ZKiYMuavxdwP1eiZkA7JntKxXNWdkfdwwI23ARABIABg9YWAgLQEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArhE27bwGLI-qAMByAMCqgSXAk_QlXlkQ0CQe4L0Z0UmDFsqyj_51FDNJIxUmzw9H2QnFVniWyLq39PGQsXyAVcqJ00OTsgBqgacE5zJInLoHS3qoAoNH8Nn9rovIZdbAYRjlUDfaTDrzkunX95HoIcxx3bdNbHaXkLLhg7PP9x3J3NHDc9pbpFbofzwtTPR7UpzspfFFGTopAiTYP2EvI2KsRvn5cuv6cXh0W8HOP7qiQmctuH4xjLyn5nzUJGOcfmGLGkFvghWCpS60CmoEvaKfhYJ1yb1MiFcd9vkgGlsxA0WFoEMJDqM1CoEt5gaed_YE6loAtskYDTvp_8vi6E3EhgFLTfdcTpylrM71SC44gWTZ7GnRzpYLy_6J4t-4roRKWFyHCgZAYAGxJ2TzZ2-mPJioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Kx1zX4GLefE3wVuaXGAbYDL7PKw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 05 Sep 2023 07:57:27 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6C7F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPbfZgAMjCgFkVfmAAZ0VRZDtyC7TyYQW5K6jA&u=%7CzkoH2%2F1Bx5ZnvOahl%2F%2F1TQFajSPqMhiZn5QixIieh6o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjpM_htxWq_02_kHkTXEKA7t5b5PnP0dyOIKDn9GYACS4Y4_18eJ1W-8iR4E83NfzWi6U3IFpwSezzTv_26lCU3JpYO1Ul4uomtQXdR7iQjCcDIjdimm7ZmEvJYMQNn0g7k25M6a-peFOZkJGWzTxK7jGoHVtp8nTebuHpFO2muawCqNoy-qoP0fPRPMPEigJKbbcnzl9CN7pkpNO3Ptus46w-SLaEmFPSebR8akv-5A01TONu2B_MQODeDlJmkngi9u4fQ8iy_1CkmGSLB-4zZnsszm-h69dDGH0q2_V7-Ao6ht2u7ER-KCLm9oLGxKANOElG4C_wzTkLbixOsdk5tAF8VtpSPhmWgtNJDuIfz7tBKWOzC4SmQYn6alB7hIj44y7Acgn6N5NG4J9eYNXJE-BjFsvhzQvhZh4KsiHK4SEFhGZogzK_AqrVVTr7UlQ5gKTt2CVASJvXn2weqx6CCnu1beM8vL3xfVVmCEd31H5MVCE0VTenHg6-Z-kmX2qc8dgAtZ7Ofen4AkatpQkheQbbW8Skh6x44xr4AOvHqND_A5F-yeVigrh1SukEhyHbCKQYfBr1_JOl4b3nIvrrhdNR3xUUM7AuwnKYF_8VN1yBBuEKfjWHwPjjJD3QIxV8dgksB5jzXgTPb2WyD_R4gMTkKXm1DsoNGLwcL6nRtFlzRcS5tpTPe7Si6T7GFskkw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI0YbZt_2ZKiYMuavxdwP1eiZkA7JntKxXNWdkfdwwI23ARABIABg9YWAgLQEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArhE27bwGLI-qAMByAMCqgSXAk_QlXlkQ0CQe4L0Z0UmDFsqyj_51FDNJIxUmzw9H2QnFVniWyLq39PGQsXyAVcqJ00OTsgBqgacE5zJInLoHS3qoAoNH8Nn9rovIZdbAYRjlUDfaTDrzkunX95HoIcxx3bdNbHaXkLLhg7PP9x3J3NHDc9pbpFbofzwtTPR7UpzspfFFGTopAiTYP2EvI2KsRvn5cuv6cXh0W8HOP7qiQmctuH4xjLyn5nzUJGOcfmGLGkFvghWCpS60CmoEvaKfhYJ1yb1MiFcd9vkgGlsxA0WFoEMJDqM1CoEt5gaed_YE6loAtskYDTvp_8vi6E3EhgFLTfdcTpylrM71SC44gWTZ7GnRzpYLy_6J4t-4roRKWFyHCgZAYAGxJ2TzZ2-mPJioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Kx1zX4GLefE3wVuaXGAbYDL7PKw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 30 Aug 2024 07:57:27 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6C7F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPbfZgAMjCgFkVfmAAZ0VRZDtyC7TyYQW5K6jA&u=%7CzkoH2%2F1Bx5ZnvOahl%2F%2F1TQFajSPqMhiZn5QixIieh6o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjpM_htxWq_02_kHkTXEKA7t5b5PnP0dyOIKDn9GYACS4Y4_18eJ1W-8iR4E83NfzWi6U3IFpwSezzTv_26lCU3JpYO1Ul4uomtQXdR7iQjCcDIjdimm7ZmEvJYMQNn0g7k25M6a-peFOZkJGWzTxK7jGoHVtp8nTebuHpFO2muawCqNoy-qoP0fPRPMPEigJKbbcnzl9CN7pkpNO3Ptus46w-SLaEmFPSebR8akv-5A01TONu2B_MQODeDlJmkngi9u4fQ8iy_1CkmGSLB-4zZnsszm-h69dDGH0q2_V7-Ao6ht2u7ER-KCLm9oLGxKANOElG4C_wzTkLbixOsdk5tAF8VtpSPhmWgtNJDuIfz7tBKWOzC4SmQYn6alB7hIj44y7Acgn6N5NG4J9eYNXJE-BjFsvhzQvhZh4KsiHK4SEFhGZogzK_AqrVVTr7UlQ5gKTt2CVASJvXn2weqx6CCnu1beM8vL3xfVVmCEd31H5MVCE0VTenHg6-Z-kmX2qc8dgAtZ7Ofen4AkatpQkheQbbW8Skh6x44xr4AOvHqND_A5F-yeVigrh1SukEhyHbCKQYfBr1_JOl4b3nIvrrhdNR3xUUM7AuwnKYF_8VN1yBBuEKfjWHwPjjJD3QIxV8dgksB5jzXgTPb2WyD_R4gMTkKXm1DsoNGLwcL6nRtFlzRcS5tpTPe7Si6T7GFskkw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI0YbZt_2ZKiYMuavxdwP1eiZkA7JntKxXNWdkfdwwI23ARABIABg9YWAgLQEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArhE27bwGLI-qAMByAMCqgSXAk_QlXlkQ0CQe4L0Z0UmDFsqyj_51FDNJIxUmzw9H2QnFVniWyLq39PGQsXyAVcqJ00OTsgBqgacE5zJInLoHS3qoAoNH8Nn9rovIZdbAYRjlUDfaTDrzkunX95HoIcxx3bdNbHaXkLLhg7PP9x3J3NHDc9pbpFbofzwtTPR7UpzspfFFGTopAiTYP2EvI2KsRvn5cuv6cXh0W8HOP7qiQmctuH4xjLyn5nzUJGOcfmGLGkFvghWCpS60CmoEvaKfhYJ1yb1MiFcd9vkgGlsxA0WFoEMJDqM1CoEt5gaed_YE6loAtskYDTvp_8vi6E3EhgFLTfdcTpylrM71SC44gWTZ7GnRzpYLy_6J4t-4roRKWFyHCgZAYAGxJ2TzZ2-mPJioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Kx1zX4GLefE3wVuaXGAbYDL7PKw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 30 Aug 2024 07:57:27 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 62A1 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 05:14:28 GMT
x-content-type-options
nosniff
age
528180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Aug 2024 05:14:28 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C7BD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
177943
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 06:31:45 GMT
expires
Mon, 02 Sep 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 8CBA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=4420980233775180&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
request.php
hal900010.redintelligence.net/ Frame 6F58
Redirect Chain
  • https://hal900010.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=1f7ae29b41&subid=&uid=04237448202d483f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900010.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=1f7ae29b41&subid=&uid=04237448202d483f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=1f7ae29b41&subid=&uid=04237448202d483f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-UxZZt_2ZLriLPysxdwPwoyd0AaRwdCbafvwg5LcD_AuEAEg0syBGmD1hYCAtATIAQmpAnFU_MewG7I-qAMByAObBKoE4AFP0Jd3hpxOWKwLu7KgAc1KxS8nNLM-lbmkVRHHip2U72_J75GK9ugFogwJFWbZ5FTMpIYIaKuMK57WsWoDTG83Uv6K3SHpgZ14rNglpWfIkVK1HzybrlJ4JyEZmvVs19CiWvq-IObyi5nph4dvcwory9DBSIb0LCOWjCLRKMLriT9CCacDlz2NirG0GKIqL33u4uiDpt285fZXQbpSRFxmh-36N1E7h8UXqRU_BAEwBV0tQtQmGZb7_PmHdOT1y2lJGmoC-8pXk27SvIsavqq8qgwVnjgYBPVHDr0dAY7S5sAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIuq3V0v-SgQMVfFaRBR1CRgdqEAEYASAAEgIYo_D_BwE%26num%3D1%26cid%3DCAQSPABpAlJWgVso435YyrFHMKM_2T5tJdO33EtiADrLjTbet8czCTTFIb3UWAkWUVwVA8jp0nbH3Evgh1O-cRgB%26sig%3DAOD64_15VRnvzIuHbAZ1FiCbEIkJmXT8Ow%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-BRhvOm_o-2YEfbGhNNLJMmyU2e0gZuQSe9GQBSe8jBZwOdbdVsHyX5GEUjs9AmrBTDoAC_Yl6mFdIOpALneQS52PyE1poZWunfYGlseQi7vNNaFRlfpNZNAcIecyHMP_xWztjSDYgIGHHgw4wTzAS8buPUl4B5A5DtKaFmPOleDRao8j4%26cry%3D1%26dbm_d%3DAKAmf-B9nk4JELj-njT7FjpWeItt_tzvm_EZ1YykOO57fGYiAU-9t7idWx1g0OBwO_IJh2a8k0lvBMoxtRlY53xJbxY2CN3QMejyhl8au7o_d-ZQru6CE2dk9GclOMm4qKn5GVylqRvUR8solwD0m2wL42yPDbgRwhI4BiuesAey14Jx5xnDo8KU7YDVLm0RDF1x_fOpv0rvW5TInb3bQnbt7uI1U-1jbiqfVT-W0asHolxbETKrqrIjiHO94wKAEEvwzSiHG0ng9t2xM5_vnc3WU8QJrq7td8dOTLLDrYXEzLXGM5Pf1Zyyi-mOQSWwZoumTJVGVxnYwqXHZwHtxz6oJUQ93NhOBG2BC6EeS5Q5Eo3zmNGUejqXTe5IXiP6spG7xTz751BcFGVp-8j__dH51RCDMc-6Rzlt_p4T36qtJEEO3TbPrTxKl-qEa5XmKZulODP4rZBx4WIaXvZzEsKhOYe5EvGK45Ns9ik1IRLN3k_R3wnBsubpHa8wdP1IBGkqDVQ3I-PFt-7ixWQkj3BJl3OQmaEBr0Ub6lZV8dKRSkxvUC4-JP-BMuI_x8t96pwdZaMYboH8jMH4euQtIf6cDW52A4YJu7iUNc0BAhULayKf9484vp8xZSwpSeJrlqNPqIU7ocRmWjcsOLvJ2gcQcdau3OlCiwvSYoW6N1w66C0C9WDajL8%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8866688222114&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
HTTP/1.1
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
672d343a034485c644e2a9ae1b51a07e4756334052a656c85a9785f19045b2c2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 07:57:28 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
28856900032455504438458012438010
Connection
close
Content-Length
799
Expires
Tue, 05 Sep 2023 08:57:28 +0200

Redirect headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 07:57:28 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=1f7ae29b41&subid=&uid=04237448202d483f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-UxZZt_2ZLriLPysxdwPwoyd0AaRwdCbafvwg5LcD_AuEAEg0syBGmD1hYCAtATIAQmpAnFU_MewG7I-qAMByAObBKoE4AFP0Jd3hpxOWKwLu7KgAc1KxS8nNLM-lbmkVRHHip2U72_J75GK9ugFogwJFWbZ5FTMpIYIaKuMK57WsWoDTG83Uv6K3SHpgZ14rNglpWfIkVK1HzybrlJ4JyEZmvVs19CiWvq-IObyi5nph4dvcwory9DBSIb0LCOWjCLRKMLriT9CCacDlz2NirG0GKIqL33u4uiDpt285fZXQbpSRFxmh-36N1E7h8UXqRU_BAEwBV0tQtQmGZb7_PmHdOT1y2lJGmoC-8pXk27SvIsavqq8qgwVnjgYBPVHDr0dAY7S5sAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIuq3V0v-SgQMVfFaRBR1CRgdqEAEYASAAEgIYo_D_BwE%26num%3D1%26cid%3DCAQSPABpAlJWgVso435YyrFHMKM_2T5tJdO33EtiADrLjTbet8czCTTFIb3UWAkWUVwVA8jp0nbH3Evgh1O-cRgB%26sig%3DAOD64_15VRnvzIuHbAZ1FiCbEIkJmXT8Ow%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-BRhvOm_o-2YEfbGhNNLJMmyU2e0gZuQSe9GQBSe8jBZwOdbdVsHyX5GEUjs9AmrBTDoAC_Yl6mFdIOpALneQS52PyE1poZWunfYGlseQi7vNNaFRlfpNZNAcIecyHMP_xWztjSDYgIGHHgw4wTzAS8buPUl4B5A5DtKaFmPOleDRao8j4%26cry%3D1%26dbm_d%3DAKAmf-B9nk4JELj-njT7FjpWeItt_tzvm_EZ1YykOO57fGYiAU-9t7idWx1g0OBwO_IJh2a8k0lvBMoxtRlY53xJbxY2CN3QMejyhl8au7o_d-ZQru6CE2dk9GclOMm4qKn5GVylqRvUR8solwD0m2wL42yPDbgRwhI4BiuesAey14Jx5xnDo8KU7YDVLm0RDF1x_fOpv0rvW5TInb3bQnbt7uI1U-1jbiqfVT-W0asHolxbETKrqrIjiHO94wKAEEvwzSiHG0ng9t2xM5_vnc3WU8QJrq7td8dOTLLDrYXEzLXGM5Pf1Zyyi-mOQSWwZoumTJVGVxnYwqXHZwHtxz6oJUQ93NhOBG2BC6EeS5Q5Eo3zmNGUejqXTe5IXiP6spG7xTz751BcFGVp-8j__dH51RCDMc-6Rzlt_p4T36qtJEEO3TbPrTxKl-qEa5XmKZulODP4rZBx4WIaXvZzEsKhOYe5EvGK45Ns9ik1IRLN3k_R3wnBsubpHa8wdP1IBGkqDVQ3I-PFt-7ixWQkj3BJl3OQmaEBr0Ub6lZV8dKRSkxvUC4-JP-BMuI_x8t96pwdZaMYboH8jMH4euQtIf6cDW52A4YJu7iUNc0BAhULayKf9484vp8xZSwpSeJrlqNPqIU7ocRmWjcsOLvJ2gcQcdau3OlCiwvSYoW6N1w66C0C9WDajL8%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8866688222114&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 05 Sep 2023 08:57:28 +0200
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.bg3.co&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=&d36=6.2.125&apppkg=&fv=1&proto=https&clsid=44a8d7fc-f9cc-4d51-937f-ad3050eadbf4&rando=55&pid=645c834590f2c48ad908f465&cid=6469fbec71f13c58010ba477&stagid=&stplid=&e=AV_M8&prbdres=emptywf&cb=1693900648107
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.34.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-34-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:28 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693900648112&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1547&pt=-1268231349&tz=120&viewable=true&ddast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!t120!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b37aa148490428ad1f0020333adee10eeb8fbba1b6ce2f66835e9b62441cd85b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 05 Sep 2023 07:57:28 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1435
x-cache
MISS
x-served-by
cache-fra-eddf8230054-FRA
pragma
no-cache
server
nginx
x-timer
S1693900648.131130,VS0,VE205
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 64D6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308290101&jk=1847957331006104&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
pagead2.googlesyndication.com/bg/ Frame 9B7B 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 21:18:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
124732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14879
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 02 Sep 2024 21:18:36 GMT
45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
pagead2.googlesyndication.com/bg/ Frame 8D95 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 21:18:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
124732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14879
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 02 Sep 2024 21:18:36 GMT
putes
vidanalytics.taboola.com/ 		2 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidanalytics.taboola.com/putes
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-cache-hits
0
date
Tue, 05 Sep 2023 07:57:28 GMT
via
1.1 varnish
x-backend-name
5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00102
server
nginx
x-timer
S1693900648.198971,VS0,VE70
x-cache
MISS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2
x-served-by
cache-fra-eddf8230061-FRA
adview
googleads.g.doubleclick.net/pagead/ Frame 3C5A 		0
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Co0cwZt_2ZKiYMuavxdwP1eiZkA7JntKxXNWdkfdwwI23ARABIABg9YWAgLQEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArhE27bwGLI-qAMByAMCqgSUAk_QlXlkQ0CQe4L0Z0UmDFsqyj_51FDNJIxUmzw9H2QnFVniWyLq39PGQsXyAVcqJ00OTsgBqgacE5zJInLoHS3qoAoNH8Nn9rovIZdbAYRjlUDfaTDrzkunX95HoIcxx3bdNbHaXkLLhg7PP9x3J3NHDc9pbpFbofzwtTPR7UpzspfFFGTopAiTYP2EvI2KsRvn5cuv6cXh0W8HOP7qiQmctuH4xjLyn5nzUJGOcfmGLGkFvghWCpS60CmoEvaKfhYJ1yb1MiFcd9vkgGlsxA0WFoEMJDqM1CoEt5gaed_YE6loAtskYDTvp_8vi6F1EDmXqrhBYoXughDr6IZA6xGZ0buJX7js5xJc1TRgzqKUg-Vho4AGxJ2TzZ2-mPJioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=3ePagoWZ-Rs&uach_m=[UACH]&cid=CAQSPABpAlJWeGAWIhhI7XTaPWiHjgYCGl83IrZu4q12tsEsoR1eYPpJI-lqQcmp8INYNxT4U8WmAs97-YdWGRgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 05 Sep 2023 07:57:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 3C5A 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k8iQEobWC9ACmAKdg2ICAgAAACE5AQwCW-6I5uT8ISCbaOUQZt_2ZBl7YIRdZA36BdMAABIAAAoKQVFVQkFRRUJBUQ&wp=ZPbfZgAMjCgFkVfmAAZ0VRZDtyC7TyYQW5K6jA&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:28 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
141204
server
Kestrel
content-length
0
video1.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		396 KB
397 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video1.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
9c54bf6ab1af08f7f512d67d17c99c32dd9bddc19421c9a7e672b2a22ffe5ed1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:28 GMT
cdn-edgestorageid
1079
cdn-storageserver
DE-677
cdn-cachedat
08/18/2023 10:37:58
cdn-pullzone
829957
content-length
405516
last-modified
Fri, 18 Aug 2023 08:17:57 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
637
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
e2e4b08213d64975748a3a5215e7c0c6
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
pagead2.googlesyndication.com/bg/ Frame C7BD 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 21:18:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
124732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14879
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 02 Sep 2024 21:18:36 GMT
45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
pagead2.googlesyndication.com/bg/ Frame 4E86 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 21:18:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
124732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14879
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 02 Sep 2024 21:18:36 GMT
45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
pagead2.googlesyndication.com/bg/ Frame 6089 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 21:18:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
124732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14879
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 02 Sep 2024 21:18:36 GMT
generate_204
tpc.googlesyndication.com/ Frame 9B7B 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Ve_Ktw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 8D95 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jlDmVQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csi
csi.gstatic.com/ Frame C627 		0
0
video2.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		340 KB
341 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video2.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
89ed9b4a17a685a30f2f8f46a6749bf5ed43a3fde2ee34845be82db018b261e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:28 GMT
cdn-edgestorageid
756
cdn-storageserver
DE-587
cdn-cachedat
08/18/2023 10:37:58
cdn-pullzone
829957
content-length
348552
last-modified
Fri, 18 Aug 2023 08:17:59 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
647
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
acbd32cfc85b147dd5a38c17f80c685e
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf5d71a1de156ea9e0000000000000000%22,%222%22:%220x88a33002921141e70000000000000000%22,%223%22:%220x101aba228d147f130000000000000000%22,%224%22:%220xa75babc2f1e1ff120000000000000000%22,%225%22:%220x7400bc5399ddfa70000000000000000%22},%22debug_key%22:%226834138944872776132%22,%22debug_reporting%22:true,%22destination%22:%22https://mobilezone.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221031745529%22],%224%22:[%2209-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213340321609862003265%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 05 Sep 2023 07:57:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ztpv.php
www.conrad.ch/ Frame 7E59
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=28856900032455504438458012438010&pv=1
  • https://www.conrad.ch/ztpv.php?awc=11467_414915_1693900648_dc213840-4bc1-11ee-9f65-22389f6b057d&insert=AW&gdpr=&gdpr_consent=
0
0
cshow.php
www.awin1.com/ Frame 12A2 		43 B
705 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=2476255&v=15168&q=372492&r=414915&pref1=28856900032455504438458012438010&pv=1
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=1f7ae29b41&subid=&uid=04237448202d483f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-UxZZt_2ZLriLPysxdwPwoyd0AaRwdCbafvwg5LcD_AuEAEg0syBGmD1hYCAtATIAQmpAnFU_MewG7I-qAMByAObBKoE4AFP0Jd3hpxOWKwLu7KgAc1KxS8nNLM-lbmkVRHHip2U72_J75GK9ugFogwJFWbZ5FTMpIYIaKuMK57WsWoDTG83Uv6K3SHpgZ14rNglpWfIkVK1HzybrlJ4JyEZmvVs19CiWvq-IObyi5nph4dvcwory9DBSIb0LCOWjCLRKMLriT9CCacDlz2NirG0GKIqL33u4uiDpt285fZXQbpSRFxmh-36N1E7h8UXqRU_BAEwBV0tQtQmGZb7_PmHdOT1y2lJGmoC-8pXk27SvIsavqq8qgwVnjgYBPVHDr0dAY7S5sAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIuq3V0v-SgQMVfFaRBR1CRgdqEAEYASAAEgIYo_D_BwE%26num%3D1%26cid%3DCAQSPABpAlJWgVso435YyrFHMKM_2T5tJdO33EtiADrLjTbet8czCTTFIb3UWAkWUVwVA8jp0nbH3Evgh1O-cRgB%26sig%3DAOD64_15VRnvzIuHbAZ1FiCbEIkJmXT8Ow%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-BRhvOm_o-2YEfbGhNNLJMmyU2e0gZuQSe9GQBSe8jBZwOdbdVsHyX5GEUjs9AmrBTDoAC_Yl6mFdIOpALneQS52PyE1poZWunfYGlseQi7vNNaFRlfpNZNAcIecyHMP_xWztjSDYgIGHHgw4wTzAS8buPUl4B5A5DtKaFmPOleDRao8j4%26cry%3D1%26dbm_d%3DAKAmf-B9nk4JELj-njT7FjpWeItt_tzvm_EZ1YykOO57fGYiAU-9t7idWx1g0OBwO_IJh2a8k0lvBMoxtRlY53xJbxY2CN3QMejyhl8au7o_d-ZQru6CE2dk9GclOMm4qKn5GVylqRvUR8solwD0m2wL42yPDbgRwhI4BiuesAey14Jx5xnDo8KU7YDVLm0RDF1x_fOpv0rvW5TInb3bQnbt7uI1U-1jbiqfVT-W0asHolxbETKrqrIjiHO94wKAEEvwzSiHG0ng9t2xM5_vnc3WU8QJrq7td8dOTLLDrYXEzLXGM5Pf1Zyyi-mOQSWwZoumTJVGVxnYwqXHZwHtxz6oJUQ93NhOBG2BC6EeS5Q5Eo3zmNGUejqXTe5IXiP6spG7xTz751BcFGVp-8j__dH51RCDMc-6Rzlt_p4T36qtJEEO3TbPrTxKl-qEa5XmKZulODP4rZBx4WIaXvZzEsKhOYe5EvGK45Ns9ik1IRLN3k_R3wnBsubpHa8wdP1IBGkqDVQ3I-PFt-7ixWQkj3BJl3OQmaEBr0Ub6lZV8dKRSkxvUC4-JP-BMuI_x8t96pwdZaMYboH8jMH4euQtIf6cDW52A4YJu7iUNc0BAhULayKf9484vp8xZSwpSeJrlqNPqIU7ocRmWjcsOLvJ2gcQcdau3OlCiwvSYoW6N1w66C0C9WDajL8%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8866688222114&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 05 Sep 2023 07:57:28 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
request_content.php
hal900010.redintelligence.net/ Frame EBC4 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request_content.php?s=28856900032455504438458012438010&a=a35f8687
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=1f7ae29b41&subid=&uid=04237448202d483f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-UxZZt_2ZLriLPysxdwPwoyd0AaRwdCbafvwg5LcD_AuEAEg0syBGmD1hYCAtATIAQmpAnFU_MewG7I-qAMByAObBKoE4AFP0Jd3hpxOWKwLu7KgAc1KxS8nNLM-lbmkVRHHip2U72_J75GK9ugFogwJFWbZ5FTMpIYIaKuMK57WsWoDTG83Uv6K3SHpgZ14rNglpWfIkVK1HzybrlJ4JyEZmvVs19CiWvq-IObyi5nph4dvcwory9DBSIb0LCOWjCLRKMLriT9CCacDlz2NirG0GKIqL33u4uiDpt285fZXQbpSRFxmh-36N1E7h8UXqRU_BAEwBV0tQtQmGZb7_PmHdOT1y2lJGmoC-8pXk27SvIsavqq8qgwVnjgYBPVHDr0dAY7S5sAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIuq3V0v-SgQMVfFaRBR1CRgdqEAEYASAAEgIYo_D_BwE%26num%3D1%26cid%3DCAQSPABpAlJWgVso435YyrFHMKM_2T5tJdO33EtiADrLjTbet8czCTTFIb3UWAkWUVwVA8jp0nbH3Evgh1O-cRgB%26sig%3DAOD64_15VRnvzIuHbAZ1FiCbEIkJmXT8Ow%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-BRhvOm_o-2YEfbGhNNLJMmyU2e0gZuQSe9GQBSe8jBZwOdbdVsHyX5GEUjs9AmrBTDoAC_Yl6mFdIOpALneQS52PyE1poZWunfYGlseQi7vNNaFRlfpNZNAcIecyHMP_xWztjSDYgIGHHgw4wTzAS8buPUl4B5A5DtKaFmPOleDRao8j4%26cry%3D1%26dbm_d%3DAKAmf-B9nk4JELj-njT7FjpWeItt_tzvm_EZ1YykOO57fGYiAU-9t7idWx1g0OBwO_IJh2a8k0lvBMoxtRlY53xJbxY2CN3QMejyhl8au7o_d-ZQru6CE2dk9GclOMm4qKn5GVylqRvUR8solwD0m2wL42yPDbgRwhI4BiuesAey14Jx5xnDo8KU7YDVLm0RDF1x_fOpv0rvW5TInb3bQnbt7uI1U-1jbiqfVT-W0asHolxbETKrqrIjiHO94wKAEEvwzSiHG0ng9t2xM5_vnc3WU8QJrq7td8dOTLLDrYXEzLXGM5Pf1Zyyi-mOQSWwZoumTJVGVxnYwqXHZwHtxz6oJUQ93NhOBG2BC6EeS5Q5Eo3zmNGUejqXTe5IXiP6spG7xTz751BcFGVp-8j__dH51RCDMc-6Rzlt_p4T36qtJEEO3TbPrTxKl-qEa5XmKZulODP4rZBx4WIaXvZzEsKhOYe5EvGK45Ns9ik1IRLN3k_R3wnBsubpHa8wdP1IBGkqDVQ3I-PFt-7ixWQkj3BJl3OQmaEBr0Ub6lZV8dKRSkxvUC4-JP-BMuI_x8t96pwdZaMYboH8jMH4euQtIf6cDW52A4YJu7iUNc0BAhULayKf9484vp8xZSwpSeJrlqNPqIU7ocRmWjcsOLvJ2gcQcdau3OlCiwvSYoW6N1w66C0C9WDajL8%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8866688222114&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
a7abe28ed37d7cbe9d5cfb90b225373d8d3fa3c2ecd38944c0eff74b08f03d11

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2205
Content-Type
text/html; charset=utf-8
Date
Tue, 05 Sep 2023 07:57:28 GMT
Expires
Tue, 05 Sep 2023 08:57:28 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 6F58 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2528692&v=13872&q=388081&r=414915&pref1=28856900032455504438458012438010&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 07:57:28 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame E86E 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230830&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308300101/show_ads_impl_fy2021.js?bust=31077587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
efcf1e38b5d63723b9d086fc89d715b3371e50715bc63be3fbbcfadc64a4e614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11839
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf5d71a1de156ea9e0000000000000000%22,%222%22:%220x88a33002921141e70000000000000000%22,%223%22:%220x101aba228d147f130000000000000000%22,%224%22:%220xa75babc2f1e1ff120000000000000000%22,%225%22:%220x7400bc5399ddfa70000000000000000%22},%22debug_key%22:%227210543352976726%22,%22debug_reporting%22:true,%22destination%22:%22https://mobilezone.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221031745529%22],%224%22:[%2209-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215022928065615302385%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 05 Sep 2023 07:57:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 21FC 		1 KB
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
74609
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 11:13:59 GMT
etag
48472445140208031
expires
Tue, 05 Sep 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6F58 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8cdb4fb1276b0d566421fd24867c89d8e56b612bae8103e12c15f0f109da6282

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 06 Sep 2023 07:57:28 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E86E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308300101/show_ads_impl_fy2021.js?bust=31077587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Sep 2023 07:57:28 GMT
css
fonts.googleapis.com/ Frame EBC4 		5 KB
778 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=28856900032455504438458012438010&a=a35f8687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f10.1e100.net
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Sep 2023 07:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 07:29:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Sep 2023 07:57:28 GMT
Conrad_Logo_120x60.png
ct.conrad.ch/content-chb2c/affiliate/banner/logo1/ Frame EBC4
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=28856900032455504438458012438010&pv=0
  • https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
1012 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=28856900032455504438458012438010&a=a35f8687
Protocol
H2
Server
104.19.241.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76621d3b2561de39d3266e42c194d7e0265989a375a2e234be586fa227573e8c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
via
1.1 google
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
2513
cf-polished
origFmt=png, origSize=2194
content-disposition
inline; filename="Conrad_Logo_120x60.webp"
content-length
1012
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 15:01:05 GMT
server
cloudflare
etag
"892-5f4094ce178c6"
vary
Accept
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
801cebf35b610e16-MXP
expires
Tue, 05 Sep 2023 11:57:29 GMT

Redirect headers

Date
Tue, 05 Sep 2023 07:57:29 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
/
hal9000.redintelligence.net/scale/ Frame EBC4 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=28856900032455504438458012438010&a=a35f8687
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
acbc430a2e796698d0d15d5238175cd6a8ec65e7def2b283e4656fe3fb113836

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 07:57:29 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16840
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame EBC4 		25 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/11287/creativesup/NativeAd_Fruehling_1200x627.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=28856900032455504438458012438010&a=a35f8687
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
bcdbd7e495d938d969b66660f0714fd2da58de72dfa2db4ecdfdecfe0b8f8862

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 07:57:29 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
24889
Vary
Accept-Encoding
Content-Type
image/png
collect
p.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bg3.co
Date
Tue, 05 Sep 2023 07:57:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
activeview
pagead2.googlesyndication.com/pcs/ Frame 3C5A 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5ICF4L-LPFREON8ys8k9CDBkVVqcnZOuW3zpxOGOQcuzGReH1T8DC_XzU9tob00byhNcxPCCdx21i-Hsd0zBrnNRCC_cMmQiRut8&sig=Cg0ArKJSzD3W8pCp-lszEAE&id=lidar2&mcvt=1074&p=0,0,280,336&mtos=1074,1074,1074,1074,1074&tos=1074,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1587687671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693900646779&rpt=1061&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 21FC
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEOYvMgIbETRWgOyJMoPCaW0&google_cver=1&google_push=AXcoOmSfOodadZ5Vwo7vP7dnZuB8ofnmzqkxORwRvsq1rmZoWSCjEuhqmnl4tS39OCoBx_-1LXseQCxHeEE0fPgvH366xLUJq...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823308758890
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823308758890
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823308758890
content-length
0
pixel
cm.g.doubleclick.net/ Frame 21FC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFSeYnovsvyn3Nlvjdi0UEc&google_cver=1&google_push=AXcoOmTBa0Q5FdTOVF2lL8ZofS8W3Te1aduiTOEH2ZX_IqGc9kdbHQkoCJQJQjM2EZXychFijF6W-ZWO...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFSeYnovsvyn3Nlvjdi0UEc&google_cver=1&google_push=AXcoOmTBa0Q5FdTOVF2lL8ZofS8W3Te1aduiTOEH2ZX_IqGc9kdbHQkoCJQJQjM2EZXychFijF6...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ4NzM5ODA1ODY0Mjk3MTY4OA&google_push=AXcoOmTBa0Q5FdTOVF2lL8ZofS8W3Te1aduiTOEH2ZX_IqGc9kdbHQkoCJQJQjM2EZXychFijF6W-Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ4NzM5ODA1ODY0Mjk3MTY4OA&google_push=AXcoOmTBa0Q5FdTOVF2lL8ZofS8W3Te1aduiTOEH2ZX_IqGc9kdbHQkoCJQJQjM2EZXychFijF6W-ZWOHFDsv0xDEx2N27-APIFuqQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ4NzM5ODA1ODY0Mjk3MTY4OA&google_push=AXcoOmTBa0Q5FdTOVF2lL8ZofS8W3Te1aduiTOEH2ZX_IqGc9kdbHQkoCJQJQjM2EZXychFijF6W-ZWOHFDsv0xDEx2N27-APIFuqQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 21FC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECl-oCt6AmZGXJdi9v5DJJI&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECl-oCt6AmZGXJdi9v5DJJI&google_hm=ZPbfZ0qlawjyk8gODy6d8gAAFHAAAAIB&google_nid=index&google_push=AXcoOmRrwgKZS3fwumDrx_0TM6gzEam8vwWjX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECl-oCt6AmZGXJdi9v5DJJI&google_hm=ZPbfZ0qlawjyk8gODy6d8gAAFHAAAAIB&google_nid=index&google_push=AXcoOmRrwgKZS3fwumDrx_0TM6gzEam8vwWjXYifcR5QDZcE-pCoWQ39uqA2gGv3EqJm83ytpf_bMEiAk9f67aACPVONQyk_cdTt
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 07:57:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECl-oCt6AmZGXJdi9v5DJJI&google_hm=ZPbfZ0qlawjyk8gODy6d8gAAFHAAAAIB&google_nid=index&google_push=AXcoOmRrwgKZS3fwumDrx_0TM6gzEam8vwWjXYifcR5QDZcE-pCoWQ39uqA2gGv3EqJm83ytpf_bMEiAk9f67aACPVONQyk_cdTt
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
sync
rtb2-useast.e-volution.ai/ Frame 21FC 		0
0
pixel
cm.g.doubleclick.net/ Frame 21FC
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQU3lcX1U05aztW9NX1BtO9FQr2Vjt_W0bNTm8jrdNibS1Yx2UvTSqVBQcyGA9iXP9nKRFbYPmPtVFEZV9Mx12Mif-_epAppe4&google_gid=CAESEKQmpB0ow3...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKQmpB0ow3t5x47t-AszADk&google_hm=T1BVNTBkYTgxYmE0MTAzNGVmMTk3YmEwOWI0MTEwNGFmOWU&google_nid=opera_norway_as&google_push=AXcoOmQU3lcX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKQmpB0ow3t5x47t-AszADk&google_hm=T1BVNTBkYTgxYmE0MTAzNGVmMTk3YmEwOWI0MTEwNGFmOWU&google_nid=opera_norway_as&google_push=AXcoOmQU3lcX1U05aztW9NX1BtO9FQr2Vjt_W0bNTm8jrdNibS1Yx2UvTSqVBQcyGA9iXP9nKRFbYPmPtVFEZV9Mx12Mif-_epAppe4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKQmpB0ow3t5x47t-AszADk&google_hm=T1BVNTBkYTgxYmE0MTAzNGVmMTk3YmEwOWI0MTEwNGFmOWU&google_nid=opera_norway_as&google_push=AXcoOmQU3lcX1U05aztW9NX1BtO9FQr2Vjt_W0bNTm8jrdNibS1Yx2UvTSqVBQcyGA9iXP9nKRFbYPmPtVFEZV9Mx12Mif-_epAppe4
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
327
expires
Mon, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 21FC
Redirect Chain
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEFY0aiDUT8_2vVKwHpT95L0&google_cver=1&google_push=AXcoOmTi2fBCSLzug60v649HvUBTqNmK7XgzlbcBS2gKdJ1mUqlaxK-6i4ut7j9FNH8nrm53SAcqr6xFLGcQ3dGQ2tRG...
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEFY0aiDUT8_2vVKwHpT95L0&google_cver=1&google_push=AXcoOmTi2fBCSLzug60v649HvUBTqNmK7XgzlbcBS2gKdJ1mUqlaxK-6i4ut7j9FNH8nrm53SAcqr6xFLGcQ3dGQ2tRG...
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NmI3YWY5NjFhNzVhOWRhOA&google_push=AXcoOmTi2fBCSLzug60v649HvUBTqNmK7XgzlbcBS2gKdJ1mUqlaxK-6i4ut7j9FNH8nrm53SAcqr6xFLGcQ3dGQ2tRGw3H...
  • https://sync.gonet-ads.com/match/google
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NmI3YWY5NjFhNzVhOWRhOA&google_push=
  • https://s0.2mdn.net/dot.gif?google_error=5
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_error=5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 20:38:03 GMT
x-content-type-options
nosniff
age
40766
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 20:38:03 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
239
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 21FC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDjuzDfZHzNy0oyBYFPE_WI&google_cver=1&google_push=AXcoOmQhpEV1V9FLa...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Nzc4OTM4MjIyNzM1ODg2MDI4Nw%3D%3D&google_gid=CAESEDjuzDfZHzNy0oyBYFPE_WI&google_cver=1&google_push=AXcoOmQhpEV1V9FLaBhGWRArYB2fT6dAZB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Nzc4OTM4MjIyNzM1ODg2MDI4Nw%3D%3D&google_gid=CAESEDjuzDfZHzNy0oyBYFPE_WI&google_cver=1&google_push=AXcoOmQhpEV1V9FLaBhGWRArYB2fT6dAZB9O5cXZOKLPBMlzJl3di_gLUM0NaO-TP2pDdUQr91k6CFfUZjxH4mYTgK_Cwlzbv08jeQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
an-x-request-uuid
65b19626-ef26-4730-b0ac-034071c606a6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Nzc4OTM4MjIyNzM1ODg2MDI4Nw%3D%3D&google_gid=CAESEDjuzDfZHzNy0oyBYFPE_WI&google_cver=1&google_push=AXcoOmQhpEV1V9FLaBhGWRArYB2fT6dAZB9O5cXZOKLPBMlzJl3di_gLUM0NaO-TP2pDdUQr91k6CFfUZjxH4mYTgK_Cwlzbv08jeQ
x-proxy-origin
178.238.175.89; 178.238.175.89; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 21FC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHzn9ztRtG78vrLzZOl2Sa1RKt8dTmeWjD8NP48QygC5bOwNYrKukKaChMQ1Ued0YAKgzxj2pBOA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 02 Jan 1970 00:00:00 GMT
server
nginx
etag
W/"15180-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 06 Sep 2023 07:57:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C7BD 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bj6LDZ9_2ZIq2JsmKjuwPoMeR4AEAAAAAOAHgBAI&bg=!5uWl5arNAAYHwnCgJ8I7ADQBe5WfOHexz-oJN0F9QXr9J15mLz7Bu6rAbeOAzYcqSiF0hmn8tvNuj95sumsR3EZhTc99AgAAAjlSAAAAB2gBB5kC4LThWwqpcJ2rfLWQE9m8p2SR3BXfJn5IpX0b7gjfszAsH4Sg8YHpjRJxoalq8e-jMU_SBxZdGQMJrUpCjM_u8FSpZ5cU57TDokdyxf78Go3MBqihgj6mfdgjH_4c6xjvRoZVV9F765H8KgswEp3pCbH_hoIUxog0QsyMqdGyNp5eo7q1GR1oMP67HDvgp_gjVPYqP-P-NTccyaN8Pl36Ibt0FjEjhE0bVUQnbHS7_3BzsfuOrWHJUvS7SrnqO-zUfoUkv4F496prrRxamDlMZQQ2e_HXLoJMK7Yo7t0RT5y2dB9rhq2evlfb2bb_cys1WHVksv_vX5QJGH3IQzNLkrPxsLieqTVyY9saTZ2mSHR0z8iLkUMLZYHq4tz2CC4G2jGMc9W9cS0ps8WHMtlnQzEG8yqjSVBo0FlL1d-xUveaoiI7xyF9BZrSxKcWJMjorvy5Wd8JLb1NyuYUdNb2tXtxxhMCoVIeTjPvQlxMd_rxyTEWj0hD-pfRy2qbFvP-Bt3c-WovJkQze0kcUT4Dq-lkMMEFKdBYnvkOD4zd4vxEZgV7DkfWl7Wn4BRHv4fBOCNnINXGnrDdVV3m07bplk3A0wdto0zEak6_8xpiSQus05gdIdrn25JCXN3obwiq_St96HnCLabSr3j2TeMG4cA5JSRMu1KSuGNeeQ4NEITjVFZcxbORVMKNBszGV86UhmTZNYyO-1ywEQOQTQVzM9QE18ao3IcwjOEf8IXWi3Mxd5y-7xRJnepmYKBbIKK4AxreZfB8Spy21s1XAZsAMRegXdpOa2ypAjn99HbQF5epNUxhcH0Bi5WubgtoOF4obGGCLNXOt9sGqGUBk7E2svY2i5uXn0aCNTRRWkwv6rj382zyO9uxhGdPpdn4ezLqlNIxsoovtxbUuehHW88HRZfH3TvGwCs8WEFjWldVMAlY3WtBYT5Xr5d7O301te1WknzT0eWte8rsRQuCLSiV8C8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646184&bpp=195&bdt=1351&idt=470&shv=r20230830&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=2&ga_vid=361370725.1693900647&ga_sid=1693900647&ga_hid=118123204&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2845&biw=1600&bih=1200&isw=336&ish=280&ifk=1389367897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077370%2C31077588&oid=2&pvsid=1492706550473750&tmod=1347983334&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gb1nto10dl3i&btvi=1&fsb=1&dtd=492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900010.redintelligence.net/ Frame EBC4 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/viewability?s=28856900032455504438458012438010&a=aae30e77&vb=m
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=28856900032455504438458012438010&a=a35f8687
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900010.redintelligence.net/request_content.php?s=28856900032455504438458012438010&a=a35f8687
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 07:57:29 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6CCA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
7694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 05:49:15 GMT
expires
Wed, 04 Sep 2024 05:49:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5F3D 		829 B
785 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
72ba3f640ebedbff4245c0df1f88643edb69672df22409d54c54161cb9ea1d41
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Dtai7oM_v_ymtszbGG-gDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
534
content-security-policy
script-src 'report-sample' 'nonce-Dtai7oM_v_ymtszbGG-gDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:29 GMT
expires
Tue, 05 Sep 2023 07:57:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame EBC4 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900010.redintelligence.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 21:33:46 GMT
x-content-type-options
nosniff
age
383023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Aug 2024 21:33:46 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame EBC4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900010.redintelligence.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 09:02:57 GMT
x-content-type-options
nosniff
age
341672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 09:02:57 GMT
video3.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		344 KB
345 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video3.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
36d1268298a6da877a354aa0afefa709bc3c35e373d547d04ea67943b6aba853

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
cdn-edgestorageid
1053
cdn-storageserver
DE-661
cdn-cachedat
08/28/2023 19:09:50
cdn-pullzone
829957
content-length
352124
last-modified
Fri, 18 Aug 2023 08:17:58 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
635
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
4ac9a73b1b19b97df18bbe7be8042d44
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
all
csm.eu.criteo.net/ Frame 6C7F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=oBsFwuTzNgLg0XTaM_COlbxDVKchxFC-J0OMcmhjgQFbkJ93HwNP8p7TC68UXUiMe-XXeyp6RLoHjckgqKokmYRvtFJ462R3_IPfpDuhzVIay7cafqTRMnV5ICUr9AJOpm35SAQA9totf6hqMz8JgmnUkTdSAAq-alDyAwjbpl1i6Eq_K9wKXkqtkuCdgbGFIes2PLo3SpYmBbZpUFeQErNbsi3uiPo__zs_6KLNa-MZ_L8g3TxuMKBuzIgvehVjijEmOA&sds=2&rev=88100&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPbfZgAMjCgFkVfmAAZ0VRZDtyC7TyYQW5K6jA&u=%7CzkoH2%2F1Bx5ZnvOahl%2F%2F1TQFajSPqMhiZn5QixIieh6o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjpM_htxWq_02_kHkTXEKA7t5b5PnP0dyOIKDn9GYACS4Y4_18eJ1W-8iR4E83NfzWi6U3IFpwSezzTv_26lCU3JpYO1Ul4uomtQXdR7iQjCcDIjdimm7ZmEvJYMQNn0g7k25M6a-peFOZkJGWzTxK7jGoHVtp8nTebuHpFO2muawCqNoy-qoP0fPRPMPEigJKbbcnzl9CN7pkpNO3Ptus46w-SLaEmFPSebR8akv-5A01TONu2B_MQODeDlJmkngi9u4fQ8iy_1CkmGSLB-4zZnsszm-h69dDGH0q2_V7-Ao6ht2u7ER-KCLm9oLGxKANOElG4C_wzTkLbixOsdk5tAF8VtpSPhmWgtNJDuIfz7tBKWOzC4SmQYn6alB7hIj44y7Acgn6N5NG4J9eYNXJE-BjFsvhzQvhZh4KsiHK4SEFhGZogzK_AqrVVTr7UlQ5gKTt2CVASJvXn2weqx6CCnu1beM8vL3xfVVmCEd31H5MVCE0VTenHg6-Z-kmX2qc8dgAtZ7Ofen4AkatpQkheQbbW8Skh6x44xr4AOvHqND_A5F-yeVigrh1SukEhyHbCKQYfBr1_JOl4b3nIvrrhdNR3xUUM7AuwnKYF_8VN1yBBuEKfjWHwPjjJD3QIxV8dgksB5jzXgTPb2WyD_R4gMTkKXm1DsoNGLwcL6nRtFlzRcS5tpTPe7Si6T7GFskkw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI0YbZt_2ZKiYMuavxdwP1eiZkA7JntKxXNWdkfdwwI23ARABIABg9YWAgLQEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArhE27bwGLI-qAMByAMCqgSXAk_QlXlkQ0CQe4L0Z0UmDFsqyj_51FDNJIxUmzw9H2QnFVniWyLq39PGQsXyAVcqJ00OTsgBqgacE5zJInLoHS3qoAoNH8Nn9rovIZdbAYRjlUDfaTDrzkunX95HoIcxx3bdNbHaXkLLhg7PP9x3J3NHDc9pbpFbofzwtTPR7UpzspfFFGTopAiTYP2EvI2KsRvn5cuv6cXh0W8HOP7qiQmctuH4xjLyn5nzUJGOcfmGLGkFvghWCpS60CmoEvaKfhYJ1yb1MiFcd9vkgGlsxA0WFoEMJDqM1CoEt5gaed_YE6loAtskYDTvp_8vi6E3EhgFLTfdcTpylrM71SC44gWTZ7GnRzpYLy_6J4t-4roRKWFyHCgZAYAGxJ2TzZ2-mPJioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Kx1zX4GLefE3wVuaXGAbYDL7PKw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 05 Sep 2023 07:57:28 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 5F3D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230830&jk=2369429987974638&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
pagead2.googlesyndication.com/bg/ Frame 6CCA 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 21:18:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
124733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14879
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 02 Sep 2024 21:18:36 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 55E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308310101&jk=4420980233775180&bg=!t7SltPvNAAYHwnCgJ8I7ADQBe5WfOJHWZRpHuawdsUF2-madJ4eOL-mBnarOAScdOVXvvzldDUYoEnBXMVygpdjCkyV_AgAAAVtSAAAACGgBBwoAS1eDrHuXf9N-EXTkukt-YcJunlW-f4wtd41cIu4GCL0LWm3CzkS1DnBguLIoDHwZlkJzhQp35axEgyzlH91I6Qfo3zXfe4CqCjhb7JkC1ursRFMAQnxwYMr4TaziR1PxMhpuzyYOChhWwvv7AkwYcrvv1BWUxaKNid46NRFEwxnOAaU4MWPoKkVQFRbjq0mgGBavn_CwoqxKj203mIHafm__2JL5LD4RUyA1bWPaOkAH6lsuxWwwu4zYkDfSWO0Si5MdE9uZSnyxiE3mqziYbOo9yOwbn9c3sc0uKf2gciJiAktpqrwoplnMJMz-Hhal-Oat1UiR9oe5QrIA_HYnW0fYDW376Ne-7FRdCUfP5YVqjhS2h5RwB2l83OFFi8QjbE5NKCwYG1R-xCoLD2YxU7qWNTw--wqOyZkUDcep9ZMpDOUaHIalWeD3VxU9HFcIP26RJ4lZnxgrAeRC3vqFnM5X8xLScqTQxXsYfOfDz4jwnDW5DyHCFaSx20g9RjUU5HK-sPlTXU5pxLzr_OgKJ8o_ZtkgeS70eXxPTAW-9e9Bcsp-GfLGqwcndf4AUqlFyB6_o5M9lOg-sa2_f9JO1uKkWjXTecPH-5yQQv6chL9yzh-N_N4YPDu8SqYJN4OvQAWtZkzD_fjTufE9U4xl6YExgM6dOasTPDzZsvhCMSoJ-UcOG4tQ9WM9lyDDwYUag_0cLGXAtz0imp9jND0Gv6He-n0BkX6w5csqHyBljC7chq70EIUEbcGSbf2NQKareyljTGRQjoCqzftFjNGsryfdBQR7z8Po7leVaOftzd-wesjnzYPIudRdhSJ0BFgJVMh0fhDitAb8jC-ILypoF1iRVtMfqHE2yODqnxxp49O-uwDAd1I7SgWs3HeYOKaKV2IBlvhSNFBswbnu5Dhxww6hYfpW4B7UExuui5Crthz5VH28kM7-wToZsQtG12BJ457Qfbe8wvFpQHEDtIaruDTojWMaAcXzA5LpzT7FtE32paMPUkf51sAWRgItt4ANMIZGxNitoCGyM-ZFvNYvQeN8hUFSjSUJA8xeGngNJe4nj4Ziyw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
video4.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		343 KB
344 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video4.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
355eb73ef3ddead38f9ac663bb3cde3cf51a4dfb446937f5aca3e716c3c99e73

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
cdn-edgestorageid
864
cdn-storageserver
DE-51
cdn-cachedat
08/18/2023 10:37:59
cdn-pullzone
829957
content-length
351372
last-modified
Fri, 18 Aug 2023 08:18:03 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
647
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
387cde1bd9c54bdc5ad8b568ee260abc
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar
pagead2.googlesyndication.com/pagead/ Frame CB3E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308290101&jk=1847957331006104&bg=!ammlaSbNAAYHwnCgJ8I7ADQBe5WfOD8LwfuiDq2ylOge_EqdluuEgsOcjwDRtTpI3p2GepLvosh9755dlJyeMXGRP08uAgAAAfRSAAAACWgBBwoAAmwcmQLPCNTsL6LUNyYWQ61dW2TdibwLUbrDyIvpQPXdLOOtQhLRU0H0puVH6Zgu5LxcMzIWHiHFx_gdTwn9Wz7TeJ_i3ziHNgFnoSNgGQ2-OoJLKZ3p3e82xTCxBj6pb60iZ7YRySpDkrXZyj1maOGSgWABKKKENNfjJw4MzMr70s_VfXTQLnPVZ8-VBVPkXSQ0dp340B8r1-5awKDQJaMHfOnNw90TJPw6kugbQqGs6i0nBvUhiViy1bFnxhY6S4ktsO2eTvJMAMH0M7DQAvmW1RBUri7sKz4zTY0hBI1a2cN47nFB5iUawPTaUsoLu71KNW6gyJFuSHMsFONXUpRbX9JP9UwkYbtg-aMOrTfAon8nML28a1euK3Eb8yU-e7yAg88R2b52tGNViC11CxAKzcvwWlE8XIpOb3a2v0RnTD8kg17urxVpMXnEFKbWp_jxdBDJuUv0OBeRMCKljMLLczOowH_m22-F0dtHa0HyESfS4ONy9g5dX7qwPzvobwZBrjd43chnMDxgsJoWyWooGw_BQYBX7-VtX2Np4-V7aI0iPnDC2q8XycGlXDvnJoNYjJj1V62SMhqO7TLqdSdS79XiCkX1wXnVjW7-EZj_J8Cvd11v8kGAzw-h-Uz0zHtYbS_jEXPP5KaF7KUFZ-ybnshWo23cdNHgp5yYhcIlKV7gsNdUYKKwrstlP17EYK23I6FICy_3s1WozkGRpBDlY3dKnDTC2rNFmULnJngav4tremAWynyUrv3poVg7hm_QGtB3OOZRatALihJxbQGxL1mXo6hOw4gazw5mJCwigcAH1K7KS7iIaw1wqrYMlqgrteQ9Wb2j0517HHokgHVJMKbMjrE4ulJDezNAypTDee4vY-VSOSzNrRQy1ehTb6dQx4kD9bu2kcpuaKTrFqce1BVFm6PeI7t3c9TcV9UDq0aerGzyor1OXshvz3iqdQjUB7Y
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 6CCA 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?cd_Gqg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
video5.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		337 KB
338 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video5.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
5d95f53a5578a8535d127a7041191865e9651fe932cdb84dd6c2d08b6a8c518f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
cdn-edgestorageid
874
cdn-storageserver
DE-383
cdn-cachedat
08/18/2023 10:38:01
cdn-pullzone
829957
content-length
345544
last-modified
Fri, 18 Aug 2023 08:17:58 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
645
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
f0aa998df18791f53e1e8d91c0441ccb
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ads
pubads.g.doubleclick.net/gampad/ Frame C627 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=3997575729669762&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=BE84E5BA-6020-4ED8-8030-60DE0A255179&a3p=EhkKCnB1YmNpZC5vcmcYwdHioqYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGIrO4qKmMUgAUgIIZBIZCgp1aWRhcGkuY29tGInO4qKmMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lMM3BXWmtkTVVteFJMMWRLWWxKUFFXRk1UM04zUVQwOUluMD0Y49PioqYxSAASGwoMaWQ1LXN5bmMuY29tGIvT4qKmMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&dlt=1693900643603&idt=3701&dt=1693900649402&cookie=ID%3Db150c6d95391cdc4-229ebcfe67de0065%3AT%3D1693900646%3ART%3D1693900647%3AS%3DALNI_MZBrFZMGmCyN68ySKUvDeEP5QXxbg&gpic=UID%3D00000c9d7142a69b%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MY3aNIGNmkLs_xMxqfwIAVO9RAd0A&scor=2915375880830334&ged=ve4_td5_tt1_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A328 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssauVhbGXjWaoAk0Wa1qXcKRRuIMCGJ4N0RWdQxQ171D7QVa1pZMvIXKrECcgVDIOgselrIionl61p-25lnh43dCK7diN9GgtERi1fHVtcBFrQL0v2rKwdyt1bCLXZqjU_P7jJI5Kl6Ti92k3LKLug3AuPu1qqhe__XFkMLDr-RNrajlUo8Mxc8US-7Ph6Gqm1a3IdRt-r5uTf-JykczsihE6PljoUvTp9Aub-r02MEsgPHXWlx55NLAzgxoHyH3Q6JANlCdvDSl6w8BzHRw3zbPJYrbIi4xTuYLZ8Qj6Q8rDaiWC7pzmGyaXP88FKJpoTd8YpvDYH7tdvfEFsYW7wU7NYYMuLDB-6yqnqLpWA4i7h9md2L5-T2TvFvZIXO6NZ6s9KzGQCRgpdC4LiCWH8z9ktO8X-IdLcCalYOKBlMUhIKuoblSlfk5jjwwyygAYicMwcaqtAn20do5I7nKCfzIH0Jy3XSDwwzmBOPyVcwVwR2ouZBH4mPEWJvzZqCxnKA_1SY7hM-g_3eMwzN4QhbGn2VHy4P_yM6PYdNrrl6dePNQq6encHAkIA6kQ9VfDJvgABzR1oPyDkzvBppEVasVCPrgjyPDclpY7klgZYEeDDwGvXiflEIvIkewuOBYiGVmvGq641N3L-NI7s52FO7elhtRS_setWVIPbcMq2euzFxzM_-ZRx0R6NhKeOu6pCE_MoPMK8H5G-05D52cgkq5um7vdUwOVi7d7shGaZ9Dq9IKtJDwYPzkp-OUH5qO-fKJxzb1SjNKiQyzgS0RkGbfrc-aqBA5VES9iv9f5qLEUA4Avwj3SbDMxsv5RvUnU6tOu13FHnr0lGu6DsuAR0Ks-C-Y4D1pMt-8BtiHTQWl8V2HW8FIZzTizGt7LOkst8OvrHajKka5FYho0uHiqeJfTFsCUpF8YRlluXmgCwq5Hatr22NBvLvlrZTYPDTez0KPLHG3cO1m8mDHOmU66N7wg_pD8Hg6E_KMQhQDE7_43EpNcq9PdFDvrIfNx9l06CLyoXaBYcBn3-lK--xTTaYFCuo8rTDFrAfZuJLy1w8GOaj9ZGykT9Y5SswmjcDk5AeeNKGKPslqRxj7W0mJcdBXFsf8K7xh0YXiqWG8jOfmmYpXkUJohrBYVwjcuiRO1mZOM3ealZRuY7FWGgbe1Xa9IG0bJG9PmnmY6LvjhU9lU5ORJCjG4cXPAO3eSdY0gsP3aQqwemNAgREtmMm1kbUoJ1pAtyg35sHEkyC1R2pisVIenQre1Dne1HQLsRHOYzpMViyvNQDc1aeDU_fMyz8N-qFle1BAA9vo8ul_OTdh1ygzcxQBiLGthn2abneCKOJpka_uTMZUtk4Z6FAH96_roo7PMRbMnSw1jEQFtbYC8d_LP2eBwCZESfUhTqYsX1L8ibHS2WI_CPmarxnglMZy183RB7ONOmIPbsEyif69RPqEWmOl20JrNg&sai=AMfl-YS80XoGyDav3lsFmbhwmZhPUHc0rUIHP5PWZr5siNZOz4shXoC1bq-lr4dkKyatS0fmPsSGx-DJwJsiQUuEc_RcKvepTTyaywZ_13GzGybjCTNWIi6mUjFg39LZyFIyqkW-Sgu3s8vryA&sig=Cg0ArKJSzGL1TwuD1Ur1EAE&cid=CAQSPABpAlJWSpsQ7t26dMZyH5wsc0pLBSaNf9Nspe-CCOEKyKmvVYZ-asx3Ke1mvU1y96hTf4WDZjCbe3c_gBgB&id=lidar2&mcvt=1001&p=60,236,310,964&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693900647253&rpt=1152&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 62A1 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsterNaDnZp0xn70gnMB8BPBmnHJVOMa-kCDYPmII96IoU2tTBoD0cuzMJ2NkuaSh3MWzNGVkIsEp7E9Hkx7xaLHUSZ3LnJyrAsrbs6blVjXwP0X38yI0ZbMGDG6_5t5s-X2E8w0ujUFA_S7snTH2mBdpDQVvhOejNDMWqMoQoqAqRySVlXBA_niJTLXtqusNNuq5CrecvFbX-0tSv6-byNoNezWCUpxddKREjFIvXqTTD8qbtI3XfB9PVRCEK_flvKuh9tGL8eNDZUzlr4B3bj4QAbZ3qpZQ3Fmv4g8POFrAPMRbKh-4zycV6EccoIzyz542tdjCm35dgMGKWtC9KIBzC_OzGXyevb_ks5dwLqj3AoOdTpMkmuDlg9RNIgdvvpAbOh3-YsFE3UKJPQxnVCU_vCFURn4XtCo9sk3Eky-_86ml7kofFgr8cHBBsbiyHeoloRCmThxPxzNZ87-GTbq_4jmvhtAsKqpPMbxJbk5IM6s-0FoQHygDK7ngtAqsioCj-3DhaOO7YUCaDVMorhAMr2rHkKjevU52Z6Ry1So0mf6r6mqzuQ4clpZbsZDKEMaqR9UP53i6ozi3ttimOiHsdMwfAN7DfbYsBtbUStOlky0k7wsgYflAeOS3_4NvB9Z7Lwr_zjPBiqdQeAW3gErUes8beaagbD42PbcXy400lEQIRBU_hP4VNscHTUPhRBl-6zBd0nFmobkXVVpIiBR_K9z4gInBDpbkavikisfpH57DrXJeSYZneAO2re8374ylHqmzfee_qnh0DfAmyLhOFBFM-5z0vx_Z3gmw_AG0JMd72YPaNS0DfZ4i3g5UWIvSDcBmoqlRGrbHbU3HVrvJQrM27fIg9VyNeyHlg8AfAU76MdwnQm1xCMCVFvsSuj9p8q-O1DTstQHL6Y84wjtF0rxco8InSipq8qsJajUDMTFczEFaCcsXMEB2jNnwZ1X8p4c9gJv9md-ICvpZF4gIRy8bjRw4tQWJeZKGwjgFUVJO_NqR70wduC3Y1_3sLumv83uf1xNq-25eNP62CW1CwucATdqTT4AnMOpAuoM3LaqniMBD7wGTTaGBoGMlnUe0uvqry0ZlUkdHOQiwi1G5lIcNfjWxLMP28Y9R0LMk7wNAqg-f7vliraX_cqREzH-KL9BsRMXOq3vAQhYWHynFTP2HpOLZRC9v5n2Dnt2fHuxiCFZBdiPrp4V7jFoHkxYKG8d7KRiRUuWlpt_Ycygd6GD_4wQqNj0I6Vpv6lE6PwDj0WpXblUBXZyp9yiERYPDYnwxFiFbYac8JKzWiSh8Lh2_5tQ5alggU-BxTFz7TXg7Y9CWPhPcaKzHC0QVvuXTauxN2kHQsX1HE0400CBM-sz9_D8syJzX3YADiB0uE8QrICz8m_gVIv18ET2W5WGaUFCKv_tJyhg8SkL_FU5xcPkFf3HQQoAnPDNGN2Qlmscq1LQSPMo9B58&sai=AMfl-YQ2Ri8Tu1b27sWHGASGI0jTQUrp1fpBGXOHYnoDdl9KK4v0cJmd-GtiKnVXzPj-VCMwbKuNUNRv0I_t1AJEvzg_njFcBqBbk6FsRvSNRghAxJGVTFfHyCBnhSHo9Mkf-YBbEGJ-Da78PA&sig=Cg0ArKJSzPrxuE3oCf72EAE&cid=CAQSPABpAlJWSpsQ7t26dMZyH5wsc0pLBSaNf9Nspe-CCOEKyKmvVYZ-asx3Ke1mvU1y96hTf4WDZjCbe3c_gBgB&id=lidar2&mcvt=1003&p=1110,315,1200,1285&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2825066673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693900647267&rpt=1125&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0
json
gum.criteo.com/sid/ 		0
0
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
aa705341eb7ea0085cec700f922ad7226bd3711c0b5910a47aa517023c64dc3e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 05 Oct 2023 07:57:29 GMT
sync.html
public.servenobid.com/ Frame E8E8 		0
0
checksync.php
contextual.media.net/ Frame E40E 		0
0
ixmatch.html
js-sec.indexww.com/um/ Frame D8A7 		0
0
/
csync.smilewanted.com/ Frame 44E4 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
801cebf339320d64-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 05 Sep 2023 07:57:29 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame FF20 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1693900645959
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
0524e9bcacf056bba7072c03bdf17331f91680fdd6581b1edb7d36af9934d2af
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1376
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6C1A 		0
0
usync.html
eus.rubiconproject.com/ Frame 3D26 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Sep 2023 07:57:29 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 83ED 		0
0
isyn
prebid.a-mo.net/ Frame 3C1E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 05 Sep 2023 07:57:29 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
pd
adpushup-d.openx.net/w/1.0/ Frame 533B 		754 B
786 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
872706d1369fc2a374bb253cce0ddcd4ddf73af6c15be7f6198da46f4e5b5ad2

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
470
content-type
text/html
date
Tue, 05 Sep 2023 07:57:29 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.js
eus.rubiconproject.com/ Frame 3D26 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
04ca16cb8689e125ba1b2da9f1cbb75c07693045569adbf250c717279b91c932

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 07:57:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2023 23:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54616
Connection
keep-alive
Content-Length
10124
Expires
Tue, 05 Sep 2023 23:07:45 GMT
img
sync.mathtag.com/sync/ Frame FF20 		0
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame FF20 		0
0
/
onetag-sys.com/match/ Frame FF20
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7789382227358860287
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7789382227358860287
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693900645959
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
an-x-request-uuid
590d90c9-f7d2-4ef5-a5e9-1bf3cb631343
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7789382227358860287
x-proxy-origin
178.238.175.89; 178.238.175.89; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame FF20 		42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=3cGbT1YO-Xe_4j0CorNxx17_4OA9nGXbfYJXdnn0eH0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693900645959
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame FF20
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimRYtG2_onuEbDxGPOi2XotTqI9ENO_x0g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimRYtG2_onuEbDxGPOi2XotTqI9ENO_x0g
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693900645959
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimRYtG2_onuEbDxGPOi2XotTqI9ENO_x0g
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame FF20 		0
0
711916.gif
id.rlcdn.com/ Frame FF20 		0
0
ecm3
s.amazon-adsystem.com/ Frame FF20
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Y13uLbMQnlrWxAkiIzm0Q-3Mh--ColqZspFU0UNl-iU
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Y13uLbMQnlrWxAkiIzm0Q-3Mh--ColqZspFU0UNl-iU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693900645959
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 07:57:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X5AQN78VWKB7FG0KST7C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Y13uLbMQnlrWxAkiIzm0Q-3Mh--ColqZspFU0UNl-iU
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame FF20 		0
0
/
onetag-sys.com/match/ Frame FF20
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESENtrAmKs4C6e4k2sws-KAq0&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESENtrAmKs4C6e4k2sws-KAq0&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693900645959
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESENtrAmKs4C6e4k2sws-KAq0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame FF20 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693900645959
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame FF20 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693900645959
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
x.bidswitch.net/ Frame FF20 		0
0
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 44E4 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
327836
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
801cebf3ea010d64-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
video6.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		205 KB
205 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video6.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
387693ae9129954676f66cc2f2d2352e94457c2ff461f778551af1594585d90c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
cdn-edgestorageid
1047
cdn-storageserver
DE-51
cdn-cachedat
08/18/2023 10:38:02
cdn-pullzone
829957
content-length
209432
last-modified
Fri, 18 Aug 2023 08:18:06 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
653
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
35d8e2c79ff4cb534f14cee3c87d06ec
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5D0D 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230830&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js?bust=31077588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e84ba168eec0ab5da126d6b17624852673048b8fd0c038b8cac0d5c887645db8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11880
x-xss-protection
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame 1243 		0
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
801cebf44a7e0d64-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 05 Sep 2023 07:57:29 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 2ABA 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
30e3ff394f00fe9fde8dc35f006d697c21abe41673a700f4cd5cd0270fc0d01b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1417
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
video7.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		228 KB
229 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video7.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
2d1d38e921b2af298d6913929f27f091a9e80788ececa370657e2bae396c0e6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
cdn-edgestorageid
722
cdn-storageserver
DE-165
cdn-cachedat
08/18/2023 10:38:03
cdn-pullzone
829957
content-length
233496
last-modified
Fri, 18 Aug 2023 08:17:57 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
645
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
c51e775e7467d44efd173263cee1a9ae
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5D0D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js?bust=31077588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Sep 2023 07:57:29 GMT
csi
csi.gstatic.com/ Frame C627 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lm60plct&c=1630487181919&slotId=815243590959.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.133.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
eze10s07-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ap.lijit.com/ Frame 277B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Tue, 05 Sep 2023 07:57:29 GMT
X-Sovrn-Pod
ad_ap6ams1
/
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame 62C6 		0
0
receive
pixel.tapad.com/idsync/ex/ Frame 533B 		0
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame 533B 		0
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=025de3c8-c588-464b-809c-1a629b376b54
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
464246.gif
id.rlcdn.com/ Frame 533B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=795f1f27-d0a5-4a62-8cc2-5b9b350ffee5
0
0
sd
us-u.openx.net/w/1.0/ Frame 533B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7789382227358860287
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7789382227358860287
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
an-x-request-uuid
30941580-eb0e-4033-a42b-71a3d3e4a571
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7789382227358860287
x-proxy-origin
178.238.175.89; 178.238.175.89; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 533B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3588537246703360151&gdpr=0&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3588537246703360151&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3588537246703360151&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ny75r2x0
sync-tm.everesttech.net/upi/pid/ Frame 533B 		0
0
pixel
cm.g.doubleclick.net/ Frame 2ABA
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimRYtS0yOIJG7_O1nEOhPxUDsA3Y7UobSw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimRYtS0yOIJG7_O1nEOhPxUDsA3Y7UobSw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimRYtS0yOIJG7_O1nEOhPxUDsA3Y7UobSw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame 2ABA
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=bSm8CFePDnJhJlhbT8VuSe46TJsnAQ9v5jZ6mBZuyYg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=bSm8CFePDnJhJlhbT8VuSe46TJsnAQ9v5jZ6mBZuyYg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 07:57:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
84Q0BS2FG2F94A74404T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=bSm8CFePDnJhJlhbT8VuSe46TJsnAQ9v5jZ6mBZuyYg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
generic
match.adsrvr.org/track/cmf/ Frame 2ABA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
img
sync.mathtag.com/sync/ Frame 2ABA 		0
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 2ABA 		0
0
/
onetag-sys.com/match/ Frame 2ABA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7789382227358860287
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7789382227358860287
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
an-x-request-uuid
38642c3b-6d6f-4ee3-914a-58b4f16354ee
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7789382227358860287
x-proxy-origin
178.238.175.89; 178.238.175.89; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 2ABA 		42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=Y13uLbMQnlrWxAkiIzm0Q-3Mh--ColqZspFU0UNl-iU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame 2ABA 		0
0
711916.gif
id.rlcdn.com/ Frame 2ABA 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 2ABA 		0
0
/
onetag-sys.com/match/ Frame 2ABA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESENtrAmKs4C6e4k2sws-KAq0&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESENtrAmKs4C6e4k2sws-KAq0&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESENtrAmKs4C6e4k2sws-KAq0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 2ABA 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame 2ABA 		0
0
Y13uLbMQnlrWxAkiIzm0Q-3Mh--ColqZspFU0UNl-iU&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame 2ABA 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/onetag/Y13uLbMQnlrWxAkiIzm0Q-3Mh--ColqZspFU0UNl-iU&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
801cebf51b9a0d64-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
rmpssp
sync.1rx.io/usersync2/ Frame 0B50 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6A11 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
7694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 05:49:15 GMT
expires
Wed, 04 Sep 2024 05:49:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6234 		829 B
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
ec6f48cf56a6db4c5733e3e3553ab9a3ca90e1bb19cc4a4a37adf39d56114ada
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QIFUSWDpE1bUz40_CTJCVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-QIFUSWDpE1bUz40_CTJCVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:29 GMT
expires
Tue, 05 Sep 2023 07:57:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
match
ads.betweendigital.com/ Frame 6C67 		0
0
video8.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		267 KB
268 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video8.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
25d2d2d08f72ff6fb277f8a16ccf6204380e718197aa5ab8fe91c82222698aab

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:29 GMT
cdn-edgestorageid
1055
cdn-storageserver
DE-51
cdn-cachedat
08/18/2023 10:38:04
cdn-pullzone
829957
content-length
273164
last-modified
Fri, 18 Aug 2023 08:17:57 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
657
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
3305c56a50ed7d5446de43de6618d96f
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar
pagead2.googlesyndication.com/pagead/ Frame E86E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230830&jk=2369429987974638&bg=!ZmWlZSrNAAYHwnCgJ8I7ADQBe5WfOA5-ueRzvHrEiSDgAu9KmifnfJSBCPz2epxXAEkH4TXxX_HfBWiZXl0OehPxUrxBAgAAAIFSAAAACWgBBwoAIpsi3LkLT1iopcwwbzrw_JTfyGz-HWLwJJ_76KerTMLnuJ2ZAtBSNx3k5WGqXFiPmJLzVf8kLiRs8qk9hCQ8dKxsKLhJuynY-y9jF8JSiqZuNsBNT8p4ETKLwwFCc24ibqI0d4rGpxwzy1GTxFlABSmvJjryVyThxFwa6Jy4NvyieWz8DMFs5z0esaYtu1A-VqyaKCh3gmGHgkkjliYZodo5pSjQ3cZpz5iMhSBdjsfeTdYHO8bH2fo0K8iRjhUVnvJWhm9Fra68I1uBz-zsg8gRywSk1bK5LNgGQxTTo_RRlOZltkbx7-FgA_2c-BU3U46qAbt9OFLimR8E3jzIc3yMcx-hQ3mW8nDbR9VketBwTg1qvnYhhueUYvsUVgwcELYLimD2JQxXIdM1vnesgKACemCEOWwt-i6wGBmewX-bkHnL_L_1vL3TZJY01tPTQGBnFNgZa1le_fWRzeQh59fnBYNUrKfJCKbTQNHBLHolmd5F5P4h2H4NnHS3niN4wE4B5fopYJJbIRts7yz7k0FsUjt0NEXpBpnLVDm_FHDSv2LMykJf96fY56-8zE4bc_wXmljklTOctSd7uA6RyipkEBhAD-qik6aKSdq3k3Zpd8aDnVLB9TJlFn6PcFoL94W21xudBqX88hmSQ-XGd2abHrnsEdGH9UnlvqNGHFTtiPr_D0jBKhF7dj-zrfQ6VTRm8w-rf45GVdKq98xBbE3QRmpAp1k9UTz5_CKQynMD0qGUuHwNSh65cXeBous0mOiDru3ROnbPk0OUvcbdlrRhABMW3_wMg8ffWjnamaDJNlbKH6h3Yv5VK91erquEkNLSIz-JvzsqpmYMePWMvbEOrU2jiGwfA4onshkfdMw2jd9u6UAsbs2-RLPLMwNp_YGs7_tI6XMzHFnTbuBVHdxncxXjonz_x5RzmW3e1taPub5-wEjt-Ry7WusTqWKQF0AfeRLWcCxdd_qKygxlOtUTwXQnmWxUvR5Eh19k98iDfv0N_0s
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 6234 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230830&jk=1492706550473750&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
smwt256.gif
us.ck-ie.com/ Frame 3CC8 		0
0
45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
pagead2.googlesyndication.com/bg/ Frame 6A11 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 21:18:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
124733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14879
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 02 Sep 2024 21:18:36 GMT
6487398058642971688
csync.smilewanted.com/set_partner_userid_get/adform/ Frame EC63
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6487398058642971688
0
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/6487398058642971688
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
801cebf78e3d0d64-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 05 Sep 2023 07:57:30 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Tue, 05 Sep 2023 07:57:30 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/6487398058642971688
server
nginx
user-matching
ads.stickyadstv.com/ Frame 510C 		0
0
v1
match.sharethrough.com/universal/ Frame 8426 		0
0
smw888.gif
us.ck-ie.com/ Frame 2EC0 		0
0
generate_204
tpc.googlesyndication.com/ Frame 6A11 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7XogEA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame C627 		101 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=3665858399850339&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=BE84E5BA-6020-4ED8-8030-60DE0A255179&a3p=EhkKCnB1YmNpZC5vcmcYwdHioqYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGIrO4qKmMUgAUgIIZBIZCgp1aWRhcGkuY29tGInO4qKmMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lMM3BXWmtkTVVteFJMMWRLWWxKUFFXRk1UM04zUVQwOUluMD0Y49PioqYxSAASGwoMaWQ1LXN5bmMuY29tGIvT4qKmMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&dlt=1693900643603&idt=3701&dt=1693900650227&cookie=ID%3Db150c6d95391cdc4-229ebcfe67de0065%3AT%3D1693900646%3ART%3D1693900647%3AS%3DALNI_MZBrFZMGmCyN68ySKUvDeEP5QXxbg&gpic=UID%3D00000c9d7142a69b%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MY3aNIGNmkLs_xMxqfwIAVO9RAd0A&scor=4191907196480890&ged=ve4_td6_tt2_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
3c108a53e2df2382d351dce07f61418d9032dc05815df682b3226500bfd58118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18233
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unitsanalytics
vidanalytics.taboola.com/putes/ 		2 B
121 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vidanalytics.taboola.com/putes/unitsanalytics
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_3/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-cache-hits
0
date
Tue, 05 Sep 2023 07:57:30 GMT
via
1.1 varnish
x-backend-name
5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00101
server
nginx
x-timer
S1693900650.306971,VS0,VE66
x-cache
MISS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2
x-served-by
cache-fra-eddf8230061-FRA
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
117 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_3/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 05 Sep 2023 07:57:30 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F58 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6068953873198&version=m202307240101&ct=77&x=1&cor=14534706862075404000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.clarity.ms/ 		0
0
collect
www.google-analytics.com/ 		35 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E9%87%91%E5%8F%8B%E8%8E%8A%E6%98%AF%E5%B0%8F%E4%B8%89%EF%BC%9F%E3%80%80%E7%9C%BC%E9%8F%A1%E5%BC%B5%E7%AA%81%E5%86%92%E5%87%BAE%E5%A5%B6%E5%A5%B3%E5%8F%8BJoey%E5%87%BA%E9%9D%A2%E6%8C%87%E6%8E%A7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=9273&dns=10&tcp=969&rrt=0&srt=1195&pdt=3&clt=2208&dit=2208&a=4981&z=0.647093454230705&gtm=45De1110&t=timing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 08:44:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83579
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=4981&cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&dr=&dt=%E9%87%91%E5%8F%8B%E8%8E%8A%E6%98%AF%E5%B0%8F%E4%B8%89%EF%BC%9F%E3%80%80%E7%9C%BC%E9%8F%A1%E5%BC%B5%E7%AA%81%E5%86%92%E5%87%BAE%E5%A5%B6%E5%A5%B3%E5%8F%8BJoey%E5%87%BA%E9%9D%A2%E6%8C%87%E6%8E%A7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1693900646&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=9273&epn.domain_lookup_time=10&epn.tcp_connect_time=969&epn.redirect_time=0&epn.server_response_time=1195&epn.page_download_time=3&epn.content_download_time=2208&epn.dom_interactive_time=2208
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308181609000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308290101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ca640993734dc917a3f3114498cf21d6df8550509b039e5975f8520c11ac6560
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11761
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 958B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:30 GMT
server
Kestrel
server-processing-duration-in-ticks
731024
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
csi
csi.gstatic.com/ Frame C627 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lm60pm8j&c=1630487181919&slotId=815243590959.5&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=C0YKlamx3N8&hghme=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.133.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
eze10s07-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:30 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame C627 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lm60pn17&c=1630487181919&slotId=815243590959.5&qqid=CMf3rdT_koEDFc1ZHQkd8EUNxg&gqid=at_2ZNPxDtmR9fgPw_G78A0&fb=ima_html5-lima&sdkv=h.3.587.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=0&itv=1&met.4=ghmsh_s.lm60pn19~ghmsh_s.lm60pn1a&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=DW8gHeatJT4ihIs9
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.133.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
eze10s07-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C627 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.587.0&e=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&id=ima_html5&c=2775264563007417&domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame C627 		453 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-2730263451308801
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:23:57 GMT
x-content-type-options
nosniff
age
2013
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 08:13:57 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C627 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CzqGOat_2ZMeaEc2z9fgP8Iu1sAzptubmcsqblfPWELCQHxABIKK91H1g9YWAgLQEoAG4jIHQAcgBBeACAKgDAZgEAKoE_AJP0M3fpJT-6TjDjwHWAp2Ak5gW8RKhJyLXeRkx3AEpqHF_5eUq7rGHZmv-F5RDzKUcGyS3zoIMf3CReQ_xc7_HuvVzIgpJ66diSrQ8ta6LbQjQOolfY6c4HAbhYIwsBAy0h-MbKyFHlLfHfxW1uPVJh_zdoy66CnMeBegURkut3fzkz0tQakci2M8u7CnUnm0v0WSuvOaXmbQgHDEEjEIAy8y2fVjfq8AyL1_pYcxa3RsVPvr1Qwg2FDufGrDTbx9hX7BIhUt87xMYQBMXP1mC21Mb73tq-CBjZ0IeXKCdscxcScJpPYO8XBp2WsUkKdV_W7nzkqVyMEdjm3SookrGAhEVhSxKProI9H5ZJQjc8x6bKroqqoM2zoFqtSJhWTOHWh9VvphOrp-eXG5EkHfmn6JpKIvahwirZqTgVVihkvQGge1fwJDJW4C0oCNrEDXAPlA829KvLYgZLpQZzDCM-Io1Ei-suXvYliX0H8MUQcyDWXnZymMBIVJFQcAE7qzm34EE4AQBiAWOu57CQJIFCAgDEAEYAVABoAZUgAfCwLWAA6gH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOrEJXcxRTmZ8imiACgOYCwHICwHQCw6aDQEOqg0CQ0jIDQHYEw2IFAbQFQHiFgIIAfgWAYAXAQ&sigh=grVKSW-iq5A&label=show_ad&sdkv=h.3.587.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3MzA4Mjc4MzE3ODIMNjIwMTYwNDM2OTI2QOMDUiMQDyUAAHBBKAE6C0MwWUtsYW14M044Qglnb29nbGVhZHNQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame C627 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CIHSMat_2ZMeaEc2z9fgP8Iu1sAzptubmcsqblfPWELCQHxABIKK91H1g9YWAgLQEoAG4jIHQAcgBBeACAKgDAZgEAKoE-QJP0M3fpJT-6TjDjwHWAp2Ak5gW8RKhJyLXeRkx3AEpqHF_5eUq7rGHZmv-F5RDzKUcGyS3zoIMf3CReQ_xc7_HuvVzIgpJ66diSrQ8ta6LbQjQOolfY6c4HAbhYIwsBAy0h-MbKyFHlLfHfxW1uPVJh_zdoy66CnMeBegURkut3fzkz0tQakci2M8u7CnUnm0v0WSuvOaXmbQgHDEEjEIAy8y2fVjfq8AyL1_pYcxa3RsVPvr1Qwg2FDufGrDTbx9hX7BIhUt87xMYQBMXP1mC21Mb73tq-CBjZ0IeXKCdscxcScJpPYO8XBp2WsUkKdV_W7nzkqVyMEdjm3SookrGAhEVhSxKProI9H5ZJQjc8x6bKroqqoM2zoFqtSJhWTOHWh9VvphOrp-eXG5EkHfmn6JpKIvahwirZqTgVVihkvQGge1fwJDJW4C0oCNrEG3BpKWvSYQ9_lSsXU6sv8N6i3nrHQimFHH2jvQPsrDO1m6udWEIGo1y0sAE7qzm34EE4AQBiAWOu57CQJIFEggSEAUYDzDfucfN2tKCowtQAaAGVIAHwsC1gAOoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBDDx12oCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJP2h0dHBzOi8vd3d3Lm5ldGdlYXIuY29tL2NoLWRlL2hvbWUvbW9iaWxlLXdpZmkvaG90c3BvdHMvbXI2NDUwL4AKA8gLAdoMEQoLEKCEiYPnkouFogESAgEDwhMGGLiMgdAB2BMNiBQG0BUB4hYCCAGAFwGyFx4KHAgAEhRwdWItMTIwMzE0OTU0NTIyNDIwOBj45HU&sigh=kJd3qiiexk0&cmd=Ch1jYS12aWRlby1wdWItMjczMDI2MzQ1MTMwODgwMRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ase=2&cid=CAQSPABpAlJWExAmDN0MUhmLZIn2CmfGi4FLs0B3PegXSHU7d-NF2eZFpG05PBETW3n_Zy4DFlwueNBDucxbYBgB&vt=10&sdkv=h.3.587.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3MzA4Mjc4MzE3ODIMNjIwMTYwNDM2OTI2QOMDUiMQDyUAAHBBKAE6C0MwWUtsYW14M044Qglnb29nbGVhZHNQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 958B 		425 B
552 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=3&topUrl=www.bg3.co&bundle=wAmET19RYk5kTUswcDBVYzdCUG9tcUZyYktsdHVaSiUyQmJZc09SWlBHVCUyRlB1YjRQQnhYNGIlMkJBTU5JcklzY0JSJTJGcjFKRkdDd0RzOHR3NVZRQzElMkJkem00VFM4Z1M0UWptS3JCRmZzcUIlMkJRYjg3ejUxaHZRSW9JOFh0dXIlMkZlbzglMkZ5TzRPY24lMkZ1d2NTZzAxeHZVWG1lZmtocHNPRFElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a0c26e84ac5bca230b0b23757843ec8df1a6fb0ef37d9ee1e2e34672b5b83968
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:30 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
808438
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Sep 2023 07:57:30 GMT
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lm60pizv&c=1630487181919&slotId=815243590959.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.133.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
eze10s07-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5D0D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230830&jk=1492706550473750&bg=!oKOlo-zNAAYHwnCgJ8I7ADQBe5WfOF9bivc00ysLY8DjT_NNyWpa4b2N5yHrnY9CwMwNXhRkpFV654nE0lOZHLRBGIr0AgAAAJ1SAAAACWgBB5kCxSR7ltXLgoX5FH5tpXis32iFTCMwPkylxpbEVsFt5Q_xsxcH3tAEh4_sCtBJ1B1U6kZmJgJEAhqrvk3ofg5-C6WXG7kvYKmxFXSn_utgaBElKOAzd4enxix5IHK1sGXvcSNIqkfLu2Wtw3uRxMrJGfO_gSqFFUoG-nXRi1G3T8wUWgG1f7EYLbX-W4WWxpErOduacUdPqHWHhpUoY-hdi7V4boXhf6m79N8dgl7qsOVOmojXNrRTgHw4uwHgkLA9MILUpJJ492GYTx1PM5f3d5A6T2D15tlGIlUjviy_G7RJJmOX8C20gzI9uNdQ7MU7WOdurWJLr_qsM5iXn3uXGOKd4gN19x873gQ4NoUTwWYSQNchs4I9LWhry-F0jkoqN8wVVb3OdGW1GZLM7f-jMVHzGeUKFE-5q8oOf3J3tEsevN00wR1dAt_DmGVAP1G4lGDtR7XyfRe32RYEL3xDDGvWoyIfFfPYQPj3kOxNvXYoEoAxjRNrP_BfNFWEZwhCQtcC8cBLFRzAg-nT1lGGYfKG0xH1ciU3T2ObRbfj1zC-CSoyqqCLSPIsxR1g73YdK9WaHFjdAHtPs7VY8MOJKPI_tqNatWCxhf-1_joD2HaugdRiYrdYvQ2UZLBFwQ3y7J14k1viKD5YgeLO3nf3CmuHocBUQhNgXtN_T6L0GVGfEcStS0ojcz-omCfNGTEyHg619701sLoxTO2WAsCSdhZqWJ-XzK_bvhJ7y71QPWopiE2eGzfxVyhcuL8fpMr3WzLM7P9Evo_Zg7FGXO2eC6uJil-1FRa1zdZcrtbduS60ZihkSxXnX9c6R0qIZT5aD8bU83Mj95Jpo3Qw6JFg3Fgcr_XyiIIUhZd4VjF6zgGjNcTrDUE9T4bnHxiweKSbZOM9aBcjGjgi4b3aNlyvw3KqccovQBRYF_wNsqSsqH0XPSg7kVM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
videoplayback
rr2---sn-fpobv-1gil.googlevideo.com/ 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C627 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=complete&format=TRUEVIEW&lid=143&sdkv=h.3.587.0&e=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&id=ima_html5&c=2775264563007417&domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B55D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
7695
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 05:49:15 GMT
expires
Wed, 04 Sep 2024 05:49:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 35A1 		829 B
785 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
fd1461d5d10e426f6afdc51f61e75aae61b4ea3438d1ce8b8a150fe43aa8ea86
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-n50zOcw6Ar3xcygSV1XbjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-n50zOcw6Ar3xcygSV1XbjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:30 GMT
expires
Tue, 05 Sep 2023 07:57:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 35A1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308290101&jk=3103434981226959&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
pagead2.googlesyndication.com/bg/ Frame B55D 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 21:18:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
124734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14879
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 02 Sep 2024 21:18:36 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693900651000&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1547&pt=-1268231349&tz=120&viewable=true&ddast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!t120!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
2f7ac81c75c9bb32cf60b6fb697c0a8409c68991b385c00bbe70d87ab0d09025

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:31 GMT
content-encoding
gzip
server
nginx
machineid
1467
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame B55D 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WSp8Cg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=10637&tvi50=12238&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
67
date
Tue, 05 Sep 2023 07:57:31 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
64131
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230054-FRA
pragma
no-cache
server
nginx
x-timer
S1693900652.609991,VS0,VE67
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308290101&jk=3103434981226959&bg=!jI-lj8DNAAYHwnCgJ8I7ADQBe5WfOEQdmqU58kOH2gozz56p-_HL2x5wcP9NdgGyynKbqstw0Q7WbLVIWgDIbZ0EDwOlAgAAAGpSAAAADmgBB5kCr7DE3FJxWNuc1IBQLo539a_Dn5SQ4fVlu1SP_FrY03Yl7ERODCR6gFswcxdwZEugR82UzqmwyfqOmuVsxYNRjRkvz1dTkByuq7P81FAHmnvfigPn9pI4igKr5p7QJduXZ-OPGJk5tDbluszOLeGw7UzEE7RlaXCehnB7LrhfL3c-jXWqDnfbTxhlSn64U_VgJyKwt5lUIjLb86ZUe2nXoWDJQpY4KJzaniUq23D1suVwNdFwrK2uk_3N2_yWMDETPwr3EIMxbc8xEB3TgNqvxiyTAD0YEMM-Ix_RAIMDCxmNUW7dZC5Bk8pscYG9tRRGJJuevO_jkE3Sb7VRakP8LT_F5nm0B7Z0rjQQ-tOOz5BbHMKVerNflSLenr5VW9nveeB9PwQ3ebRAWq1dGF0p0C_eNBePDUQvU5O2UVHNTYXOG2NI63bZZd3S-L9T1D1lZbjn8SK6-tNxs_bS1CSzaAit-JpT74Cea7P1T-dX_5A5Po66onh69tBFSd2rdlbyojN059dGzm8kjwBD785SbMuNcMZXP6cLX7JTqqLDLl_H-cV28fVZjRhIucjkNGrHIlkgvy6IkLxivNfCA-c7LTeJ3NxNEwzg1Eaa0XlJlHBFZgitB4na074BgGygGawUewHC7qEKMkHCxq2FHbyNx8bwoc7eymGKqDvnRHxiO-QS9mA6_iOHlFxIprgc3JOQCoFPgfOpscNfLtRzqKNz9JZcYb3XCataKjJfWm4zfplzdkknK0xYv5Y0ZxDPS5ik0VmOcVzbCoe6QEKfe7vdbwcUmOGtW79P9ZKGmKrZ8tIb72bvExcsCvgv7IGZG98WDiaEYAzCNeG29ABwNr7-Lq19jvexpzbYI3coX40PuBQ7pNYUG6hYEyzQkD7NuY42DqOHsMU5PuqvBKmuq9_vKw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~lm60pn46&c=1630487181919&slotId=815243590959.5&met.4=hvd_lc.lm60pn45~hvd_ad.lm60pn45~hvd_mad.lm60pn45~hvd_admu.lm60pn45~hvd_src.lm60pn45
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.133.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
eze10s07-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
p.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bg3.co
Date
Tue, 05 Sep 2023 07:57:32 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38u0&_p=4981&cid=1237583289.1693900646&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1693900647&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&dt=%E9%87%91%E5%8F%8B%E8%8E%8A%E6%98%AF%E5%B0%8F%E4%B8%89%EF%BC%9F%E3%80%80%E7%9C%BC%E9%8F%A1%E5%BC%B5%E7%AA%81%E5%86%92%E5%87%BAE%E5%A5%B6%E5%A5%B3%E5%8F%8BJoey%E5%87%BA%E9%9D%A2%E6%8C%87%E6%8E%A7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1A1D 		603 B
109 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-8586817092508713685&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4210&oid=2&is_amp=5&amp_v=2308181609000&d_imp=1&c=332004981&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&ga_hid=4981&dt=1693900645336&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&bdt=1733&dtd=104&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308181609000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 07:57:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693900654005&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1547&pt=-1268231349&tz=120&viewable=true&ddast=V8Os0CLAYYHQr0ztzH7xIwOhTonbmP3y0AAABgYID-AEltJo7RyDBaC2ej3Vo0MU7cEttg41b5lgvDzLJcbZyTISCpzcQxGhlGa-FstFuLJsaJW2IbbNwq33JhmFmWq41zMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8Uqfdrfy73tKj62H3uTVHp1v4dPjdmofdrXzY3VKn3eeWHh12n1v0eqv9rrfG6Hqr7A6nW-56K_-ut9Tvcn6Mrrfa6bC7pUenW-u3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQA8cygIl-dj9AcAAAAAEAAAAAAkABDQD0sAxBjvnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hmhiPv-9YQaZECmQLcIIAAAAgKz7a9aRSTpBxaLK__9_vxWAKwAAAYpkWJ7GWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI9QTjpQGSD4cSc0vIADAml9AAAA26qZg7s0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHVZDTyDCYTm8NiWpgsM99ksfKYXCuPceEcbUzbc8JIGYziqhXdZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCEZsu8lgsJytdcPVyi1amEZuiWezcStcFs_KMZo5V4PFWvT6mC42w2y08myRYMDdXiRPi3QiMRk2m8lusDANF4vRbjGxDZcr02a0Gk4mg8nEOBFLNCeLdCK77EuryWjkGUwmNofFtDBZZr7JYuUxuVYe48I52pj2FdtuMhgsZ2vdcLVyixamkVvi2WzcCpfFs3KMZs7VYLEWvT6mi80wG608-8ZsuVkOBrPRZt-YLTfLwWA22uw7dIbv6nM2KssqycelDEeLL9vNaVC4DBbvS306DwvGgnXaOTpdttKzqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHsQGgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9Rpdyv_rrf06HrYfW7N0ekWPh1-t-ZhdysfdrfUafe5pUeH3ecWvd5qv-utMbreKrvD6Za73sq_6y31u5wfo-utdjrsbunR6db67T670PQ2W8QSwekinYhextNF_UcOsRvOJZvhXLFbzYXLVQIAAAAAAAAAsATTTDcBAAAAcDKo4Wa4WK3TwUxmk8FutVwAF0FZuoBBAAAAAAAAijX2WAM8zG6H6eWW-Dwbv5UBSDDnMdvsM4JYq9WyBgAAIIANAAAggJtuvAkImeL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4KYTDbD_QNQIdZqtbrdWKvVClggy8VwM4H_____!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!t120!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
8a765f96b7e5f1e079c8a4a581ab81db4555122c2dd363fc6d559355aedc4145

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 07:57:34 GMT
content-encoding
gzip
server
nginx
machineid
1419
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<https://vast.aniview.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
vast.aniview.com/api/adserver61/vast/ 		817 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=645c834590f2c48ad908f465&AV_CHANNELID=6469fbec71f13c58010ba477&AV_URL=https%3A%2F%2Fwww.bg3.co&cb=R0.1693900654126&AV_WIDTH=700&AV_HEIGHT=393&AV_GDPR=1&AV_CONSENT=&AV_CCPA=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.7/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
944499d67ed80dce160570edef0bbaba6a52ea5e67633c872080f066f9de5387

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Date
Tue, 05 Sep 2023 07:57:34 GMT
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
X-Bamboo-C-SkSt
1
Transfer-Encoding
chunked
X-Bamboo-WL-Track
track1.aniview.com
Connection
Keep-Alive
X-Bamboo-WL-Player
https://player.aniview.com
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.bg3.co
X-Bamboo-WL-Serve
gov.aniview.com
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
X-HW
1693900645.dop216.fr8.t,1693900645.cds253.fr8.shn,1693900654.dop216.fr8.t,1693900654.cds109.fr8.sc,1693900654.cds109.fr8.p
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
AVmanager.js
player.aniview.com/script/6.1/ Frame EFE2 		476 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.162.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-162-159.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
c7a451b1fee1889fa50cb8015955d034ac4f2d0bc0d4bd12ff199fc6beed8228

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:34 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvCplYbt1OCcEQvQIgb7D9fomHiaumbT9b8pdMBvErQa4hcyOIxpwRgfBTp8le355WgOYhul1nJA2MuuVEqVRb7fQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130527
last-modified
Tue, 05 Sep 2023 05:35:53 GMT
server
UploadServer
etag
"70004d040c5610504b08ae8542383df7"
vary
Accept-Encoding
x-goog-generation
1693892153238655
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=0alUKg==, md5=cABNBAxWEFBLCK6FQjg99w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130527
accept-ranges
bytes
expires
Tue, 05 Sep 2023 08:07:34 GMT
truncated
/ Frame EFE2 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.bg3.co&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=&d36=6.2.125&apppkg=&fv=1&proto=https&clsid=20e02ea1-b00c-483d-adb1-49234fd934e8&rando=63&pid=645c834590f2c48ad908f465&cid=6469fbec71f13c58010ba477&stagid=&stplid=&e=inventory&vi=0&cb=1693900654751
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.34.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-34-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.bg3.co&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=&d36=6.2.125&apppkg=&fv=1&proto=https&clsid=20e02ea1-b00c-483d-adb1-49234fd934e8&rando=63&pid=645c834590f2c48ad908f465&cid=6469fbec71f13c58010ba477&stagid=&stplid=&e=AV_M8&prbdres=emptywf&cb=1693900654855
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.34.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-34-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:57:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
putes
vidanalytics.taboola.com/ 		2 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidanalytics.taboola.com/putes
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-cache-hits
0
date
Tue, 05 Sep 2023 07:57:34 GMT
via
1.1 varnish
x-backend-name
5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00101
server
nginx
x-timer
S1693900655.869534,VS0,VE67
x-cache
MISS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2
x-served-by
cache-fra-eddf8230061-FRA
unitsanalytics
vidanalytics.taboola.com/putes/ 		2 B
83 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vidanalytics.taboola.com/putes/unitsanalytics
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_3/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-cache-hits
0
date
Tue, 05 Sep 2023 07:57:35 GMT
via
1.1 varnish
x-backend-name
5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00101
server
nginx
x-timer
S1693900655.301487,VS0,VE65
x-cache
MISS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2
x-served-by
cache-fra-eddf8230061-FRA
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
117 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_3/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 05 Sep 2023 07:57:35 GMT
access-control-allow-credentials
true
server
nginx
content-length
1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/de37dc0e36c317ca19bb99f835970764.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/a68898c706bc6b04bc2dd3471b3e22f3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/8a47051f735d869cecc5046fc47c3526.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/0dac90e1839c99d9d69d400ee20d9d38.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/b24eedd81e402f8cb5bef31289d1bb7d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/2ecffc37e7a62c36e57164786223e95f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/3ac291c7305c88901c3df6b174df8143.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/c2a649550fc5c3360a2f5119eb00a6e1.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202201/5dbffc6cc1e3699e2c875ed66acc2bbc.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/69eb2b7b007aeffffcc8f1aa329f3542.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/b938bdc40c30b7a73c865eab6d72dd6d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/0d3827069cc5f886002c6cd231fbc527.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/fef30f1938401028641b272d4301e361.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/810a31968784ce18d51dff616f75fea2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/11bb8aec63ef205b47665e9dd503d778.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/826d06cb51021708ffa6d2bf845c955e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/b8cff058f989fa5bccb77eb4fdd2bcb1.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202204/5cd85a791fb4980fab8923eed5abbfc8.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/49c829efff5bbd729fe9b0608d67a305.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/67f991e2eaba519b52f510e8a9d5c834.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/923f2527bf69ca8f76bb42b2bb2269f2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/0209803747d97e8f89902dc0d695149e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/d4edd3f1f86be32eedec93e95668c194.jpg?w=150&h=100&q=100
Domain
sync.aniview.com
URL
https://sync.aniview.com/cookiesyncendpoint?auid=1693900647062-923943597839-001164-003-004420&biddername=105&pid=6444c646246df090c706ac34&key=&gdpr=1
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lm60pkbm&c=1630487181919&slotId=815243590959.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
www.conrad.ch
URL
https://www.conrad.ch/ztpv.php?awc=11467_414915_1693900648_dc213840-4bc1-11ee-9f65-22389f6b057d&insert=AW&gdpr=&gdpr_consent=
Domain
rtb2-useast.e-volution.ai
URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEAsD2Se8Q0UH7rq6YmlVzwU&google_cver=1&google_push=AXcoOmSfLub39PjlMCKT-nyxHApLlzr1PUKWqvjsRLT7pQ751p6sWWD-CeTCvU5NRBg-VV3sN5r5_0UigBcY_d0_cQFuooDnI7d9MQ
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Domain
public.servenobid.com
URL
https://public.servenobid.com/sync.html
Domain
contextual.media.net
URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/um/ixmatch.html
Domain
acdn.adnxs.com
URL
https://acdn.adnxs.com/dmp/async_usersync.html
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/sync?
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Domain
ssbsync-global.smartadserver.com
URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=2ae713bd-46e5-4185-995a-43be3f185e31
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/464246.gif?partner_uid=795f1f27-d0a5-4a62-8cc2-5b9b350ffee5
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Domain
ssbsync-global.smartadserver.com
URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
Domain
us.ck-ie.com
URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Domain
us.ck-ie.com
URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Domain
c.clarity.ms
URL
https://c.clarity.ms/c.gif
Domain
rr2---sn-fpobv-1gil.googlevideo.com
URL
https://rr2---sn-fpobv-1gil.googlevideo.com/videoplayback?expire=1693929450&ei=at_2ZJrCJb7kxN8PovWiqA8&ip=178.238.175.89&id=0b460a95a9b1dcdf&itag=22&source=youtube&requiressl=yes&mh=Ey&mm=31&mn=sn-fpobv-1gil&ms=au&mv=m&mvi=2&pl=25&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1662534671073906&mt=1693900157&txp=5318224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhANKbh81FBDDS948Im6T5ErNw7newdKw0OJRP46LXuZ9YAiAbVsd3D1k7yy1NocvWyFh3bz0qt1jV6djf9IhqZXCwgA==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgJrrDQQIGUdMqwm5H82hgrG9uEPOcfrp6FSQi26dETWwCIQCxIub0pGZ8mM6JaI1_XKXF_QfHm6DvbPvWpmrhR5an_A==&cpn=DW8gHeatJT4ihIs9

Verdicts & Comments Add Verdict or Comment

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| documentPictureInPicture object| _taboola object| adpushup object| ucfad_async object| unibots function| _typeof object| TRC object| _tblConsole undefined| msg object| regeneratorRuntime function| reactSiteCheck boolean| mobileCheck string| clientDomain string| clientActualDomain boolean| playerRun boolean| reactSite string| previousUrl function| checkPlayerShouldRun function| runCMD function| unibotsLog function| unibotsCustomGA function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| unibotsPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| adRecover function| checkFrameandInitStartFun string| nam object| placementData function| autoDiv_or_FrameChecker object| adArray boolean| blockedPagesFlag function| loadStyles function| initFunction function| runPlayer function| shouldPlayerRun object| cmTag object| ucf object| request undefined| $ undefined| jQuery string| currentState object| adpGlobals object| googletag object| _apPbJs object| hbAnalytics object| adpTags number| ampAdSlotIdCounter function| jqAlias function| clientJsFunction object| s1 function| clarity string| paramsString function| runAnimCheck object| _cm_wfCounters string| lastWfUrl object| __AMP_EXPERIMENT_BRANCHES string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator function| startCMTagMain string| category object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog object| _qevents function| shuffle object| entertainment object| arrToUse object| playlist object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries function| OvaMediaPlayer object| Criteo object| ggeac object| google_tag_data object| vttjs function| WebVTT function| videojs function| videojsContribAds function| videojsIma function| videojsPlaylist object| $jscomp object| canAutoplay undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id function| quantserve function| __qc object| ezt object| _qoptions object| listeningFors number| 3pla object| ox_esp function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| __uid2SecureSignalProvider object| __uid2 object| pbjs object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_141 object| Criteo_identitytag_141 object| google_ad_modifications object| google_prev_clients function| isValidVideo string| myPlayerGabywa object| oldScript object| attr function| gtag object| dataLayer boolean| descriptionPage function| focusFunc object| google_tag_manager object| closure_lm_171279 function| onYouTubeIframeAPIReady object| storageAni object| closure_lm_973794 function| prepareAdRequest object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| GoogleGcLKhOms object| google_image_requests

71 Cookies

Domain/Path Name / Value
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Db6720096-785e-4a4d-b33c-aeb3e14f9501-tuctbf064e3
www.bg3.co/ Name: __AP_SESSION__
Value: bef33ccc-9f6b-41cc-b71f-1c64f83df7f3
.aralego.com/ Name: sspid
Value: 6b757664-b9a6-3fa8-bc08-4f29af9af314
www.clarity.ms/ Name: CLID
Value: ae0d4a771236474897c6f4cd2b0ad383.20230905.20240904
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 4a8a63d0-e364-4af2-a5e6-81b0fff3ad86
.prebid.a-mo.net/ Name: __amc
Value: 1_1693900645_1693900645
.omnitagjs.com/ Name: ayl_visitor
Value: 6a6a7ac3b7bc8fbe7ca70f317dc79cae
.aralego.com/ Name: euconsent-v2
Value:
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEw5r7bpwY4AUABSAEQ5r7bpwYYAA..
.adnxs.com/ Name: uuid2
Value: 7789382227358860287
.bg3.co/ Name: _clck
Value: dpsydt|2|fer|0|1343
.teads.tv/ Name: tt_viewer
Value: 37d1391a-2c2c-47d6-863d-09193cc09326
.rubiconproject.com/ Name: khaos
Value: LM60PJLH-1F-1W57
.doubleclick.net/ Name: IDE
Value: AHWqTUl36jZV-yrsy4FwsT4U0zVOU73nei0YW-7BEZz0yL3zofFTF7HAMIF0OgY-8cI
.openx.net/ Name: i
Value: ff355f18-b465-43f5-896d-138068b3acc0|1693900646
.bg3.co/ Name: _clsk
Value: 1ppb0gi|1693900646647|1|1|p.clarity.ms/collect
.criteo.com/ Name: uid
Value: f1982f1c-1352-417b-98c5-4c6ddbd85287
.quantserve.com/ Name: mc
Value: 64f6df66-c396a-f7f28-f8053
.bg3.co/ Name: _ga_700YDXWXPV
Value: GS1.1.1693900646.1.0.1693900646.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1237583289.1693900646
.bg3.co/ Name: __qca
Value: P0-1524822824-1693900646250
.bg3.co/ Name: __gpi
Value: UID=00000c9d7142a69b:T=1693900646:RT=1693900646:S=ALNI_MY3aNIGNmkLs_xMxqfwIAVO9RAd0A
.yahoo.com/ Name: A3
Value: d=AQABBGff9mQCECRBmxVs9zaBGX-6NSqR_AoFEgEBAQEw-GQAZQAAAAAA_eMAAA&S=AQAAAqDvUhtgSMEsi7UjEur0v64
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1693900647.1.0.1693900647.0.0.0
.bg3.co/ Name: __gads
Value: ID=b150c6d95391cdc4-229ebcfe67de0065:T=1693900646:RT=1693900647:S=ALNI_MZBrFZMGmCyN68ySKUvDeEP5QXxbg
.casalemedia.com/ Name: CMPS
Value: 5232
.casalemedia.com/ Name: CMPRO
Value: 5232
.casalemedia.com/ Name: CMID
Value: ZPbfZ0qlawjyk8gODy6d8gAA
.aniview.com/ Name: aniC
Value: 1693900647062-923943597839-001164-003-004420
.amazon-adsystem.com/ Name: ad-id
Value: A2uXSw8gF0mHqHmTkViYQBE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22354EDCDA-48DF-4427-A0E8-76F56350B13D%22%7D
.adfarm1.adition.com/ Name: UserID1
Value: 7275247881558489242
.uuidksinc.net/ Name: jcsuuid
Value: VwcvsqyA7CoeFyjTZB2D
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.lijit.com/ Name: ljt_reader
Value: HRO9uGZH6amqaCH-TPK6rahK
.adsby.bidtheatre.com/ Name: __kuid
Value: 913e1faf-4b37-495c-a852-3fbc22648eb2.463114647
.adx.opera.com/ Name: UID
Value: OPU50da81ba41034ef197ba09b41104af9e
.yieldmo.com/ Name: yieldmo_id
Value: 3RI_7ccQQYclRpWPx8HM%7C1693872000000%7C0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BF8DF254-A4AE-4AE9-90EF-85683E54E635
.go.sonobi.com/ Name: __uis
Value: 6e322d1d-c191-4c59-bc97-56e0ac836789
.go.sonobi.com/ Name: HAPLB8G
Value: s86193|ZPbfa
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: b92d9123c65a6f98
.zemanta.com/ Name: zuid
Value: 3e4UX9K-vEQOnqqfZf9g
.yandex.ru/ Name: yuidss
Value: 4375390191693900648
.yandex.ru/ Name: yandexuid
Value: 4375390191693900648
.tremorhub.com/ Name: tvid
Value: 4ca0a67330c14a0dad2aa43b4af89dab
.tremorhub.com/ Name: tv_UIDF
Value: CAESEJajGoKxPJDDyQvwxcdV30E
.tremorhub.com/ Name: tvssa
Value: 1693900648492
.tribalfusion.com/ Name: ANON_ID
Value: akntuJtlix98qyTAZaRq6gZbLub0CHZbVfXCA6yQ0pcJX5rrLwyZc8nHkBIsrPmxMHFo9N9iRxoVaoTFqKFFFNtjD12o
.awin1.com/ Name: awpv15168
Value: 414915|1693900648|dc1e5210-4bc1-11ee-9f65-22389f6b057d
.awin1.com/ Name: awpv11467
Value: 414915|1693900648|dc213840-4bc1-11ee-9f65-22389f6b057d
.awin1.com/ Name: awpv13872
Value: 414915|1693900648|dc25a510-4bc1-11ee-898e-223287d3f473
.awin1.com/ Name: AWSESS
Value: 346432:2246412
.googleadservices.com/ Name: ar_debug
Value: 1
.adform.net/ Name: C
Value: 1
.acuityplatform.com/ Name: auid
Value: 823308758890
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRRkLCxe0mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUZCwsXtI90aGlyZFBhcnR5VXNlcklkWkNBRVNFT1l2TWdJYkVUUldnT3lKTW9QQ2FXMPv7hnZlcnNpb27C+w=="
sync.gonet-ads.com/ Name: chk
Value: 1
.adform.net/ Name: uid
Value: 6487398058642971688
.gonet-ads.com/ Name: pid
Value: NmI3YWY5NjFhNzVhOWRhOA
.conrad.ch/ Name: __cf_bm
Value: XpN7MDsEV7Jfxlvi1un4ruMkHB6UGxtJRbx0zwh8ONA-1693900649-0-AcSqj2Vf9mNm8Pb6+bOu3wstHWTJD12geOqu9OZpI6TsJtL8HwsUn+LdXBFDMAPbaANs6mnTyMf/cgcKgDXYc2s=
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-09-05T07%3A57%3A29%22%7D
.openx.net/ Name: pd
Value: v2|1693900647.2|vPvMgakWgy.iKbwuYhEgKg2
.onetag-sys.com/ Name: OTP
Value: bSm8CFePDnJhJlhbT8VuSe46TJsnAQ9v5jZ6mBZuyYg
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~2dqv:18za~2dqv"
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpHUgRw5rqFtWRYLUZstPNRtRftiUzWP86S/+ImKUrWqitzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ek7+8UWvn5lu
.smilewanted.com/ Name: sw_user_params_infos
Value: Cb1hMnMv0SCTOMab83kqJGJVwpPo35L%2BOBws8Hlk8GWqXB2lPGyetONEu%2BOjj71oHoxka8%2BhkjMyFFKpRXi88XprxFkcHzwxCkKcbAPDaTqHwZmKVeMierZTTBfqk3o%2BbJU0fWzyESClFMN%2Fl3Flv51Le3D59MXtwdO5GOLYzH5nh0F38XgL1kOaGGaiu02DYRYkljaui7UT9eMpiyC28MAvi8kjNVAml%2BTgftP8ylQhB3xYtLRPzP1s3vU6VKuJRVyM3Tb3UdtAixpFeh%2BNtNXSKwIg6aYHI6%2BsWbhsqu0%3D
.turn.com/ Name: uid
Value: 3588537246703360151
.bg3.co/ Name: cto_bundle
Value: S3No5V9RYk5kTUswcDBVYzdCUG9tcUZyYktuT1VUQ1Frd1F1QkQ4UEpzeWVMOGdzcVJ0JTJGOW0zNnoyWFhBRlVnaWRGcER1S1VPbFhkQlc1TmtSJTJGZkZFTTRNNVIyT0w1NUV0QVdoVlFGUEdXUGhMY3AyaUNPayUyQiUyQnlxZlhMQzRtcmFnY3ZwaW5rNkc3Q2NCVEZvT0l1MkRQMjZ1ZyUzRCUzRA

47 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/3ac291c7305c88901c3df6b174df8143.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/a68898c706bc6b04bc2dd3471b3e22f3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/de37dc0e36c317ca19bb99f835970764.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/c2a649550fc5c3360a2f5119eb00a6e1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/8a47051f735d869cecc5046fc47c3526.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/0dac90e1839c99d9d69d400ee20d9d38.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/2ecffc37e7a62c36e57164786223e95f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/b24eedd81e402f8cb5bef31289d1bb7d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202201/5dbffc6cc1e3699e2c875ed66acc2bbc.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/69eb2b7b007aeffffcc8f1aa329f3542.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/b938bdc40c30b7a73c865eab6d72dd6d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/0d3827069cc5f886002c6cd231fbc527.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/fef30f1938401028641b272d4301e361.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/11bb8aec63ef205b47665e9dd503d778.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202204/5cd85a791fb4980fab8923eed5abbfc8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/826d06cb51021708ffa6d2bf845c955e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/67f991e2eaba519b52f510e8a9d5c834.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/810a31968784ce18d51dff616f75fea2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/b8cff058f989fa5bccb77eb4fdd2bcb1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/0209803747d97e8f89902dc0d695149e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/923f2527bf69ca8f76bb42b2bb2269f2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/49c829efff5bbd729fe9b0608d67a305.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/d4edd3f1f86be32eedec93e95668c194.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 482)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cdn.adpushup.com/42753/L2EvamluLXlvdS16aHVhbmctc2hpLXhpYW8tc2FuLXlhbi1qaW5nLXpoYW5nLXR1LW1vdS1jaHUtZW5haS1udS15b3Utam9leWNodS1taWFuLXpoaS1rb25nLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693893446&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-you-zhuang-shi-xiao-san-yan-jing-zhang-tu-mou-chu-enai-nu-you-joeychu-mian-zhi-kong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693900646251&bpp=198&bdt=1429&idt=511&shv=r20230830&mjsv=m202308300101&ptt=5&saldr=sd&cookie=ID%3Db150c6d95391cdc4%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MZsAw-Z07TEz7FDdpGTb_F8pk_IMA&gpic=UID%3D00000c9d70db36d9%3AT%3D1693900646%3ART%3D1693900646%3AS%3DALNI_MbvSWrwOI6mYgUX2TCqQYaeZhHESg&correlator=1630487181919&frm=23&ife=1&pv=1&ga_vid=1611834173.1693900647&ga_sid=1693900647&ga_hid=2003692168&ga_fc=0&ga_cid=amp-v3yt3Y2oQtqxAmTKtkzCIQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1314456813&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077330%2C31077525%2C44785295%2C44795922%2C31077587%2C44800658%2C21065725&oid=2&pvsid=2369429987974638&tmod=1786599782&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8ze6ox59yr2&fsb=1&dtd=524
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEAsD2Se8Q0UH7rq6YmlVzwU&google_cver=1&google_push=AXcoOmSfLub39PjlMCKT-nyxHApLlzr1PUKWqvjsRLT7pQ751p6sWWD-CeTCvU5NRBg-VV3sN5r5_0UigBcY_d0_cQFuooDnI7d9MQ
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lm60pkbm&c=1630487181919&slotId=815243590959.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=2ae713bd-46e5-4185-995a-43be3f185e31
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://id.rlcdn.com/464246.gif?partner_uid=795f1f27-d0a5-4a62-8cc2-5b9b350ffee5
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://c.clarity.ms/c.gif
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1498e9a87847adf599e80018330f4b11.safeframe.googlesyndication.com
8d47204692998896955fbf1ba98b5dc2.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
acdn.adnxs.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.eu.criteo.com
ads.servenobid.com
ads.stickyadstv.com
ads.travelaudience.com
ads.yieldmo.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
an.yandex.ru
ap.lijit.com
b1sync.zemanta.com
bidder.criteo.com
c.clarity.ms
c1.adform.net
cat.fr3.eu.criteo.com
cc.adingo.jp
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cdn.unibotscdn.com
cds.taboola.com
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
csi.gstatic.com
csm.eu.criteo.net
csync.smilewanted.com
ct.conrad.ch
d-19878241193655553232.ampproject.net
d8903c0bd540ae6455ed24cd35a0bcff.safeframe.googlesyndication.com
delivery.adrecover.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
google.partners.tremorhub.com
googleads.g.doubleclick.net
gov.aniview.com
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal900010.redintelligence.net
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
il-trc-events.taboola.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
js-sec.indexww.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
mts0.google.com
newsbot.unibots.in
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.clarity.ms
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
player.aniview.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
public.servenobid.com
region1.google-analytics.com
rr2---sn-fpobv-1gil.googlevideo.com
rtb.nl3.eu.criteo.com
rtb.openx.net
rtb2-useast.e-volution.ai
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
stream.unibotscdn.com
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.aralego.com
sync.go.sonobi.com
sync.gonet-ads.com
sync.mathtag.com
sync.richaudience.com
t.adx.opera.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
vast.aniview.com
vidanalytics.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.awin1.com
www.bg3.co
www.clarity.ms
www.conrad.ch
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
acdn.adnxs.com
ads.betweendigital.com
ads.stickyadstv.com
c.clarity.ms
contextual.media.net
csi.gstatic.com
eb2.3lift.com
gum.criteo.com
id.rlcdn.com
image8.pubmatic.com
js-sec.indexww.com
match.sharethrough.com
pixel-eu.rubiconproject.com
pixel.tapad.com
public.servenobid.com
rr2---sn-fpobv-1gil.googlevideo.com
rtb2-useast.e-volution.ai
ssbsync-global.smartadserver.com
static.bg3.co
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.mathtag.com
sync.richaudience.com
us.ck-ie.com
www.conrad.ch
x.bidswitch.net
103.231.174.251
104.16.89.20
104.18.24.173
104.18.39.155
104.19.241.24
104.22.53.86
104.22.68.131
13.107.246.60
13.113.83.56
138.199.36.11
138.199.36.7
138.201.63.145
141.226.224.32
141.226.228.48
142.250.181.225
142.250.181.226
142.250.184.238
142.250.185.104
142.250.185.161
142.250.185.195
142.250.185.238
142.250.185.66
142.250.186.131
142.250.186.162
142.250.186.170
142.250.186.34
142.250.186.65
142.250.186.66
142.250.186.67
142.250.74.196
142.251.133.195
147.75.84.158
15.197.193.217
151.101.193.44
151.101.65.44
154.59.122.79
162.19.138.119
162.210.196.208
172.105.43.230
172.217.18.6
172.217.23.98
172.67.71.254
173.194.76.156
178.250.1.10
178.250.1.8
178.250.1.9
178.250.7.13
178.250.7.17
178.250.7.2
178.250.7.4
178.250.7.9
18.194.149.72
18.66.127.127
18.66.97.30
184.24.77.65
185.106.33.48
185.255.84.150
185.64.190.78
185.80.39.216
185.89.210.122
188.114.97.3
188.42.105.220
2.16.202.121
2.18.162.159
20.122.63.128
213.19.162.51
216.239.32.36
216.52.2.30
216.58.212.130
216.58.212.162
216.58.212.170
23.201.255.110
23.97.225.52
3.126.136.176
3.75.62.37
3.92.34.105
31.220.27.134
34.102.146.192
34.107.148.139
34.120.107.143
34.242.138.167
34.250.19.175
35.190.0.66
35.227.252.103
35.244.159.8
37.157.3.26
37.157.6.233
46.228.164.11
51.89.9.252
52.46.128.147
54.171.32.106
54.236.120.89
54.243.97.198
64.227.64.62
69.16.175.42
69.166.1.66
69.173.144.137
69.173.144.139
70.42.32.223
82.145.213.8
85.114.159.118
87.250.250.90
88.99.165.19
91.228.74.166
92.123.148.9
95.101.149.233
95.101.149.35
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
037087ee621182db62aa2e50c458f28b21525e8bf6e9acd6ea7d2cf631d43e5f
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
04ca16cb8689e125ba1b2da9f1cbb75c07693045569adbf250c717279b91c932
0523c9f4c6e8ba75215efcb5a0dd935a921f2f7ab3fb4704ce76e1581b138f8f
0524e9bcacf056bba7072c03bdf17331f91680fdd6581b1edb7d36af9934d2af
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06cc100d762a6514b0dc5e5c9476cff5c49dd4b7f6cdc499ff36431d94609f56
08d502e7f6319b0015d0ea006b216f287353f60e0cd84462a5a43d6294bfea7a
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09db039251766d76dd3ec8b446813be70778c66e060c306b63ceb96aa200b4af
0a2295778a2842ba08319bc9af15b0a23e1b323fadccd1a8db8c43422798891b
0a4e9036d025288ebf7fb62c883e6832633ef0e3f452cceb210921928e4e34b8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca5dae92ef6608fe14a8ba5e56f72d38b31e7570d98f2287024bfe4a0d53c99
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0d676b76c53b833818c6e1a63c1fdfe4cfd1c19798f92705e2813522ef468721
0f7c168f64aa438778c67a1a94c60e5328b7b18b44c08154d41280d9b5f94491
0fbbf4f8ecfd45e554e169f6ef4d672b2fd3bbc3a1a79728607a31f7395eba72
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
131b7b6f2de2877da6acd13d298e826ca9f958e21b0795325f31a62120fe3807
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
15da23ecdb6a1c72d6411c127b53df9b0b93ea275fe0dfa6eb0f774566e27ea8
16a0e51f2c5618ae9d2419deac410c51dbdaccf60f88777ffe0e03537bce8ea5
16c56af26101715bb14f3afe53bf3f2c60a1413cbe8e58a1d2c6d8296908f665
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a12c1bfdeb0699cfbf476da554a65b6fa88d0312b46d048ad7ab09bdeb49d4e
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1e229e795661d9b3f0e7534df3b8af346ca934a563664581f9b978133c48e281
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1f9614fac2f5b3aed8e550af092e65d00d17dbc37eb73d2658f915b9f37dd549
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
21ae83bd23677cdebc8138a1dc65b1479d03466c9200e943acfcf4a9adc33702
22dc79ab92abba87adc663fbd3b8d9242b1ede690743e6d92eca2d5d69ec597b
2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb
25d2d2d08f72ff6fb277f8a16ccf6204380e718197aa5ab8fe91c82222698aab
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2ba17066c7732292767f90668f1efc4bd0d7e3ce0335806bbb764ad157a77ef3
2d1d38e921b2af298d6913929f27f091a9e80788ececa370657e2bae396c0e6b
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2f7ac81c75c9bb32cf60b6fb697c0a8409c68991b385c00bbe70d87ab0d09025
2f7fd1d6651e37c961b69957f5037d3237ea523fd55d5d3a60ddc3fc2b61ecaf
30d5fdb38360c8c0186300d6db338aabb3d7a8362f2908c84b44a033ae673c12
30e3ff394f00fe9fde8dc35f006d697c21abe41673a700f4cd5cd0270fc0d01b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
355eb73ef3ddead38f9ac663bb3cde3cf51a4dfb446937f5aca3e716c3c99e73
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
36c7969430e26934723d71d780cd01618a16adc0cb23051a77ada9e736e7a14e
36d1268298a6da877a354aa0afefa709bc3c35e373d547d04ea67943b6aba853
36e0d542a26e9291d9a13b1686f8acf7f4499e4b386a7e9387e5e04ad46e4210
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3829d0d4087c415ba2ecccd39d783056b6326f9c72f8929f38f481f6448101a0
387693ae9129954676f66cc2f2d2352e94457c2ff461f778551af1594585d90c
3950ecf64c838806c228fa081848c109a18c4b549089e258db646f3b9a27d0c2
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3aae61f075cc64d2d2a1918694af9db5df06c7a638c6162f5840c5618f59bd03
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b1122a5e4e7b37a9dcdcb6a9139cd03ac14fb5098ac7e22585d5c59eb93f47a
3bf6ad585e13e6e4b6832a8c8b75b1c83b4e7ee3683c5f786a274527b5fe7d27
3c108a53e2df2382d351dce07f61418d9032dc05815df682b3226500bfd58118
3dc74ba4c6ba2d6c2a2d3068f455fade4e15af0d846c145c7039a5209686b3ef
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f18968d0dacf1850dfce645f211ad6244443b9af0415f380ea27f0e835cb58f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40456f3defa74e97774033f745df5823754059dd958f6f0c6ebe360f1db0fb06
42ebf2a6b299761f5cb258a35a52cb76a1deac34e6b377aca052e81494c20846
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4725791b2709623352569ead56317fa9ed6fa76c499cf838d7fa988f5a9b0579
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c81fdea7c18bbcfa19c107195f178531a1894893820fa4f813e8a2d4626e7ee
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3b6cd7469e62a94f395ef409b1731737233cb9f67a6ac9b4417a11bd087be4
4f6a107a3fdb1536c81826561e818486e2a0ae0b230df8b15f908af89b0071e0
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53202a3c73552b3385ff4cc5598c6cdabfa4d37acc87cd2fd8c0577494143285
53294044ef54aa72d219a20ecea405f082270bb7774af92c6117b2c7a5ea8013
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
58cead55b65f3b0678c4b30ae3d13b6e12567e960e0bb85cdde591943acc9932
5d95f53a5578a8535d127a7041191865e9651fe932cdb84dd6c2d08b6a8c518f
5dd1c05968d3cb18639b7b13aaf7ac4a057ccc810ad26d5aae21eff022c73c50
5ddae47187a17644dbe7e02cdf7089521d014d35e172c5c068b16213702bd5c5
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
605f8002c76218327eaaacaee48bfe313d10c906bc4b68f1f3df00fae58c17dd
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60eae163338ae064c8e56ac9860b94c3ae046b7ad97cdbd9b410206ff447f353
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6378d47bbd6a1f775f532cb753cef86ae7c5dda82d0592ac896a73936dc9ccc3
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
670b45e4609a11b828d7fbf9f31d3d6703c19d9e734f49228668d616ee4996e3
672d343a034485c644e2a9ae1b51a07e4756334052a656c85a9785f19045b2c2
699631281b60306768d152003e37940875bb02385c377fd1e4f86e76f454fcff
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6e253854859a50b68369ab5489d9d32eaf73bf9eb29502d446aa0f29e50f8523
6f66418be196f2d155fc603bcefbbc69f075a6f2efe0b8ca408ecfe0d962ce2a
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72733561a4030b10d08d15daed28ca2e67708a34c33aad818949c91bf1413787
72ba3f640ebedbff4245c0df1f88643edb69672df22409d54c54161cb9ea1d41
75e8be63f5d5de6819180d7b1aa8af1a9d12966daaf0ccc05ceda4785c348c0c
76621d3b2561de39d3266e42c194d7e0265989a375a2e234be586fa227573e8c
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77e6dc54dc7dad79d423221d14d886719098bfde4af86a064451e11dadaa67d1
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
7e03662baae2a170203c136b546c40cd0503823becb15ab80629e544af9efe19
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
823214013aef02896daea501500d03afb1df772ae7c15f63542324c850b4f8c2
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
832a72f2596bbbc425309519b1f0bb8e22dee773bc06692db0dca5df63360c2a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8382752dea1b971983eeee3c2d2059c386b0450cf813ae0b54227303c95d7213
83b00667bd143f66e8d9ce78d3b7c36a5400640106083b89a4b3a455cf3f2faf
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
85644dd43bd4cd844ab209f5eb91ee8d46e01b891214145ff2e89a5a3ef5a00d
872706d1369fc2a374bb253cce0ddcd4ddf73af6c15be7f6198da46f4e5b5ad2
89ed9b4a17a685a30f2f8f46a6749bf5ed43a3fde2ee34845be82db018b261e5
8a765f96b7e5f1e079c8a4a581ab81db4555122c2dd363fc6d559355aedc4145
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8c0de8d914cf413918e4f780b2c92d4ca961c20d87ab023c55b5b6b2cc1438af
8c9a10e5e0c899caa26953d42672df74d99ce3171681d139a3026606fa462c2a
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8cdb4fb1276b0d566421fd24867c89d8e56b612bae8103e12c15f0f109da6282
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91cbd4410595f94fa3f3deda346e9245190ac77f4ba4e6326f407a32f4afb086
920e61c4d114a96b890545ff904a61109578821e50306b6d9f642cebead0eca3
923690f3c0feaf6346a2755af20e2b8580a048126501966a8ccd0fd31c6b53e3
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
944499d67ed80dce160570edef0bbaba6a52ea5e67633c872080f066f9de5387
956af125560a696c9a73e1f193473351550cd944332c4a00399aaef5d4491fe9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c54bf6ab1af08f7f512d67d17c99c32dd9bddc19421c9a7e672b2a22ffe5ed1
a0c26e84ac5bca230b0b23757843ec8df1a6fb0ef37d9ee1e2e34672b5b83968
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2f6e8624590cde432e4d22e48b460ab43dc4df4777750a36b0ac9414ed0460c
a303bdbfce6897ec74ce030b85480f417f9e17804f7a19b8f2a90feff115b94f
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a58656445d097f968ab662bc5a79d6ae8e1a892c1a2db490b05bf923b04819e4
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7abe28ed37d7cbe9d5cfb90b225373d8d3fa3c2ecd38944c0eff74b08f03d11
a7c94d5780fa800afb0066d0ceed10b6488d78ec4cb2a85c42e5772b6218cd26
aa705341eb7ea0085cec700f922ad7226bd3711c0b5910a47aa517023c64dc3e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
acbc430a2e796698d0d15d5238175cd6a8ec65e7def2b283e4656fe3fb113836
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af0d502a9a7d67163adf186df31255bc15e9f08004dd1ef115c3145c3657da04
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f092f6197eacc2363e809fd2dc07638f8a9859883130d144ca74903027b870
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b259bb222a39b3d352bd17275abf5799be7aba7c78275743c801ad55b7332531
b37aa148490428ad1f0020333adee10eeb8fbba1b6ce2f66835e9b62441cd85b
b64b1e2a757b2e9a3fe1d0073a847dc628f88cb1e47acc13ebf26fe6215dfc25
b6f86771624c80556823d18c77850c02dc5265fba52e3f1459b5de3d0519f79f
b7bebc0e0f1f555943373a72d729ebedc8886d053f50a42020ce84ca83ceb582
b7f7b4d4ef31836eb7a95af9e7c212ee1ad1ee0cd20f75d298ee708fb7eb0a77
baca47ee6750ca1af1c095cf5898d6e12af2faa1cea6c82dbe2f88512cfc9820
bcdbd7e495d938d969b66660f0714fd2da58de72dfa2db4ecdfdecfe0b8f8862
bd09c8a7b93803aa5920748a2f7b9dbfeac2c74bcff72e52f72c7c9abfab7534
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bf72b72ccb840c222117ab1c562fdd0b4d40dd6a23ba707be6f8ff09301f20ff
c1046a7b5f56b3c23e1162005cfc50b1f0af39546ed1f194f63a1613acf2dea4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c44b20c4a583afca9b1919762accced239ecfc8eb1a4dcf722945b40f3aaae33
c5a151f6d9e09fd60bf6973d09630854a1ea0545ac0cbeb88dec0790b3c04b7b
c600d02f8bebdaca2fbf4897976470c59689fd3712ddc62f8d41d87990e24c82
c6dedbf49578df8b1ec598034daa1324e417fbeef3602a7b7ab570390fb46fd3
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c7a451b1fee1889fa50cb8015955d034ac4f2d0bc0d4bd12ff199fc6beed8228
c96ae71aaa29dc81173e75f0decbce2c96524acc59f1dc3e99a0292560a2b892
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca640993734dc917a3f3114498cf21d6df8550509b039e5975f8520c11ac6560
ca8807fbc1da6011747cf687c91060ced3e90e0e6ff78da4813186f5fc09e54e
cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d002fecf6ab94932d8851fa5c07275ce5807839e3ef7b73191d71614d17f553a
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d18f454f7e603f14987f9bf125ed39f724ea896af2c6671415da8d9089b38f72
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d3e75d6e2c4466fc16b30a1918ba0e32d7963663641c2c75ada324c1e3a439aa
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d8f4f1156b777f28c22685aade9fdaf51c55bb238e296637eb3d916482d6c714
d9c8ca2a09ace021c2048354be5bc5218343c3494f2ea9e0e144a6c823e204eb
db94893653c53b70e0c63bd0b7c24b0cbf802b844f6613001062c7c0725d5b65
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d
ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e22158808f2f86a0356dd020a0a86bdfded121d34ecc9055830973870e674115
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4612453ee1173a62d2c517be3b9a8f79de7f91e219909cc72b4f165bf2e1e96
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e68a0785b0c2b5e718c7a448c71b763d8d74d5734e33f22996572c2e2bf739c0
e80ab41aa28c4b4ed16b6aa5c8a00ec1b094b866fdc0f72147feaa324829a393
e84ba168eec0ab5da126d6b17624852673048b8fd0c038b8cac0d5c887645db8
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ec6f48cf56a6db4c5733e3e3553ab9a3ca90e1bb19cc4a4a37adf39d56114ada
ed092c9ebb55d10e58f710417c3544211983fdb3915f242f5111cc2fac5c2759
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
efc40d4736f5df7b6b81980bfa7a5da60b8ffe25a49e561435cbfc651ded42a4
efcf1e38b5d63723b9d086fc89d715b3371e50715bc63be3fbbcfadc64a4e614
f1147e61df3d7174fe757616ddb66d15c466bc45c4a62a7f9ac7a1c817dbcaf4
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7bb935690a673c52a966ac02462cff6af3ce97ffa967252ef969d4863dadcf4
f81e307dd3880d9af250c4b63d17391beb0dcf32b33a665019945efee087ae21
f9ea102e63f49b54d9490d059531d7de7cd6a97b368739dce2c13b16b350885a
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fd1461d5d10e426f6afdc51f61e75aae61b4ea3438d1ce8b8a150fe43aa8ea86
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffbda24a8edb461f54bf7058f3bb2ebc66adbb9a0f7143709c0bb2e6de9136d5