www.bg3.co Open in urlscan Pro
84.17.37.44 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Submission: On May 08 via api (May 8th 2023, 8:27:09 pm UTC) from US — Scanned from DE

Summary HTTP 323 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 65 IPs in 14 countries across 51 domains to perform 323 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	84.17.37.44 84.17.37.44	60068 (CDN77 ^_^) (CDN77 ^_^)
11	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 6	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
4	2606:4700:20:... 2606:4700:20::681a:567	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
45	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	54.64.31.222 54.64.31.222	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.21 13.32.99.21	16509 (AMAZON-02) (AMAZON-02)
36	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:24e... 2600:1f18:24e6:b901:e1d1:5b35:d046:4c40	14618 (AMAZON-AES) (AMAZON-AES)
16	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e4:... 2606:4700:e4::ac40:a11f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
3	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:8600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
21	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:680f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.7.20 108.138.7.20	16509 (AMAZON-02) (AMAZON-02)
4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	2a05:d018:d29... 2a05:d018:d29:3605:3da9:ce9e:b459:fe7e	16509 (AMAZON-02) (AMAZON-02)
6	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	54.249.242.97 54.249.242.97	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3 14	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4 6	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
3	185.29.132.246 185.29.132.246	30419 (MEDIAMATH...) (MEDIAMATH-INC)
11	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 2	3.122.139.171 3.122.139.171	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	141.226.230.50 141.226.230.50	200478 (TABOOLA-AS) (TABOOLA-AS)
4	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
11	18.203.130.15 18.203.130.15	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	13.41.237.64 13.41.237.64	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	104.96.147.178 104.96.147.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
4 4	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
1 1	2600:9000:211... 2600:9000:211e:f600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	18.130.95.23 18.130.95.23	16509 (AMAZON-02) (AMAZON-02)
323	65

1 84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.96.203.13 (Fort Scott, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:6c00::210:ba1b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.64.31.222 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-31-222.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d-8076783033038022112.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b901:e1d1:5b35:d046:4c40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:a11f (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:8600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:c::5c7b:680f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-20.fra56.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3605:3da9:ce9e:b459:fe7e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a2c7834c0170e5cd782ac29214576d8c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
177d726dc3143343d3ae16e8bf27df81.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.249.242.97 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-242-97.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.139.171 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-139-171.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.230.50 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.203.130.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 144.76.104.53 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal900022.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.41.237.64 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-237-64.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.147.178 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-147-178.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.237 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:f600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.130.95.23 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-130-95-23.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 930 trc.taboola.com — Cisco Umbrella Rank: 658 vidstat.taboola.com — Cisco Umbrella Rank: 2663 am-trc-events.taboola.com — Cisco Umbrella Rank: 16345 images.taboola.com — Cisco Umbrella Rank: 1995 imprammp.taboola.com — Cisco Umbrella Rank: 15245 am-match.taboola.com — Cisco Umbrella Rank: 15345 wf.taboola.com — Cisco Umbrella Rank: 2803 am-vid-events.taboola.com — Cisco Umbrella Rank: 14437 vidstatb.taboola.com — Cisco Umbrella Rank: 4739 pips.taboola.com — Cisco Umbrella Rank: 1593 cds.taboola.com — Cisco Umbrella Rank: 1803	2 MB
57	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 94 a2c7834c0170e5cd782ac29214576d8c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 137 177d726dc3143343d3ae16e8bf27df81.safeframe.googlesyndication.com	580 KB
33	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 74 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 352 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 381606	509 KB
13	google.com adservice.google.com — Cisco Umbrella Rank: 70 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1952 www.google.com — Cisco Umbrella Rank: 2	15 KB
11	mediamathtag.com s.update.mediamathtag.com — Cisco Umbrella Rank: 9734	59 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 292	250 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 357	218 KB
9	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 32421 hal900022.redintelligence.net — Cisco Umbrella Rank: 335965	58 KB
9	rubiconproject.com eus.rubiconproject.com — Cisco Umbrella Rank: 577 token.rubiconproject.com — Cisco Umbrella Rank: 566	34 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 523 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 444	5 KB
6	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 16802 e3.adpushup.com — Cisco Umbrella Rank: 18244	246 KB
6	aralego.com 1 redirects ads.aralego.com — Cisco Umbrella Rank: 27814 sync.aralego.com — Cisco Umbrella Rank: 2959	4 KB
5	mathtag.com 1 redirects tags.mathtag.com — Cisco Umbrella Rank: 3879 sync.mathtag.com — Cisco Umbrella Rank: 479 pixel.mathtag.com — Cisco Umbrella Rank: 987	4 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2587	824 B
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 573	3 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 9108	940 B
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 304	1 KB
4	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 14458	42 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19329 api.webgains.io — Cisco Umbrella Rank: 54433	31 KB
3	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 59933 medialead.de — Cisco Umbrella Rank: 59904	910 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 211	3 KB
3	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 428	1 KB
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 64387 sync.logly.co.jp — Cisco Umbrella Rank: 73306	1 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 26358 audiencedata.im-apps.net — Cisco Umbrella Rank: 31050	4 KB
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1033 pixel.quantserve.com — Cisco Umbrella Rank: 799 cms.quantserve.com — Cisco Umbrella Rank: 690	10 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	122 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 773 s.tribalfusion.com — Cisco Umbrella Rank: 1977	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 299	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 351	962 B
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2707	207 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	105 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 945	914 B
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 708	60 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 160	3 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 26960	11 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 58140	437 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 725	443 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 619	539 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 18068	705 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 32690	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 159753	931 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1839	173 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 920	634 B
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 25699	2 KB
1	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9553	253 B
1	ampproject.net d-8076783033038022112.ampproject.net
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 420	288 B
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 112463	16 KB
1	bg3.co www.bg3.co static.bg3.co Failed	16 KB
323	51

	Domain	Requested by
36	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
20	cdn.taboola.com	www.bg3.co cdn.taboola.com
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com www.bg3.co googleads.g.doubleclick.net s0.2mdn.net
17	am-trc-events.taboola.com	www.bg3.co
14	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
14	images.taboola.com	www.bg3.co
11	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
11	s0.2mdn.net	www.bg3.co s0.2mdn.net
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
9	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net cdn.aralego.net
6	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
6	eus.rubiconproject.com	am-match.taboola.com imprammp.taboola.com eus.rubiconproject.com
6	adservice.google.com	cdn.ampproject.org securepubads.g.doubleclick.net pagead2.googlesyndication.com 5994599.fls.doubleclick.net
5	hal900022.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900022.redintelligence.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
4	c1.adform.net	4 redirects
4	hal9000.redintelligence.net	www.bg3.co hal900022.redintelligence.net
4	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	match.adsrvr.org	am-match.taboola.com imprammp.taboola.com googleads.g.doubleclick.net
4	www.google-analytics.com	cdn.ampproject.org www.bg3.co
4	cdn.aralego.net	www.bg3.co ads.aralego.com
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	token.rubiconproject.com	eus.rubiconproject.com
3	pr-bh.ybp.yahoo.com	am-match.taboola.com imprammp.taboola.com
3	sync.aralego.com	ads.aralego.com www.bg3.co
3	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com adv.office-partner.de
3	trc.taboola.com	cdn.taboola.com www.bg3.co
3	ads.aralego.com	1 redirects ads.aralego.com
2	api.webgains.io	analytics.webgains.io
2	fonts.gstatic.com	fonts.googleapis.com
2	5994599.fls.doubleclick.net	1 redirects www.bg3.co
2	pv.medialead.de	hal900022.redintelligence.net googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	www.bg3.co
2	x.bidswitch.net	2 redirects
2	eb2.3lift.com	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	am-vid-events.taboola.com	www.bg3.co
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	code.jquery.com	delivery.adrecover.com cdn.adpushup.com
2	sb.scorecardresearch.com	cdn.taboola.com www.bg3.co
2	delivery.adrecover.com	www.bg3.co
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	fonts.googleapis.com	hal900022.redintelligence.net
1	s.ad.smaato.net	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	www.awin1.com	googleads.g.doubleclick.net
1	medialead.de	1 redirects
1	track.webgains.com	www.bg3.co
1	adv.office-partner.de	hal900022.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	tr.blismedia.com	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	177d726dc3143343d3ae16e8bf27df81.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	vidstatb.taboola.com	www.bg3.co
1	a2c7834c0170e5cd782ac29214576d8c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	audiencedata.im-apps.net	dmp.im-apps.net
1	imprammp.taboola.com	vidstat.taboola.com
1	l.logly.co.jp	nt.compass-fit.jp
1	pixel.quantserve.com	www.bg3.co
1	rules.quantcount.com	secure.quantserve.com
1	stats.g.doubleclick.net	cdn.ampproject.org
1	secure.quantserve.com	cdn.adpushup.com
1	amp.analytics-debugger.com	cdn.ampproject.org
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	e3.adpushup.com	www.bg3.co
1	http-intake.logs.datadoghq.com	cdn.adpushup.com
1	d-8076783033038022112.ampproject.net	cdn.ampproject.org
1	gum.criteo.com	cdn.taboola.com
1	nt.compass-fit.jp	www.bg3.co
1	www.bg3.co
0	static.bg3.co Failed	www.bg3.co
323	88

This site contains links to these domains. Also see Links.

Domain
www.combatsiege.com
popup.taboola.com
news.de.exaude.com
trc.taboola.com
shefence-citional.com
bredings-person.com
maximparerurehab.com

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G2	`2022-05-20` - `2023-06-21`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
cdn.adpushup.com R3	`2023-04-05` - `2023-07-04`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.analytics-debugger.com GTS CA 1P5	`2023-03-22` - `2023-06-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-04-10` - `2023-07-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
redintelligence.net R3	`2023-04-10` - `2023-07-09`	3 months	crt.sh
update.mediamathtag.com R3	`2023-04-20` - `2023-07-19`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
pv.medialead.de R3	`2023-04-15` - `2023-07-14`	3 months	crt.sh
adv.office-partner.de R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh

This page contains 36 frames:

Primary Page: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Frame ID: 4F207D78CBCB5750220CFA9E08402088
Requests: 144 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: B000A61FF43006F29AD0C6612D7062F6
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: BA04A2C79A4C11DDE8360B68FF4FB22F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 3E7633B4A488537E6C161F9E4C2B0C25
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 32C7CFB952B12556D4B7931FDDC2ECCF
Requests: 8 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&cmcv=&pix=undefined&cb=1683577624287&uv=3273&tms=1683577624287&abt=dfrc_vB!eidc_vB!esv_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=60ae713b-52e3-4ef8-acc8-f03543299257&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: FC35C20195FAC21DF03A968207973819
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 3DCA45C54D05267F7A643E5F422D7FE9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 57382687C27FB213D0D1A92849124912
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 2882553F0859AF91F74F18FBF5D63DC5
Requests: 3 HTTP requests in this frame

Frame: https://a2c7834c0170e5cd782ac29214576d8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 2B5B53A75A2472970FA0B6FEAB46CF5B
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 939CF84D2D65F253C8F1589235B8E46F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 1793F4C88B6F8C6413932B14F179EF5B
Requests: 3 HTTP requests in this frame

Frame: https://177d726dc3143343d3ae16e8bf27df81.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A3E46645A0C559648D911D596116658A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683577624413&bpp=15&bdt=667&idt=279&shv=r20230504&mjsv=m202305030101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=2&ga_vid=2126600658.1683577625&ga_sid=1683577625&ga_hid=338400775&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3718&biw=1600&bih=1200&isw=336&ish=280&ifk=2206411751&scr_x=0&scr_y=0&eid=44759842%2C44773809%2C44759927%2C44759876%2C31074330%2C31074431%2C42531705%2C44788441%2C44789925&oid=2&pvsid=3050135006661982&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dj52destmvw2&btvi=1&fsb=1&dtd=338
Frame ID: 6AA312247FF34D774EC0CD061F68B613
Requests: 1 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: D69EE3D6AA6C5FE3CE67A9F1056293FF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293
Frame ID: F0A509F38559EBC2C93F68F6E70DF62F
Requests: 32 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C2F1F0E9D93137464E516CBC152D4591
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7ADC10EBA175CAC1E170EE175980C06
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CD33AFEA2C5484A21B479D740406150E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E72AA2E80A26A79E669AF552E505B6D6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C368A9AA9C74055F05DB5EE6EA7B5CE5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE2FE6920CA61FCF4886D54A58CBAA44
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DA9A3C963199A14E9AA6F9FC56D498BA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C4930335BB077A1A06CCA36CF7727017
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjs8rHlATAB&v=APEucNUrFegtp8WnRQLySztFtRVsAdTSQkyp-5IrKnJiFm7S-vyP6UCi4XzLmQv6CpYjt-X7RiKQmZqsNdF20yUkPqeWCiq07Cev51DDLaZw2bntP9JMxz_aRvMytpZwk5FDjyosxy_inaouvjt2wQW9DL6cmNudC65L90Zu_ZBl-_6nRcJ2PwM
Frame ID: A44DCCABCF16F806359BF4D8A5940662
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 2E2C3E4C3122F908C961784C83C502D5
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AA1C5C39C9092DDB3A8327F121043D55
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A8256A58901FCAD6C32FFB2FA748D74A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=I8aMpL1D2o&t=1&renderingType=2&ev=01_250
Frame ID: F320451B521FA766299AD0013B42A08B
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
Frame ID: E844759A1496D32E8DB4844B7726AEE2
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=80959700206410000951407012318022&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=
Frame ID: BFFB5DC14B9B052DBD168D7B2F1C5A79
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 4C252E60ACAC730FAFEA08AC978085AB
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGbl7PH5v4CFQZ2GQodOwQG5Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2962304987686.5815
Frame ID: 8035DFB56BFCD1287915986261A9C261
Requests: 2 HTTP requests in this frame

Frame: https://hal900022.redintelligence.net/request_content.php?s=80959700206410000951407012318022&a=df83deac
Frame ID: 7FBFDD704324D18CC7E29C32BE0B3569
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 73E55C3DEF59401722AF5359F54DC8A3
Requests: 9 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/c0dde6d1-8cec-446e-9e90-e4264c83c8df
Frame ID: F150F5961A8A017EA93200F8542644F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

日月光K7停工影響營收不到3%　陳菊開鍘速度引爭辯 - 天天要聞

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

323
Requests

88 %
HTTPS

48 %
IPv6

51
Domains

88
Subdomains

65
IPs

14
Countries

4565 kB
Transfer

12471 kB
Size

33
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.combatsiege.com/
Title: CombatSiege

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://news.de.exaude.com/ss/p
Title: Ferienhäuser | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ri=2f39fa23ba358cbb72e629817e82268f&sd=v2_563204d95e2a379c4ba44ff8ac4ca9ab_3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097_1683577623_1683577623_CNawjgYQ2YJdGJWmr-j_MCABKAEwODib4wlAhIoQSN3O3gNQ____________AVgAYABoqYjV2dyl_vpfcAA&ui=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&it=text&ii=~~V1~~-1323381761240606595~~JJJDEdICyV4yIjFXc_S1O-Iyr4_FjPiKXepDaYCqYhb6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2R2PQdTd2KJk99S2jU8Ak8qC_BPcoqoPIMeWLv2SHBd5Bs76qX-OxxmFSNHZRulf6335JyUpoDQWuuLi1-DNuCtyyepEXvwE8Zfbtm3zQ8XxNDP-wq96NB_U7ffnITuSE&pt=text&li=rbox-t2v&sig=8f5e86c508522ad13f6c909b4b7ed73e32d3c5abe032&redir=https%3A%2F%2Fnews.de.exaude.com%2Fss%2Fp%3Fsrc%3Dtabnos%26Campname%3D5580%257C%257C24463342%26campaign%3D1524057%26Network%3Dcontent%26camptype%3Dsh%26ad%3D123%26SiteTarget%3D%26q%3Dexklusive%2Bferienhauser%2Bdanemark%2Bnordsee%26tbclid%3DGiAlZsSZrSt9u1asjoyJ-uD5sEcBJwVeiBAFHOBi4GLwzSCt61YoiPeKzKOAgOzAAQ%26abtd%3D1%26nkp%3D1%26tblci%3DGiAlZsSZrSt9u1asjoyJ-uD5sEcBJwVeiBAFHOBi4GLwzSCt61YoiPeKzKOAgOzAAQ%23tblciGiAlZsSZrSt9u1asjoyJ-uD5sEcBJwVeiBAFHOBi4GLwzSCt61YoiPeKzKOAgOzAAQ&vi=1683577623317&p=youniversalnew-de-sc&r=7&lti=deflated&ppb=CKAD&cpb=EhIyMDIzMDUwOC02LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE4MDiA3s6gBUCb4wlIhIoQUN3O3gNY____________AWMIxzAQqkYYMGRjCMU-EOBSGDJkYwjXFhDVHxgjZGMIvBcQ6iAYJGRjCNIDEOAGGAhkYwiWFBCaHBgYZGMIm0IQxVcYOGRjCPY6EJZOGDlkYwjvAxCJBxgJZGMI9BQQnh0YH2RjCIVCEKpXGA9kYwikJxCDNRgvZHgBgAECiAHInvPsAZABHJgBsqav6P8w&cta=true
Title: Jetzt Anschauen

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/c351a234-e6d9-4bf6-800c-f99fb09a6b14
Title: Prostata Gesundheit

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ri=2f39fa23ba358cbb72e629817e82268f&sd=v2_563204d95e2a379c4ba44ff8ac4ca9ab_3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097_1683577623_1683577623_CNawjgYQ2YJdGJWmr-j_MCABKAEwODib4wlAhIoQSN3O3gNQ____________AVgAYABoqYjV2dyl_vpfcAA&ui=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&it=text&ii=~~V1~~5922780736696773171~~qZlIrozG6NgCFkfNA_TVxJgsIK_tXJCvae_aso105Wb6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWAp-3Jybkbg7ntaoS2VbkfQGUkHQ3_G_JxGjhw9TrdPb_HE79lMnEshhClK6-ItHTlNH3EBEsSbolrdhJgUTJ0SUnfDueH3AwhvTfauyFTuVnIBhMVuagGFjnMgWNrlFAIZP_i9LZKu_ggO1pOkCHLlR68a6NJ_zQ943sZ8YYZBnqrRCAgo3TQ5tCf9lfc30se5yyCnVPrUvRPHX3xjkTNeTS8Maux2jWC1gRU3nx5A7g8sGtPAiGym1y2qd2FJ3xjtkG6--vUGcZQ8395OOEEk&pt=text&li=rbox-t2v&sig=c642285a662ddcd3c25565e016ced30e1f025894b394&redir=https%3A%2F%2Fshefence-citional.com%2Fc351a234-e6d9-4bf6-800c-f99fb09a6b14%3Futm_source%3Dtb%26utm_campaign%3DDE_dkV0423%26utm_term%3Dpalmate-bg3co%26utm_content%3D3684034530%26t%3DGiAlZsSZrSt9u1asjoyJ-uD5sEcBJwVeiBAFHOBi4GLwzSDHwlgosoSErerb3LfbAQ%26dt%3Dtb%26tblci%3DGiAlZsSZrSt9u1asjoyJ-uD5sEcBJwVeiBAFHOBi4GLwzSDHwlgosoSErerb3LfbAQ%23tblciGiAlZsSZrSt9u1asjoyJ-uD5sEcBJwVeiBAFHOBi4GLwzSDHwlgosoSErerb3LfbAQ&vi=1683577623317&p=2mmedia-prosta-sc&r=66&lti=deflated&ppb=CKAD&cpb=EhIyMDIzMDUwOC02LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE4MDiA3s6gBUCb4wlIhIoQUN3O3gNY____________AWMIxzAQqkYYMGRjCMU-EOBSGDJkYwjXFhDVHxgjZGMIvBcQ6iAYJGRjCNIDEOAGGAhkYwiWFBCaHBgYZGMIm0IQxVcYOGRjCPY6EJZOGDlkYwjvAxCJBxgJZGMI9BQQnh0YH2RjCIVCEKpXGA9kYwikJxCDNRgvZHgBgAECiAHInvPsAZABHJgBsqav6P8w&cta=true
Title: Angebot einhole

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/7d579126-4d18-4d00-912f-43f83ac27ee6
Title: NutraFlex Nahrungsergänzungsmittel

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://bredings-person.com/5a473ce2-ade4-4565-bd4f-c622c94994cf
Title: Blutdruck-Helfer

Search URL Search Domain Scan URL

URL: https://maximparerurehab.com/f7969814-6f4e-42db-b968-2d8d11f44561
Title: Das Immobilienportal

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ri=369157d0d66c61607f5925440bbb1874&sd=v2_563204d95e2a379c4ba44ff8ac4ca9ab_3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097_1683577623_1683577623_CNawjgYQ2YJdGJWmr-j_MCABKAEwODib4wlAhIoQSN3O3gNQ____________AVgAYABoqYjV2dyl_vpfcAA&ui=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&it=text&ii=~~V1~~4708519875659337259~~oYRGvwJitzQHpHZ1OLetenGb3YOXjkZHX6LbikBfK5v6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQW0OKu3VbaFI1uOBK2OWbXOhlo6TqWritVMGNgX6wrCus8nkvilqDooLAe1HKDwTL8eF7DlpaKqURSZ8EWZlZVwTfYGrgdt89DcQmKRCk85H2fjxRl8kko-htcJLMmzeokL7iGWlzm6lHsottHq7aGKztmEgfwuzs6rMBgnUMeiYuVguSiF4uU_Owid1Lk8lwoaY6F-J9t7H0hXjPc47oo-cYhDHdd4ZguSqA4BwHtIgXAiB5RNsgK_XycSKjzR-NcpXOZ1o0odLfift0SRdjUp1fhu4SZeKcLMikPvcAHbcRuDNHwAnCXxtGKqJN5CZb&pt=text&li=rbox-t2v&sig=08e2f487318f6ae06eb44008422a011aa079c4aa9360&redir=https%3A%2F%2Fmaximparerurehab.com%2Ff7969814-6f4e-42db-b968-2d8d11f44561%3Fsite%3Dpalmate-bg3co%26title%3DHausbesitzer%2Bsollten%2B2023%2Bdiesen%2B%2522Verkaufs-Trick%2522%2Bkennen%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Fff0d87882cc75942e3cb3727552f6832.jpg%26campaign%3DDE_Immo_Desktop1%26utm_content%3D3678905695%26conversionname%3DLead%26click_id%3DGiAlZsSZrSt9u1asjoyJ-uD5sEcBJwVeiBAFHOBi4GLwzSD45VwoxKDqtdfxveRc%26utm_medium%3Ddis_nat%26utm_source%3Dtaboola%26tblci%3DGiAlZsSZrSt9u1asjoyJ-uD5sEcBJwVeiBAFHOBi4GLwzSD45VwoxKDqtdfxveRc%23tblciGiAlZsSZrSt9u1asjoyJ-uD5sEcBJwVeiBAFHOBi4GLwzSD45VwoxKDqtdfxveRc&vi=1683577623317&p=wattfoxgmbh-new-immobilien1-sc&r=21&lti=deflated&ppb=CKUG&cpb=EhIyMDIzMDUwOC02LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE4MDiA3s6gBUCb4wlIhIoQUN3O3gNY____________AWMIxzAQqkYYMGRjCMU-EOBSGDJkYwjXFhDVHxgjZGMIvBcQ6iAYJGRjCNIDEOAGGAhkYwiWFBCaHBgYZGMIm0IQxVcYOGRjCPY6EJZOGDlkYwjvAxCJBxgJZGMI9BQQnh0YH2RjCIVCEKpXGA9kYwikJxCDNRgvZHgBgAECiAHInvPsAZABHJgBsqav6P8w&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-em-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ri=f5d2dd6807675427a550a3a7511e18b6&sd=v2_563204d95e2a379c4ba44ff8ac4ca9ab_3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097_1683577623_1683577623_CNawjgYQ2YJdGJWmr-j_MCABKAEwODib4wlAhIoQSN3O3gNQ____________AVgAYABoqYjV2dyl_vpfcAA&ui=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&it=text&ii=~~V1~~-1323381761240606595~~Sgv_O7iQ8qZkANgoBCZS-uIyr4_FjPiKXepDaYCqYhb6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO24zdLQf6RMmyk96g6CBuV46C_BPcoqoPIMeWLv2SHBd5Bs76qX-OxxmFSNHZRulf6335JyUpoDQWuuLi1-DNuCtyyepEXvwE8Zfbtm3zQ8XxNDP-wq96NB_U7ffnITuSE&pt=text&li=rbox-t2v&sig=f3d26b9a6dd9ad8496c3ae17e20de06b7a6a10c952bb&redir=https%3A%2F%2Fnews.de.exaude.com%2Fss%2Fp%3Fsrc%3Dtabnos%26Campname%3D5580%257C%257C24463342%26campaign%3D1524057%26Network%3Dcontent%26camptype%3Dsh%26ad%3D123%26SiteTarget%3D%26q%3Dexklusive%2Bferienhauser%2Bdanemark%2Bnordsee%26tbclid%3DGiAlZsSZrSt9u1asjoyJ-uD5sEcBJwVeiBAFHOBi4GLwzSCt61YoteHW4tGQoImZAQ%26abtd%3D1%26nkp%3D1%26tblci%3DGiAlZsSZrSt9u1asjoyJ-uD5sEcBJwVeiBAFHOBi4GLwzSCt61YoteHW4tGQoImZAQ%23tblciGiAlZsSZrSt9u1asjoyJ-uD5sEcBJwVeiBAFHOBi4GLwzSCt61YoteHW4tGQoImZAQ&vi=1683577623317&p=youniversalnew-de-sc&r=74&lti=deflated&ppb=CIIF&cpb=EhIyMDIzMDUwOC02LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE4MDiA3s6gBUCb4wlIhIoQUN3O3gNY____________AWMIxzAQqkYYMGRjCMU-EOBSGDJkYwjXFhDVHxgjZGMIvBcQ6iAYJGRjCNIDEOAGGAhkYwiWFBCaHBgYZGMIm0IQxVcYOGRjCPY6EJZOGDlkYwjvAxCJBxgJZGMI9BQQnh0YH2RjCIVCEKpXGA9kYwikJxCDNRgvZHgBgAECiAHInvPsAZABHJgBsqav6P8w&cta=true
Title: Jetzt Anschauen

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ri=f5d2dd6807675427a550a3a7511e18b6&sd=v2_563204d95e2a379c4ba44ff8ac4ca9ab_3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097_1683577623_1683577623_CNawjgYQ2YJdGJWmr-j_MCABKAEwODib4wlAhIoQSN3O3gNQ____________AVgAYABoqYjV2dyl_vpfcAA&ui=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&it=text&ii=~~V1~~5922780736696773171~~0ehLX6jdsmD9voDhE9QlApgsIK_tXJCvae_aso105Wb6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWAp-3Jybkbg7ntaoS2VbkfQGUkHQ3_G_JxGjhw9TrdPb_HE79lMnEshhClK6-ItHTlNH3EBEsSbolrdhJgUTJ0SUnfDueH3AwhvTfauyFTuVnIBhMVuagGFjnMgWNrlFAIZP_i9LZKu_ggO1pOkCHLl_o3YVscSgE0s9XGELhcbzKrRCAgo3TQ5tCf9lfc30se5yyCnVPrUvRPHX3xjkTNeTS8Maux2jWC1gRU3nx5A7g8sGtPAiGym1y2qd2FJ3xjtkG6--vUGcZQ8395OOEEk&pt=text&li=rbox-t2v&sig=13731dd97ed9922039b7e94dc9e76f5e4637e0c75830&redir=https%3A%2F%2Fshefence-citional.com%2Fc351a234-e6d9-4bf6-800c-f99fb09a6b14%3Futm_source%3Dtb%26utm_campaign%3DDE_dkV0423%26utm_term%3Dpalmate-bg3co%26utm_content%3D3684034530%26t%3DGiAlZsSZrSt9u1asjoyJ-uD5sEcBJwVeiBAFHOBi4GLwzSDHwlgotOXtnq7Sj7GuAQ%26dt%3Dtb%26tblci%3DGiAlZsSZrSt9u1asjoyJ-uD5sEcBJwVeiBAFHOBi4GLwzSDHwlgotOXtnq7Sj7GuAQ%23tblciGiAlZsSZrSt9u1asjoyJ-uD5sEcBJwVeiBAFHOBi4GLwzSDHwlgotOXtnq7Sj7GuAQ&vi=1683577623317&p=2mmedia-prosta-sc&r=10&lti=deflated&ppb=CIIF&cpb=EhIyMDIzMDUwOC02LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE4MDiA3s6gBUCb4wlIhIoQUN3O3gNY____________AWMIxzAQqkYYMGRjCMU-EOBSGDJkYwjXFhDVHxgjZGMIvBcQ6iAYJGRjCNIDEOAGGAhkYwiWFBCaHBgYZGMIm0IQxVcYOGRjCPY6EJZOGDlkYwjvAxCJBxgJZGMI9BQQnh0YH2RjCIVCEKpXGA9kYwikJxCDNRgvZHgBgAECiAHInvPsAZABHJgBsqav6P8w&cta=true
Title: Angebot einhole

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvcIaf9UxIM9PT_PBejmtc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvcIaf9UxIM9PT_PBejmtc&google_cver=1&C=1

Request Chain 219

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFlbGWHiat0qAc-1amvx-AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvcIaf9UxIM9PT_PBejmtc&google_cver=1

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBnIQi0UUzudr4CVVb-ZRXg&google_cver=1

Request Chain 221

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkwMTM0NzgxODczMzExMTYxMA%3D%3D

Request Chain 239

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECJAnYd9HFXs35XwtDS6krk&google_cver=1&google_push=ATf1kGO_Mqsddav_e4CgpDxFJkilUO526kZzJq4icG-m0X0asjk744QjqVeKASaIjjkDDzz_JC1KechELTiFjrvLSULMGkL2w4oSjQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO_Mqsddav_e4CgpDxFJkilUO526kZzJq4icG-m0X0asjk744QjqVeKASaIjjkDDzz_JC1KechELTiFjrvLSULMGkL2w4oSjQ

Request Chain 242

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMQF6taL2SXgN0Zxf5gea28&google_cver=1&google_push=ATf1kGPEKJel6wVBqVYmIpYbPtW-sgUExQy_uXy_NzcQv1XYkXjb2RQq4RSsWpB5pQSvCIVy56QgaHJ_NgTArJTvMGJzo-pKWLb66A HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGPEKJel6wVBqVYmIpYbPtW-sgUExQy_uXy_NzcQv1XYkXjb2RQq4RSsWpB5pQSvCIVy56QgaHJ_NgTArJTvMGJzo-pKWLb66A&google_gid=CAESEMQF6taL2SXgN0Zxf5gea28 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkwOTI5NjA4NDM2ODA3NDMwMjIwOA%3D%3D&google_push=ATf1kGPEKJel6wVBqVYmIpYbPtW-sgUExQy_uXy_NzcQv1XYkXjb2RQq4RSsWpB5pQSvCIVy56QgaHJ_NgTArJTvMGJzo-pKWLb66A

Request Chain 243

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEASiYT4y-eL1051tOc0a5Ok&google_cver=1&google_push=ATf1kGOQAz3gta0-VR8v0h2wn8BTwSVti2md5RpzJXLOUk7dDIvFbFV0ysbUr7PMFwO5efYvrsVUrOv-hBL76_tCpCC3fLfuwGVRIQ8 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEASiYT4y-eL1051tOc0a5Ok&google_cver=1&google_push=ATf1kGOQAz3gta0-VR8v0h2wn8BTwSVti2md5RpzJXLOUk7dDIvFbFV0ysbUr7PMFwO5efYvrsVUrOv-hBL76_tCpCC3fLfuwGVRIQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=69860ae3-fbb0-4d79-8078-bcdcceb382cf&%%GOOGLE_PUSH_PAIR%%

Request Chain 276

https://hal900022.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f02d492718&subid=&uid=15bedaca7602c5db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJXOUwhufdRQGqFV7DxXzfQ%26exch_seat%3D20035004448%26mt_aid%3D4115199452894188585%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D95d76459-5b19-4401-9699-99bbbdaa7432%26mt_cid%3D95d76459-5b19-4401-9699-99bbbdaa7432%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCfvy_GFtZZM3KOp6Rpt8Pr4GPsA3Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBJoCT9ACQTGdB5hT6YMklfAdkNbm1Gxcrbz7--Sco6Cbe8EMfBaQPs1BHKqZ6TMJ3uHD8aLCxAr_TfIIvgJ4CKEFbFN8duPHPUPl1ktm61z3y9wGnv-zh3D-Fspai9W8R1Fg-4710v72-_2ya04DPyzxuf_L26NiFpY9quISAXAUM8CXlz0sBuaoH0N0yOIGfPxYKim1m5vftdiDhXMk0BmK1Q_ZkXFJSwvW1uBF1vgeGHIUcYdUe0xJJQDe9s2YEb76kRGsBg7lz4Y9-6206yVlXOm9MQ3TGNm3onJylT6VukGaiQQNk5x6m5028UhalUOU4rA-W6GiItcXXjddM07J4iXhiTJ7NEcrqJ6S5m4ub4ovPkx9OnMCTfGRgAbJkfea2dCvrdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_27mxvmS9yBySnFwexUwStPCp_JnA%2526client%253Dca-pub-4485239425924787%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8848723791683&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900022.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f02d492718&subid=&uid=15bedaca7602c5db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJXOUwhufdRQGqFV7DxXzfQ%26exch_seat%3D20035004448%26mt_aid%3D4115199452894188585%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D95d76459-5b19-4401-9699-99bbbdaa7432%26mt_cid%3D95d76459-5b19-4401-9699-99bbbdaa7432%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCfvy_GFtZZM3KOp6Rpt8Pr4GPsA3Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBJoCT9ACQTGdB5hT6YMklfAdkNbm1Gxcrbz7--Sco6Cbe8EMfBaQPs1BHKqZ6TMJ3uHD8aLCxAr_TfIIvgJ4CKEFbFN8duPHPUPl1ktm61z3y9wGnv-zh3D-Fspai9W8R1Fg-4710v72-_2ya04DPyzxuf_L26NiFpY9quISAXAUM8CXlz0sBuaoH0N0yOIGfPxYKim1m5vftdiDhXMk0BmK1Q_ZkXFJSwvW1uBF1vgeGHIUcYdUe0xJJQDe9s2YEb76kRGsBg7lz4Y9-6206yVlXOm9MQ3TGNm3onJylT6VukGaiQQNk5x6m5028UhalUOU4rA-W6GiItcXXjddM07J4iXhiTJ7NEcrqJ6S5m4ub4ovPkx9OnMCTfGRgAbJkfea2dCvrdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_27mxvmS9yBySnFwexUwStPCp_JnA%2526client%253Dca-pub-4485239425924787%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8848723791683&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 280

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2962304987686.5815 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGbl7PH5v4CFQZ2GQodOwQG5Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2962304987686.5815

Request Chain 282

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=80959700206410000951407012318022&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=80959700206410000951407012318022&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=

Request Chain 289

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKCTYsxukVKHk33DwCg8xGU&google_cver=1&google_push=ATf1kGMrqqO2Xu9vpBgePUM_aUKgYBe63f0DXddbQLm6Cpl7YGEU1et0fxsiYrodwmw1qq8F-Cem_sbGof1xZOP0ksHxwXse0Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMrqqO2Xu9vpBgePUM_aUKgYBe63f0DXddbQLm6Cpl7YGEU1et0fxsiYrodwmw1qq8F-Cem_sbGof1xZOP0ksHxwXse0Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKCTYsxukVKHk33DwCg8xGU&google_cver=1&google_push=ATf1kGMrqqO2Xu9vpBgePUM_aUKgYBe63f0DXddbQLm6Cpl7YGEU1et0fxsiYrodwmw1qq8F-Cem_sbGof1xZOP0ksHxwXse0Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMrqqO2Xu9vpBgePUM_aUKgYBe63f0DXddbQLm6Cpl7YGEU1et0fxsiYrodwmw1qq8F-Cem_sbGof1xZOP0ksHxwXse0Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 290

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJ-swWML9-zsDb4jg84eap4&google_cver=1&google_push=ATf1kGNcWfapEg3rpA3A6qt32Cdo6JPdsAPCt7m6llNQGm04obIBLN3vmcAF7kYzzfItWKi-sJ-1cQOk5jFcrG3YTbIPWTDn-GI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJ-swWML9-zsDb4jg84eap4&google_push=ATf1kGNcWfapEg3rpA3A6qt32Cdo6JPdsAPCt7m6llNQGm04obIBLN3vmcAF7kYzzfItWKi-sJ-1cQOk5jFcrG3YTbIPWTDn-GI

Request Chain 291

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN-evpH7T1mLmYvYFG_GIsk&google_cver=1&google_push=ATf1kGMFevFNQZglS82N-kz6YOZ2udCnlJuwmZ-hB4-kX9zHJa2qGWSkS4j8hzbfti8O3FNnLCBs7ixUvKN1ZYS_oZbVLy35FQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN-evpH7T1mLmYvYFG_GIsk&google_cver=1&google_push=ATf1kGMFevFNQZglS82N-kz6YOZ2udCnlJuwmZ-hB4-kX9zHJa2qGWSkS4j8hzbfti8O3FNnLCBs7ixUvKN1ZYS_oZbVLy35FQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc1ODQ4NzMxNzc3MTQ3MzQ1Ng&google_push=ATf1kGMFevFNQZglS82N-kz6YOZ2udCnlJuwmZ-hB4-kX9zHJa2qGWSkS4j8hzbfti8O3FNnLCBs7ixUvKN1ZYS_oZbVLy35FQ

Request Chain 292

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN-evpH7T1mLmYvYFG_GIsk&google_cver=1&google_push=ATf1kGNCQmNewJGeGdHN3-VK-o2ZiCIxhWylyZALNAyNxeM8V1xtaN_KslmaKFgwL2IkoKukxRcKpjwh0BvkNLH1MbPYN5rRj3A HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN-evpH7T1mLmYvYFG_GIsk&google_cver=1&google_push=ATf1kGNCQmNewJGeGdHN3-VK-o2ZiCIxhWylyZALNAyNxeM8V1xtaN_KslmaKFgwL2IkoKukxRcKpjwh0BvkNLH1MbPYN5rRj3A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY5NDUzODEzNTM3MDA5MDg5OA&google_push=ATf1kGNCQmNewJGeGdHN3-VK-o2ZiCIxhWylyZALNAyNxeM8V1xtaN_KslmaKFgwL2IkoKukxRcKpjwh0BvkNLH1MbPYN5rRj3A

Request Chain 293

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE_ZoiNI7cNaL2ERAM8BVVM&google_cver=1&google_push=ATf1kGPGV3RPeLBAvIskuX6d5kjf1xp7mKJArkgwBl9oti48-Hq8rWUVEa9kaa1HVn4UqNUUeh0GA5h44Jh55yDbDgD5kufT-8w HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE_ZoiNI7cNaL2ERAM8BVVM&google_hm=ZFlbGWHiat0qAc_1amvx_QAAFIgAAAAB&google_nid=index&google_push=ATf1kGPGV3RPeLBAvIskuX6d5kjf1xp7mKJArkgwBl9oti48-Hq8rWUVEa9kaa1HVn4UqNUUeh0GA5h44Jh55yDbDgD5kufT-8w

Request Chain 294

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDS3a3aj3pdiKndecdOohjI&google_cver=1&google_push=ATf1kGNteUYUOnzb3SwQfVFf2Eg3irH2eF-Lqw3wc_QjbDCnhEjO-YUJJBAC8dyZfBNYFynW7SZMH_oGkLT-wWa7f3wXWrdAZB8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNteUYUOnzb3SwQfVFf2Eg3irH2eF-Lqw3wc_QjbDCnhEjO-YUJJBAC8dyZfBNYFynW7SZMH_oGkLT-wWa7f3wXWrdAZB8

323 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html Show response
www.bg3.co/a/ 56 KB
16 KB 1767ms
976ms Document
text/html 84.17.37.44
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-37-44.cdn77.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e9fc42113544a86cf4055746168fe437292dbf28628587bf145760a3ada4bcd8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=900
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 08 May 2023 20:27:02 GMT
ETag: "dfd8-wIOToCHg1m7Nz6+cHyDzs7hGnS4"
Expires: Mon, 08 May 2023 20:42:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
72 KB 103ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd3270350f98cdf90fe632ae7b80707804060f8f65e3069a5a9330035b67d575

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 08 May 2023 20:27:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72817
x-xss-protection: 0
server: sffe
etag: "b9fb545d5345d61e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 08 May 2023 20:27:03 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 125ms
52ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452a33c0a5c956b541f0297af3f01aec8b92c830cc1748773b69b15a77e0efc1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 08 May 2023 20:27:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9670
x-xss-protection: 0
server: sffe
etag: "44700fb3502be4ba"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 08 May 2023 20:27:03 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
7 KB 115ms
65ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b3f98f15a20ea4c69b4ed885e12395a1e63605d125fe9d393a78e0faabb0c42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 08 May 2023 20:27:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7582
x-xss-protection: 0
server: sffe
etag: "7689f9744eda3de2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 08 May 2023 20:27:03 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
39 KB

88ms
29ms

Script
application/octet-stream

2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1632
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39829
last-modified: Tue, 25 Apr 2023 05:37:58 GMT
server: cloudflare
etag: "64476736-9b95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4oOVcvgLDc79qhIiINigeCl%2Fn2AkCXowCaBRUV8mUWfQyHM8RTyfI89ETUu94rqRZqeIVs5k3p5%2F3RZ7tMcsfMkDEt7PFrquuzgGXg7xudquVWGBFixILKW%2FQ6y%2BIlmWDdV2ENrkZjeMYh8Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c4470f3cc1718ef-FRA

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 36 KB
10 KB 236ms
56ms Script
application/javascript 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2177c1d9ade388f7cde9990d04ecd628269b8a81eed6190ee345218f88d1d205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-akamai-country: DE
date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: br
last-modified: Mon, 08 May 2023 07:00:29 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-cf-geodata: DE
content-length: 9901
expires: Mon, 08 May 2023 21:27:03 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 617 KB
132 KB 303ms
141ms Script
application/javascript 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: adede9d0f78596079c6ea6d8b2d6de0909d8555b25377948d506daf577ab1349

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-akamai-country: DE
date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: br
last-modified: Sun, 07 May 2023 11:02:02 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=36, ak_p; desc="467660_34650647_241900423_3655_1855_47_0";dur=1
x-cf-geodata: DE
content-length: 134551
expires: Mon, 08 May 2023 21:27:03 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 264 KB
42 KB 95ms
25ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d90478717fa9be02cf3eedf5e8529d0443b428f677b432c697da03bb3b893c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: G.ZOXhaRlHIu_h8f3bDZLCUoe6iGwBf4
content-encoding: gzip
via: 1.1 varnish
date: Mon, 08 May 2023 20:27:03 GMT
x-amz-request-id: VR4KMRMGY6X2G6ZC
age: 62
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 42773
x-amz-id-2: yH0/rC5bR3VkN1JM0NJjjkqt3Excx4le5TQLy4gQ+pC7Fd6O+eZ9ui60T938Ff82IrFzcflDhts=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Mon, 08 May 2023 09:37:07 GMT
server: AmazonS3
x-timer: S1683577623.177384,VS0,VE3
etag: "daebfb942c1fa1fa16f27c5cdc5e09f3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 77 KB
16 KB 1133ms
552ms Script
text/javascript 54.64.31.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.31.222 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-31-222.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3df28cbccb082632a26254783c01ed22ef8bc69fc820188c257ef5c6a9a5849c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 impl.20230508-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 761 KB
158 KB 24ms
23ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230508-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 47f380060f6dfcd4389bf5fcd96923aa1178d7399195a9b73a4369e7b4ac264f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: CP5L3cBOLR4riKGLghEKd6ZBsm2MaBiy
content-encoding: br
via: 1.1 varnish
date: Mon, 08 May 2023 20:27:03 GMT
x-amz-request-id: RWBAFP3PPM23J7XT
age: 12223
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 161835
x-amz-id-2: 5AlgWuADyzD6JKmxSS44gQd6mH4EeD2WYjtaxIh9Tnk0AXqalGhm/7vG2vrep+nu/8TX09d2A/Y=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Mon, 08 May 2023 09:03:13 GMT
server: AmazonS3-br
x-timer: S1683577623.234826,VS0,VE0
etag: "e6f4e5743ace187f0a4ec42be5d70b20"
vary: Accept-Encoding
content-type: application/javascript
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 37145

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 102ms
25ms Script
application/javascript 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:33:56 GMT
content-encoding: gzip
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 49988
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: d6eoWZW2MzY4U2ockLGLK4S7eFWt8BELUB7TTCzAKXtqiP9U9UcL9g==

GET 6a9e9b56e450f50780f718e07379ddb2.jpg
static.bg3.co/imgs/202105/ 0
0

GET 2d6da625860c8a95592ad2029e14e4de.jpg
static.bg3.co/imgs/202105/ 0
0

GET 82ef4e444452fdfe7e745652f6eadb3c.jpg
static.bg3.co/imgs/202105/ 0
0

GET ee68bf83288f7c28d6138ae25cc56e4a.jpg
static.bg3.co/imgs/202105/ 0
0

GET 44fbcb4f3919cfff2bd2c17dba5538e1.jpg
static.bg3.co/imgs/202105/ 0
0

GET 559ff879174ff7e93385bc5f848702d5.jpg
static.bg3.co/imgs/202105/ 0
0

GET 4ed2b7623f6d4d5b1589518b4f225a0b.jpg
static.bg3.co/imgs/202105/ 0
0

GET ee68bf83288f7c28d6138ae25cc56e4a.jpg
static.bg3.co/imgs/202105/ 0
0

GET f8fe1e517a1b4d81ff3ee9928d4d7b68.jpg
static.bg3.co/imgs/202105/ 0
0

GET 6d32a2afcecb3f263979df8d3296f882.jpg
static.bg3.co/imgs/202105/ 0
0

GET 35cfad3b2bf1ec8f585b14f8b7e480b9.jpg
static.bg3.co/imgs/202106/ 0
0

GET 9a3b41da31805f056259dea035cecbca.jpg
static.bg3.co/imgs/202106/ 0
0

GET 2d6da625860c8a95592ad2029e14e4de.jpg
static.bg3.co/imgs/202105/ 0
0

GET eedc6bc65490c474f4d2fb7686618e9e.jpg
static.bg3.co/imgs/202106/ 0
0

GET 6a9e9b56e450f50780f718e07379ddb2.jpg
static.bg3.co/imgs/202105/ 0
0

GET 71fd4d2c34e3b86afe67f0d069b0b105.jpg
static.bg3.co/imgs/202105/ 0
0

GET 716d206f00e6f660537f2c3ca752dff8.jpg
static.bg3.co/imgs/202105/ 0
0

GET 5b0cf497f3b55acd3880de165ae3a69a.jpg
static.bg3.co/imgs/202105/ 0
0

GET fd57b840ca69b62ca1e57e3045eab3a1.jpg
static.bg3.co/imgs/202106/ 0
0

GET 2a018e5d728a302f646bd30153fe9b7c.jpg
static.bg3.co/imgs/202202/ 0
0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012304212144000/v0/ 8 KB
3 KB 68ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304212144000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

924028269e2e886b495845934379458003e235c9a402812bfb568bb755332586

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 05 May 2023 23:22:20 GMT
age: 248683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2991
x-xss-protection: 0
server: sffe
etag: "a940e38792b9efd3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 May 2024 23:22:20 GMT

GET
H3 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012304212144000/v0/ 82 KB
23 KB 67ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304212144000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff259edc629b5f5f868e877bd9c58b5ff43fe71a0282955dcdcf3cb967443c1d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 06 May 2023 06:49:21 GMT
age: 221862
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23094
x-xss-protection: 0
server: sffe
etag: "bfb5889f092df15f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 05 May 2024 06:49:21 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 3 KB
837 B 112ms
59ms Fetch
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4be027776a46ffa6d2ecc4c099dd15e51a06010a2db47e19a2be40d330530ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 489
x-xss-protection: 0

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012304212144000/v0/ 12 KB
4 KB 62ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304212144000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e47c15ae3a18f656600f80baa04ee8d468eab158e26f77c1de4caf5510506b86

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 05 May 2023 20:09:37 GMT
age: 260246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
server: sffe
etag: "3eafd35b027d70b2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 May 2024 20:09:37 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 140ms
45ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230508-6-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 347614
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 87 KB
21 KB 492ms
486ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=20%3A27%3A03.319&lti=deflated&data=%7B%22id%22%3A193%2C%22ii%22%3A%22%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1683538619566%2C%22vi%22%3A1683577623317%2C%22cv%22%3A%2220230508-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html%22%2C%22vpi%22%3A%22%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3516%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A3414%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230508-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9f12fc87f32bf1c6dccf15f556682f326eaed351be56709178fa7efbc541e12e

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 463
date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230074-FRA
server: nginx
x-timer: S1683577623.334167,VS0,VE463
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.bg3.co
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 26ms
24ms Image
text/plain 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1683577623337&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&c8=%E6%97%A5%E6%9C%88%E5%85%89K7%E5%81%9C%E5%B7%A5%E5%BD%B1%E9%9F%BF%E7%87%9F%E6%94%B6%E4%B8%8D%E5%88%B03%25%E3%80%80%E9%99%B3%E8%8F%8A%E9%96%8B%E9%8D%98%E9%80%9F%E5%BA%A6%E5%BC%95%E7%88%AD%E8%BE%AF%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&c9=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 4DI9MYvSF9t1SihOExCpY6xXCikRsIUGXxJ0tr95ifS2Ishw5fbj0A==
x-cache: Miss from cloudfront

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 96ms
24ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e98"
vary: Accept-Encoding
x-hw: 1683577623.dop136.fr8.t,1683577623.cds003.fr8.hn,1683577623.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29880

GET
H3 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012304212144000/v0/ 40 KB
10 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304212144000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96f21a6e5283967ea8eca7e6e7ac9951a5080f180a9d89b7e318514e7dc6ae88

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 06 May 2023 09:10:14 GMT
age: 213409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10284
x-xss-protection: 0
server: sffe
etag: "1fce30468243f5fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 05 May 2024 09:10:14 GMT

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012304212144000/v0/ 214 KB
57 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304212144000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c157d61213ca1da2359698579ed2a8f61afb4e7ac57ca483424b5bc66295b07

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 06 May 2023 14:40:13 GMT
age: 193610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57955
x-xss-protection: 0
server: sffe
etag: "41c74ad64f927b86"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 05 May 2024 14:40:13 GMT

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
866 B 51ms
51ms Image
image/jpeg 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1683577623466
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-akamai-country: DE
date: Mon, 08 May 2023 20:27:03 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Mon, 08 May 2023 21:27:03 GMT

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012304212144000/v0/ 110 KB
31 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304212144000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

046d2f953e547e00cff170eb1ec1ed5b98d28e694acb5aaaf2d824334d120e03

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 06 May 2023 15:27:39 GMT
age: 190764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32026
x-xss-protection: 0
server: sffe
etag: "a20fff7111dd3948"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 05 May 2024 15:27:39 GMT

GET
H2 200 integrator.json Show response
adservice.google.com/adsid/ 86 B
479 B 99ms
32ms Fetch
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83
x-xss-protection: 0

GET
H2 200 nameframe.html
d-8076783033038022112.ampproject.net/2304212144000/ 0
0 96ms
30ms Other
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-8076783033038022112.ampproject.net/2304212144000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 25ms
25ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1683577623.dop136.fr8.t,1683577623.cds003.fr8.hn,1683577623.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 405ms
162ms Fetch
application/json 2600:1f18:24e6:b901:e1d1:5b35:d046:4c40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:e1d1:5b35:d046:4c40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 pb.42753.1674819540207.js Show response
cdn.adpushup.com/prebid/ 349 KB
94 KB 56ms
56ms Script
application/javascript 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 28d37801802871b7c6943726da07f06110bc3b1400e050b8b86c82deefc635a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-akamai-country: DE
date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: br
last-modified: Fri, 27 Jan 2023 11:39:13 GMT
server: nginx/1.18.0
etag: W/"63d3b7e1-5744c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="467660_34650647_241900673_643_1633_47_0";dur=1
content-length: 95255
expires: Tue, 07 May 2024 20:27:03 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
674 B 83ms
83ms Script
application/javascript 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-akamai-country: DE
date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: "60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467660_34650647_241900705_14_1489_47_0";dur=1
accept-ranges: bytes
content-length: 317
expires: Tue, 07 May 2024 20:27:03 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 83ms
83ms Script
application/javascript 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-akamai-country: DE
date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=8, ak_p; desc="467660_34650647_241900709_763_1131_47_0";dur=1
content-length: 18371
expires: Mon, 08 May 2023 21:27:03 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 165ms
97ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1eb020010a5672a8b144cfd90b38f0e2b0146ba9f05faf2fab59dff6aa330a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24899
x-xss-protection: 0
server: cafe
etag: 479 / 19485 / m202305040101 / config-hash: 15255505272217764160
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 May 2023 20:27:03 GMT

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
365 B 128ms
30ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:03 GMT
server: nginx/1.18.0 (Ubuntu)
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 27 KB
11 KB 148ms
82ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08922f7235b4680a98dd67a6a3ebb936f20de01f8e2658bde0ce0bed120ff38c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BvXXDXHILQrI38GnChaTFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-BvXXDXHILQrI38GnChaTFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012304212144000/v0/analytics-vendors/ 2 KB
812 B 24ms
24ms Fetch
application/json 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304212144000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 06 May 2023 12:25:59 GMT
age: 201664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 782
x-xss-protection: 0
server: sffe
etag: "6c123bc7bfd01f01"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 05 May 2024 12:25:59 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 5 KB
2 KB 93ms
35ms Fetch
application/json 2606:4700:e4::ac40:a11f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:a11f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a05b4715b24ccaa8ce73e4e65b7294852eb28ce89f148341edf670882f52c20f

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only, master-only
age: 35642
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: same-origin, same-origin
last-modified: Mon, 08 May 2023 10:33:01 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkHXO6w3mb1VPI0ck3g1lwuQ5nllJ7OpwHrh0DHujdGm1BmJ2sbk%2B14QyIsU%2FxeGNCgYSyZ9ZO2XSNUQeXHsFsA1PFEL7ttpuWAix5ppfT%2FlXdrjuL%2FtuyBq5Q0t9ONfe3OGsyYFjZjfBReNfZchq3HEDB0dvc2bVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230423b
cf-ray: 7c4470f3df45923d-FRA

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012304212144000/v0/analytics-vendors/ 2 KB
931 B 23ms
23ms Fetch
application/json 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304212144000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 06 May 2023 03:35:37 GMT
age: 233486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 901
x-xss-protection: 0
server: sffe
etag: "3d89871581cebd22"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 05 May 2024 03:35:37 GMT

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 613 B
716 B 80ms
30ms Fetch
application/json 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29cc5de7fd369d7e63e38cae1c883c52af46b8e6fb1b886d9bd861e5561f2533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 121ms
25ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: gzip
etag: "DUHyBE1e2vdA+NAhXV6BXg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 15 May 2023 20:27:03 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
242 B 80ms
29ms Ping
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5040&cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&dr=&dt=%E6%97%A5%E6%9C%88%E5%85%89K7%E5%81%9C%E5%B7%A5%E5%BD%B1%E9%9F%BF%E7%87%9F%E6%94%B6%E4%B8%8D%E5%88%B03%25%E3%80%80%E9%99%B3%E8%8F%8A%E9%96%8B%E9%8D%98%E9%80%9F%E5%BA%A6%E5%BC%95%E7%88%AD%E8%BE%AF%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1683577624&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304212144000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 92ms
29ms Ping
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&aip=1&sid=1683577624&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304212144000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
629 B 32ms
31ms Stylesheet
text/css 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1710
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUOrQecwXPjTFHa8x3mfOsWLYZ7csFzudhHySvkORE5bJjvvXqw%2BNlBcFcKgiueLhGna74xdY4exmLN8Af2zf18py8BV0bfZwyvvlja5hIIpqX%2BnbuqJh3jL103Vbb%2BT8DGb49PhCPJn0Cqyew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7c4470f45d0a18ef-FRA

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 459ms
114ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: a273601c208a9318e3cb639fc1f80e5d9aac968eb6f6302817488d8713c57b0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:04 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 449ms
118ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: a273601c208a9318e3cb639fc1f80e5d9aac968eb6f6302817488d8713c57b0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:04 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 513 B
1 KB 482ms
265ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.18637085144479482&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 2b7f11f6fe02925277f4a8140b880da74d24172ff6f1336c94f0701936eaa5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:04 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 513

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 513 B
1 KB 516ms
299ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.22455569725120617&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 2b7f11f6fe02925277f4a8140b880da74d24172ff6f1336c94f0701936eaa5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:04 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 513

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
158 B 38ms
30ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E6%97%A5%E6%9C%88%E5%85%89K7%E5%81%9C%E5%B7%A5%E5%BD%B1%E9%9F%BF%E7%87%9F%E6%94%B6%E4%B8%8D%E5%88%B03%25%E3%80%80%E9%99%B3%E8%8F%8A%E9%96%8B%E9%8D%98%E9%80%9F%E5%BA%A6%E5%BC%95%E7%88%AD%E8%BE%AF%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.7113006042599075&gjid=0.03497904894098336&_r=1&a=5040&z=0.5605987540340178&gtm=45De000

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/ 403 KB
125 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77384310d4ffb3b35481ce813a3ef4f3cbcf694e8a7a58f6698c692bdf27de5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 19:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3667
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127480
x-xss-protection: 0
server: cafe
etag: 445900462459606666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 07 May 2024 19:25:56 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 114 B
102 B 105ms
59ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f45619358bd0a3adcc3194ccbdd56ed12ac78950c862d6840d21b43a231f89e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
x-xss-protection: 0
expires: Mon, 08 May 2023 20:27:03 GMT

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
634 B 82ms
22ms Script
application/javascript 2600:9000:223c:8600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 19:45:45 GMT
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2479
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: DIKAc6ZsznoSKJ_5-tZ3cl4THp502xfbJfVb2JgLpMy0uyLi3xhq1A==

GET
H2 200 floating-unit.20230508-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 22ms
22ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230508-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7a060ed168a6d3c172824a0b96d1dbed5df6af2968b7b4b4af1e4aee9fb5e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: 0iANsXxGy3FviWiV9t.XjXpKo.kLi_9C
content-encoding: gzip
via: 1.1 varnish
date: Mon, 08 May 2023 20:27:03 GMT
x-amz-request-id: K8J0WDB770HZYHKR
age: 39259
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2473
x-amz-id-2: uJhm45u5KZE7YimYZweyk1VOyi5MAn918W90qjC5HrJIu+n4FiNMMxtwh+bZ8LP8yeYhjmHZIAM=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Mon, 08 May 2023 09:32:45 GMT
server: AmazonS3
x-timer: S1683577624.834971,VS0,VE0
etag: "4fd4fcbca4894ced23de682efe459cab"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 9367

GET
H2 200 taboola-vignette-new-scanning.20230508-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 22ms
22ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230508-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ab690638ea40ffe78c02adf6799b26b459b7a67dcabfb5afad3edc9107ed9d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: EkJtMDfmabUITPgFUX8_R.v_eH0TPsPO
content-encoding: gzip
via: 1.1 varnish
date: Mon, 08 May 2023 20:27:03 GMT
x-amz-request-id: 8CX0RFZHE7CD3GM7
age: 39195
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7728
x-amz-id-2: 8Ndg1SVqBVJr7kfAztYAiJQyaLcGTpoSCE1ZFW82WVSWdUp9ocKpCf5cW+kmIXPV1CGOt15m8pQ=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Mon, 08 May 2023 09:33:49 GMT
server: AmazonS3
x-timer: S1683577624.835394,VS0,VE0
etag: "ccd3d5b5c0e74e4e6077212b8d876a77"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 7515

GET
H2 200 distance-from-article.20230508-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 22ms
22ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230508-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bb56ad029b7ef8cf3bb97ad4cfcfaea3432c7b177b9d4f78b65c9216c845735

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: gaa9i9tYrWz.mXokehQazVUnecLcVimD
content-encoding: gzip
via: 1.1 varnish
date: Mon, 08 May 2023 20:27:03 GMT
x-amz-request-id: 0WT9JK2GZ2S9R8TR
age: 39287
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1135
x-amz-id-2: ZeO56lyCzkAczMpeWpL4QZYUR5IT/Fs/mqzna0eO+YLUFhd2pkPIAhW9DsFODD5O11hyz1rHad8=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Mon, 08 May 2023 09:32:17 GMT
server: AmazonS3
x-timer: S1683577624.845429,VS0,VE0
etag: "3f15c08aeb8f44827f5114d3017d8ef2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 88415

GET
H2 200 article-detection.20230508-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 23ms
23ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230508-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00a0492e1b24f28e2b31d6a151bd5e246588c11f27329b05c6ea840e75f03653

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: RrYlxCul7RSV.nfkpEkeymSLeQ6dBPz1
content-encoding: gzip
via: 1.1 varnish
date: Mon, 08 May 2023 20:27:03 GMT
x-amz-request-id: XY948EPSK9JAAJHY
age: 39306
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1236
x-amz-id-2: kcSI70RB0XtdSSeYdAxiFiKaONTiLwVV+4os+VZHf4dpFJpwX1bQ5RU5BUDVOYbw0Hz3kzFeSk4=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Mon, 08 May 2023 09:31:57 GMT
server: AmazonS3
x-timer: S1683577624.845549,VS0,VE0
etag: "a8ddd7b564496f122741c24410663ccf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 88398

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.0.0/ 111 KB
31 KB 28ms
22ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.0.0/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230508-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bdfb4f69bf4b36f3f547dab06813d8b865a439935725e3b97c95943f03291d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 645733
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 31012
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Mon, 01 May 2023 09:04:29 GMT
server: AmazonS3
x-timer: S1683577624.853255,VS0,VE0
etag: "196ec9978b2a70a192f8f6477d03514a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: iySNG3PRx0qIxQXCGX8jlLqDb0QjQCjPFsVoUq5KZBtmtCsAp3cE7Q==
x-cache-hits: 61395

GET
H2 200 feed-card-placeholder.20230508-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 22ms
22ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230508-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcd0e5105f1c13cd0a0a015647e30c74fdb53bf8d88548846ad11ce5dbdfa40e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: BNxlInu34MqJtE1daP2tTLkB4cDhy2X2
content-encoding: gzip
via: 1.1 varnish
date: Mon, 08 May 2023 20:27:03 GMT
x-amz-request-id: 6X3D23PNG3ZN46GA
age: 39273
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: SnYGJ4pQT4rjsA0PQniYh1p0WH57oB0/y/L0gayYbeDGYgrs7MmFjTyKKloXsUq8GNHjsR2HIDE=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Mon, 08 May 2023 09:32:31 GMT
server: AmazonS3
x-timer: S1683577624.848205,VS0,VE0
etag: "06e861707459e41d073c16f0c6e6bc23"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 78498

GET
H2 200 userx.20230508-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 22ms
22ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230508-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7fe46f0ac38046468c299a33208f637cf6f85a668013df7e354012a321fcd196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: 2Bg01gQRhJKu_saQYjs8x.mzia.eZ6ev
content-encoding: gzip
via: 1.1 varnish
date: Mon, 08 May 2023 20:27:03 GMT
x-amz-request-id: K4W31AKDRHHYGZ2F
age: 39184
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: jcYOagEHUvAtU/nibCj1vGD561uUlyxR61DPF8IQIoox55sBsx4QhO2jmyqjhnXu1iBH3De+/a4=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Mon, 08 May 2023 09:33:59 GMT
server: AmazonS3
x-timer: S1683577624.851801,VS0,VE0
etag: "df12ebe07d14bf42f337289d5da5c99e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 17794

GET
H2 200 cta-component.20230508-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 19 KB
5 KB 23ms
23ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20230508-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae2da07af164be77868022720fc9852f61d3033976ef5d96e3d42b6dda1e2811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: mf0qNmJZ3l3OVpmmeJBNROpsSNUzuWgl
content-encoding: gzip
via: 1.1 varnish
date: Mon, 08 May 2023 20:27:03 GMT
x-amz-request-id: G0XKPKM0WG37G8HD
age: 39292
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4737
x-amz-id-2: fHkmUAYHq5lz517BeAEejf3KpUBPVzWGObjT1XSh2mAv0RDaaLH/rr6ZzbT1FouBD2JDW3+rJ60=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Mon, 08 May 2023 09:32:12 GMT
server: AmazonS3
x-timer: S1683577624.855151,VS0,VE0
etag: "684293ce4d75850a748e29be54da0af2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 75505

GET
H2 200 explore-more.20230508-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 23ms
22ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230508-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f20a18363ae371104987e0f495d4e9a8c111767948f36ce3f6bb063c5017e190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: 69oLUXuUMr8o30kveiw09nqNxmuJV66N
content-encoding: gzip
via: 1.1 varnish
date: Mon, 08 May 2023 20:27:03 GMT
x-amz-request-id: VXY676FP9BY39N4E
age: 39278
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7554
x-amz-id-2: Zyhs+/OI7BEDWuiTDWX4EZW56JDUFC0ln/Ce6y7GXHRJE9uSBrVvaKApLvssCTgm7XrzCM6UbTE=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Mon, 08 May 2023 09:32:26 GMT
server: AmazonS3
x-timer: S1683577624.861801,VS0,VE0
etag: "33304d0555f5629d1eb5443b371b8ad0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 43234

GET
H2 204 supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 104ms
33ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=d575be719c2065aeefdf2f70f7539079&sd=v2_563204d95e2a379c4ba44ff8ac4ca9ab_3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097_1683577623_1683577623_CNawjgYQ2YJdGJWmr-j_MCABKAEwODib4wlAhIoQSN3O3gNQ____________AVgAYABoqYjV2dyl_vpfcAA&ui=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&pi=/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&wi=8601374029145547675&pt=text&vi=1683577623317&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=20%3A27%3A03.827&id=4648&llvl=2&cv=20230508-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 08 May 2023 20:27:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 104ms
33ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=d575be719c2065aeefdf2f70f7539079&sd=v2_563204d95e2a379c4ba44ff8ac4ca9ab_3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097_1683577623_1683577623_CNawjgYQ2YJdGJWmr-j_MCABKAEwODib4wlAhIoQSN3O3gNQ____________AVgAYABoqYjV2dyl_vpfcAA&ui=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&pi=/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&wi=8601374029145547675&pt=text&vi=1683577623317&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1683577623827%7D&tim=20%3A27%3A03.828&id=9728&llvl=2&cv=20230508-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 08 May 2023 20:27:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 104ms
34ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=d575be719c2065aeefdf2f70f7539079&sd=v2_563204d95e2a379c4ba44ff8ac4ca9ab_3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097_1683577623_1683577623_CNawjgYQ2YJdGJWmr-j_MCABKAEwODib4wlAhIoQSN3O3gNQ____________AVgAYABoqYjV2dyl_vpfcAA&ui=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&pi=/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&wi=8601374029145547675&pt=text&vi=1683577623317&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1683577623834%7D&tim=20%3A27%3A03.834&id=8803&llvl=2&cv=20230508-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 08 May 2023 20:27:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 pubs-generic
trc.taboola.com/palmate-bg3co/log/3/ 0
258 B 34ms
33ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/pubs-generic?route=AM:AM:V&lti=deflated&ri=d575be719c2065aeefdf2f70f7539079&sd=v2_563204d95e2a379c4ba44ff8ac4ca9ab_3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097_1683577623_1683577623_CNawjgYQ2YJdGJWmr-j_MCABKAEwODib4wlAhIoQSN3O3gNQ____________AVgAYABoqYjV2dyl_vpfcAA&ui=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&pi=/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&wi=8601374029145547675&pt=text&vi=1683577623317&d=%7B%22data%22%3A%22%5C%22true%5C%22%22%2C%22type%22%3A%22DEDUP_DEBUG%22%2C%22eventTime%22%3A1683577623841%7D&tim=20%3A27%3A03.841&id=7140&llvl=2&cv=20230508-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Mon, 08 May 2023 20:27:03 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230074-FRA
server: nginx
x-timer: S1683577624.911736,VS0,VE8
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 102ms
32ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=20%3A27%3A03.841&type=warn&msg=Duplicated%20items%20monitoring%20enabled&llvl=2&id=8705&cv=20230508-6-RELEASE&lt=deflated&pcs=%5Bdata-feed-main-container-id%3D%22taboola-below-article-feed%22%5D&vi=1683577623317
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27460

GET
H2 204 supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 104ms
35ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=d575be719c2065aeefdf2f70f7539079&sd=v2_563204d95e2a379c4ba44ff8ac4ca9ab_3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097_1683577623_1683577623_CNawjgYQ2YJdGJWmr-j_MCABKAEwODib4wlAhIoQSN3O3gNQ____________AVgAYABoqYjV2dyl_vpfcAA&ui=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&pi=/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&wi=8601374029145547675&pt=text&vi=1683577623317&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=20%3A27%3A03.854&id=6509&llvl=2&cv=20230508-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 08 May 2023 20:27:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 101ms
31ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=20%3A27%3A03.856&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=6195&cv=20230508-6-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27460

GET
H2 204 debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 30ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=20%3A27%3A03.857&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=1986&cv=20230508-6-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27849

GET
H2 204 debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 30ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=20%3A27%3A03.858&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=8438&cv=20230508-6-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27849

GET
H2 204 debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 31ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=20%3A27%3A03.897&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-y-em-delta&llvl=2&id=3352&cv=20230508-6-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27849

GET
H2 204 debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 31ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=20%3A27%3A03.901&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=4899&cv=20230508-6-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27849

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 23ms
22ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Mon, 08 May 2023 20:27:03 GMT
x-amz-request-id: TVRHNHYBPQ9HMG0X
age: 47
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: uFbaSJk9yktyAUFgMlgPkVbCzqgaR0HXe4qprVaC8AF1ppw4MYEqjVCkDKZnUzIdcOL0Pli8bIw=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1683577624.913640,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 91
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 80

GET
H2 200 225ac8178e01d02c9544635181d11e27.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1035%2Cw_1380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 64 KB
65 KB 27ms
26ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1035%2Cw_1380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: da9a64f3c8e5965abdf2c0ff3edd7d6074fd5f81531269bc93f1cf95c4f9b492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms: 4
date: Mon, 08 May 2023 20:27:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1035%2Cw_1380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
age: 3475170
edge-cache-tag: 602328860012357606151299032710582386322,380557120827242204309196295110066286773,29ecf9b93bbf306179626feeda1fab70
cache-tag: 602328860012357606151299032710582386322,380557120827242204309196295110066286773,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 707
expiration: expiry-date="Sat, 08 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://abmeyerwood.com/
content-length: 65454
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200131-IAD, cache-iad-kiad7000024-IAD, cache-lax10671-LGB, cache-iad-kcgs7200061-IAD, cache-fra-eddf8230074-FRA
last-modified: Wed, 08 Mar 2023 09:24:52 GMT
server: nginx
x-timer: S1683577624.937629,VS0,VE4
etag: "c25160d40ac380ef88c0d7945e57b343"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 58, 1

GET
H2 200 225ac8178e01d02c9544635181d11e27.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 33 KB
33 KB 29ms
29ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c3219109fc55539fa6289e7075a2a973e49a56a9c37583faa530b9dc3796b46f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 08 May 2023 20:27:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
age: 3483470
edge-cache-tag: 602328860012357606151299032710582386322,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag: 602328860012357606151299032710582386322,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 118
expiration: expiry-date="Fri, 07 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nbcnews.com/
content-length: 33492
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000138-IAD, cache-iad-kcgs7200103-IAD, cache-chi-kigq8000179-CHI, cache-iad-kcgs7200156-IAD, cache-fra-eddf8230074-FRA
last-modified: Tue, 07 Mar 2023 05:34:39 GMT
server: nginx
x-timer: S1683577624.944242,VS0,VE1
etag: "581d2b1875124814fab1155ef972a77b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 1, 18232, 1

GET
H2 200 66482f086ab99ba9eae154465b1288da.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 27 KB
28 KB 28ms
28ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66482f086ab99ba9eae154465b1288da.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 47b242495675a4a1acd46d253ddfafce009bdda322cf518dbd370baf293a14d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 08 May 2023 20:27:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66482f086ab99ba9eae154465b1288da.jpeg
age: 1738542
edge-cache-tag: 474297464142718761789131574290849194387,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 474297464142718761789131574290849194387,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 112
expiration: expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://die-90er.eu/
content-length: 27598
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000160-IAD, cache-iad-kcgs7200089-IAD, cache-chi-klot8100028-CHI, cache-iad-kiad7000093-IAD, cache-fra-eddf8230074-FRA
last-modified: Mon, 27 Mar 2023 13:41:31 GMT
server: nginx
x-timer: S1683577624.944778,VS0,VE1
etag: "b905b509d0d0ca594468d1c18bd330a0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 6, 1

GET
H2 200 24d38af1f375b27e3324f2a808817814.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
11 KB 69ms
69ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/24d38af1f375b27e3324f2a808817814.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 198c7bce3540f24e6443c698764b81ed793bddc8163e3e2d76762e008b553933

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 08 May 2023 20:27:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/24d38af1f375b27e3324f2a808817814.png
age: 2361176
edge-cache-tag: 312535462187530181443549051193972422353,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
cache-tag: 312535462187530181443549051193972422353,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 76
req-referer: https://www.ynet.co.il/
content-length: 10714
x-request-id: 173ac5bd00dbe9b935333d38990780f7
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100160-IAD, cache-iad-kiad7000071-IAD, cache-lax10654-LGB, cache-iad-kiad7000089-IAD, cache-fra-eddf8230074-FRA
last-modified: Tue, 11 Apr 2023 12:34:08 GMT
server: nginx
x-timer: S1683577624.970488,VS0,VE0
etag: "7cf97a3252d49fae4ee65e12c4ae492f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 485, 3

GET
H2 200 710e2647d6b1dd0827badeb56325233f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 53 KB
54 KB 65ms
65ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/710e2647d6b1dd0827badeb56325233f.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 891bcb08c2171aef7f57881171a66b97ea4f5b9265f6d1d5d032ee0e75b4bc4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 08 May 2023 20:27:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/710e2647d6b1dd0827badeb56325233f.png
age: 3424130
edge-cache-tag: 595629037177767479183546216043569688665,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 595629037177767479183546216043569688665,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 224
req-referer: https://www.tvmovie.de/
content-length: 54376
x-request-id: 8325c935bb5739dee9b6a15379e4b7af
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200136-IAD, cache-iad-kcgs7200039-IAD, cache-lga21930-LGA, cache-iad-kjyo7100096-IAD, cache-fra-eddf8230074-FRA
last-modified: Fri, 10 Mar 2023 03:16:42 GMT
server: nginx
x-timer: S1683577624.973381,VS0,VE1
etag: "6eba5cca0469e5d1f8baf6f67573c981"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 1, 1

GET
H2 200 916c3b44fd606129f106b386d2093c3e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 23 KB
23 KB 63ms
63ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/916c3b44fd606129f106b386d2093c3e.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a7b4aa8c74ee11b2db378cd5261d06632ea2eb3454de18c29f74dd3eb0378a3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 08 May 2023 20:27:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/916c3b44fd606129f106b386d2093c3e.png
age: 2300865
edge-cache-tag: 478664700013875519385121798670987401503,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
cache-tag: 478664700013875519385121798670987401503,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 84
expiration: expiry-date="Mon, 24 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tippsundtricks.co/
content-length: 23152
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100049-IAD, cache-iad-kcgs7200042-IAD, cache-lga21971-LGA, cache-iad-kcgs7200028-IAD, cache-fra-eddf8230074-FRA
last-modified: Fri, 24 Mar 2023 16:28:14 GMT
server: nginx
x-timer: S1683577624.975984,VS0,VE1
etag: "ed8909991470610db7204afad00638db"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 20, 1

GET
H2 200 ff0d87882cc75942e3cb3727552f6832.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 20 KB
21 KB 106ms
104ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff0d87882cc75942e3cb3727552f6832.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9d0f800e4c7ebf992893a22514cec4873322c8832c17d3891aa4dc20946b2df0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff0d87882cc75942e3cb3727552f6832.jpg
age: 1846285
edge-cache-tag: 491575337321750521908803396678544249036,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 491575337321750521908803396678544249036,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 130
expiration: expiry-date="Fri, 28 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.inceptivemind.com/
content-length: 20334
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000026-IAD, cache-iad-kjyo7100105-IAD, cache-chi-klot8100036-CHI, cache-iad-kiad7000147-IAD, cache-fra-eddf8230074-FRA
last-modified: Tue, 28 Mar 2023 09:44:07 GMT
server: nginx
x-timer: S1683577624.023260,VS0,VE1
etag: "bc052f65b79e4ca54858976416cc82f5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 29, 1

GET
H2 200 225ac8178e01d02c9544635181d11e27.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 33 KB
33 KB 62ms
60ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b37107868e3ddc27e8474863051503794c877e7e7434829aad768a14de638f80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
age: 2357098
edge-cache-tag: 602328860012357606151299032710582386322,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag: 602328860012357606151299032710582386322,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 456
expiration: expiry-date="Wed, 10 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.fox5ny.com/
content-length: 33406
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100097-IAD, cache-iad-kjyo7100062-IAD, cache-lax10676-LGB, cache-iad-kjyo7100113-IAD, cache-fra-eddf8230074-FRA
last-modified: Sun, 09 Apr 2023 22:42:35 GMT
server: nginx
x-timer: S1683577624.023232,VS0,VE1
etag: "b8080e084a14a928fa5d2ce55c1cea7b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 8547, 1

GET
H2 200 710e2647d6b1dd0827badeb56325233f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 58 KB
59 KB 107ms
105ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/710e2647d6b1dd0827badeb56325233f.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e4f3c8091e8eb1109610b1105ae31851bf6f7ca69d20b1b2e2ee56aa528f19f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms: 16
date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/710e2647d6b1dd0827badeb56325233f.png
age: 2926645
edge-cache-tag: 595629037177767479183546216043569688665,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 595629037177767479183546216043569688665,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 291
expiration: expiry-date="Sun, 16 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.abendblatt.de/
content-length: 59720
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200024-IAD, cache-iad-kcgs7200121-IAD, cache-lax10622-LGB, cache-iad-kjyo7100143-IAD, cache-fra-eddf8230074-FRA
last-modified: Thu, 16 Mar 2023 10:31:45 GMT
server: nginx
x-timer: S1683577624.023217,VS0,VE16
etag: "bae18fda64534e6838e7a616648a9ca7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 1, 27, 1

GET
H2 200 66482f086ab99ba9eae154465b1288da.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 20 KB
21 KB 73ms
71ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66482f086ab99ba9eae154465b1288da.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 418eae0ba12f0f3db5cb6f4305fc87c2d1e57aab47c74e65a5ac23885d423467

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66482f086ab99ba9eae154465b1288da.jpeg
age: 1644061
edge-cache-tag: 474297464142718761789131574290849194387,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 474297464142718761789131574290849194387,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 141
expiration: expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tippsundtricks.co/
content-length: 20966
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000052-IAD, cache-iad-kjyo7100073-IAD, cache-lax10666-LGB, cache-iad-kcgs7200049-IAD, cache-fra-eddf8230074-FRA
last-modified: Mon, 27 Mar 2023 15:51:33 GMT
server: nginx
x-timer: S1683577624.055103,VS0,VE1
etag: "e6e0ae7064ab497b9e79e6d77c5da875"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 2, 1

GET
H2 200 24d38af1f375b27e3324f2a808817814.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
11 KB 71ms
69ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/24d38af1f375b27e3324f2a808817814.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 81c13b8d82329cfd92ef15fe5af675f155c675793c09029d047833920e51f2bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/24d38af1f375b27e3324f2a808817814.png
age: 630196
edge-cache-tag: 312535462187530181443549051193972422353,444117103985454351027730484191642710374,29ecf9b93bbf306179626feeda1fab70
cache-tag: 312535462187530181443549051193972422353,444117103985454351027730484191642710374,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 209
expiration: expiry-date="Sat, 13 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://impressio.dir.bg/
content-length: 10488
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000054-IAD, cache-iad-kcgs7200045-IAD, cache-lax10643-LGB, cache-iad-kiad7000096-IAD, cache-fra-eddf8230074-FRA
last-modified: Wed, 12 Apr 2023 02:38:34 GMT
server: nginx
x-timer: S1683577624.055703,VS0,VE0
etag: "795407199e0ed1c1e239d0f0189761c0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 3, 2

GET
H2 206 gdetfj8uapoef9uovk9f.mp4
cdn.taboola.com/libtrc/static/video/v1679261701/ 1 MB
1 MB 26ms
26ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1679261701/gdetfj8uapoef9uovk9f.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28bb10ad395d322e68196f832c6bd13db2a751fefa28639ebf2b356327ffd937

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: vLt8qBQwpjSWOpbpRZJd.qY1SyjnMfj5
date: Mon, 08 May 2023 20:27:03 GMT
via: 1.1 varnish
x-amz-request-id: 2ZPACV4RQD8KQDTP
age: 87
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-1133441/1133442
x-amz-replication-status: COMPLETED
Content-Length: 1133442
x-amz-id-2: cN/pJqUUTOC94LM1FSSdnW2Ata8tSZ6MrYzu5U+XG11T93jwI6SIOU2g0P6gNLX9Vp2M4CpBHOY=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Sun, 19 Mar 2023 21:35:10 GMT
server: AmazonS3
x-timer: S1683577624.955503,VS0,VE3
etag: "5cdc25693b01a36bfabe5203c9f55c70"
content-type: video/mp4;codecs=avc1
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 206 gdetfj8uapoef9uovk9f.mp4
cdn.taboola.com/libtrc/static/video/v1679261701/ 442 KB
0 68ms
68ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1679261701/gdetfj8uapoef9uovk9f.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: vLt8qBQwpjSWOpbpRZJd.qY1SyjnMfj5
date: Mon, 08 May 2023 20:27:03 GMT
via: 1.1 varnish
x-amz-request-id: 2ZPACV4RQD8KQDTP
age: 87
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-1133441/1133442
x-amz-replication-status: COMPLETED
Content-Length: 1133442
x-amz-id-2: cN/pJqUUTOC94LM1FSSdnW2Ata8tSZ6MrYzu5U+XG11T93jwI6SIOU2g0P6gNLX9Vp2M4CpBHOY=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Sun, 19 Mar 2023 21:35:10 GMT
server: AmazonS3
x-timer: S1683577624.959027,VS0,VE1
etag: "5cdc25693b01a36bfabe5203c9f55c70"
content-type: video/mp4;codecs=avc1
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 206 gdetfj8uapoef9uovk9f.mp4
cdn.taboola.com/libtrc/static/video/v1679261701/ 207 KB
0 71ms
71ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1679261701/gdetfj8uapoef9uovk9f.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: vLt8qBQwpjSWOpbpRZJd.qY1SyjnMfj5
date: Mon, 08 May 2023 20:27:03 GMT
via: 1.1 varnish
x-amz-request-id: 2ZPACV4RQD8KQDTP
age: 87
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-1133441/1133442
x-amz-replication-status: COMPLETED
Content-Length: 1133442
x-amz-id-2: cN/pJqUUTOC94LM1FSSdnW2Ata8tSZ6MrYzu5U+XG11T93jwI6SIOU2g0P6gNLX9Vp2M4CpBHOY=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Sun, 19 Mar 2023 21:35:10 GMT
server: AmazonS3
x-timer: S1683577624.959046,VS0,VE1
etag: "5cdc25693b01a36bfabe5203c9f55c70"
content-type: video/mp4;codecs=avc1
abp: 56
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 next-up-widget.20230508-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 68ms
67ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230508-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78e1bab8e13e9a00d8f6de70fd41b674ebf1ef3df1583aff391e6096584104de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: I5R3ljTotlrJUOrDlV1_rpk5tIHvU4e1
content-encoding: gzip
via: 1.1 varnish
date: Mon, 08 May 2023 20:27:03 GMT
x-amz-request-id: 0R28BABQK8HA667D
age: 39248
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: Si9+3keBUmQzwGc+uFh1ssjI6sCZx4YyJdgS+9tQ+uCzmo7aDxt9OIZK+gXtd9c98273tY0oRjo=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Mon, 08 May 2023 09:32:55 GMT
server: AmazonS3
x-timer: S1683577624.962579,VS0,VE0
etag: "420154983c11d2157c47cc8e1469b4f3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 9155

GET
H2 200 pixel;r=788527987;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html;uh=e51ed67dfb8d91dc24b15...
pixel.quantserve.com/ 35 B
371 B 33ms
22ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=788527987;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1021767959-1683577623792;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1683577623957;tzo=0;ogl=;ses=4fbde000-5d92-41c9-b0c1-1d5ad80e7135

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 28ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=d575be719c2065aeefdf2f70f7539079&sd=v2_563204d95e2a379c4ba44ff8ac4ca9ab_3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097_1683577623_1683577623_CNawjgYQ2YJdGJWmr-j_MCABKAEwODib4wlAhIoQSN3O3gNQ____________AVgAYABoqYjV2dyl_vpfcAA&ui=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&pi=/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&wi=8601374029145547675&pt=text&vi=1683577623317&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%22366.140625%22%2C%22eventTime%22%3A1683577623984%7D&tim=20%3A27%3A03.984&id=1006&llvl=2&cv=20230508-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 08 May 2023 20:27:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 28ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=d575be719c2065aeefdf2f70f7539079&sd=v2_563204d95e2a379c4ba44ff8ac4ca9ab_3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097_1683577623_1683577623_CNawjgYQ2YJdGJWmr-j_MCABKAEwODib4wlAhIoQSN3O3gNQ____________AVgAYABoqYjV2dyl_vpfcAA&ui=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&pi=/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&wi=8601374029145547675&pt=text&vi=1683577623317&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A914%7D%22%2C%22eventTime%22%3A1683577623986%7D&tim=20%3A27%3A03.986&id=9726&llvl=2&cv=20230508-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 08 May 2023 20:27:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 31ms
31ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=20%3A27%3A03.994&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1679&cv=20230508-6-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27272

GET
H2 200 spa-detector.20230508-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 92ms
91ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230508-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1e3fd54bde275c31e4637e6cf8436150c6b9f89b6e2d16e5d8f2d8b5059cc1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: mtCC6p5qCMbueKXJlD.VC52MedC5zlBX
content-encoding: gzip
via: 1.1 varnish
date: Mon, 08 May 2023 20:27:04 GMT
x-amz-request-id: ECBDC03GVRP0RN33
age: 39225
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 809
x-amz-id-2: /g5nnJpPzm6TlVUn6JKWMZCzmsApXBBqsmNNY9mtIKC+gV33GSUL45jWfqH7AWb8fmB4N9v71C4=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Mon, 08 May 2023 09:33:19 GMT
server: AmazonS3
x-timer: S1683577624.032174,VS0,VE0
etag: "b334c53fd76c41cc48f05e5685b2da32"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 44330

GET
H2 204 supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 30ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=d575be719c2065aeefdf2f70f7539079&sd=v2_563204d95e2a379c4ba44ff8ac4ca9ab_3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097_1683577623_1683577623_CNawjgYQ2YJdGJWmr-j_MCABKAEwODib4wlAhIoQSN3O3gNQ____________AVgAYABoqYjV2dyl_vpfcAA&ui=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&pi=/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&wi=8601374029145547675&pt=text&vi=1683577623317&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=20%3A27%3A04.019&id=9606&llvl=2&cv=20230508-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 08 May 2023 20:27:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 30ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=d575be719c2065aeefdf2f70f7539079&sd=v2_563204d95e2a379c4ba44ff8ac4ca9ab_3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097_1683577623_1683577623_CNawjgYQ2YJdGJWmr-j_MCABKAEwODib4wlAhIoQSN3O3gNQ____________AVgAYABoqYjV2dyl_vpfcAA&ui=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&pi=/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&wi=8601374029145547675&pt=text&vi=1683577623317&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1683577624020%7D&tim=20%3A27%3A04.020&id=9437&llvl=2&cv=20230508-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 08 May 2023 20:27:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 31ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=d575be719c2065aeefdf2f70f7539079&sd=v2_563204d95e2a379c4ba44ff8ac4ca9ab_3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097_1683577623_1683577623_CNawjgYQ2YJdGJWmr-j_MCABKAEwODib4wlAhIoQSN3O3gNQ____________AVgAYABoqYjV2dyl_vpfcAA&ui=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&pi=/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&wi=8601374029145547675&pt=text&vi=1683577623317&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=20%3A27%3A04.021&id=7352&llvl=2&cv=20230508-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 08 May 2023 20:27:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 31ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=d575be719c2065aeefdf2f70f7539079&sd=v2_563204d95e2a379c4ba44ff8ac4ca9ab_3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097_1683577623_1683577623_CNawjgYQ2YJdGJWmr-j_MCABKAEwODib4wlAhIoQSN3O3gNQ____________AVgAYABoqYjV2dyl_vpfcAA&ui=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&pi=/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&wi=8601374029145547675&pt=text&vi=1683577623317&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1683577624023%7D&tim=20%3A27%3A04.023&id=7841&llvl=2&cv=20230508-6-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 08 May 2023 20:27:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 225ac8178e01d02c9544635181d11e27.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
5 KB 40ms
39ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5dfb5ff7a222d0d4bae4f0e62f7a57bbbf0cd6d693e6ea1e725e350bf1c8685d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
age: 5157932
edge-cache-tag: 602328860012357606151299032710582386322,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 602328860012357606151299032710582386322,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 306
expiration: expiry-date="Fri, 31 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://dinarrecaps.com/our-blog/wednesday-night-evening-news-with-markz-10-26-2022
content-length: 4322
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100168-IAD, cache-iad-kiad7000082-IAD, cache-sna10725-LGB, cache-iad-kcgs7200086-IAD, cache-fra-eddf8230074-FRA
last-modified: Tue, 28 Feb 2023 10:16:30 GMT
server: nginx
x-timer: S1683577624.086723,VS0,VE0
etag: "1ed58bf220eddea9225be059bba0473e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 882, 2

GET
H2 206 gdetfj8uapoef9uovk9f.mp4
cdn.taboola.com/libtrc/static/video/v1679261701/ 351 KB
0 40ms
40ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1679261701/gdetfj8uapoef9uovk9f.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: vLt8qBQwpjSWOpbpRZJd.qY1SyjnMfj5
date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 varnish
x-amz-request-id: 2ZPACV4RQD8KQDTP
age: 88
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-1133441/1133442
x-amz-replication-status: COMPLETED
Content-Length: 1133442
x-amz-id-2: cN/pJqUUTOC94LM1FSSdnW2Ata8tSZ6MrYzu5U+XG11T93jwI6SIOU2g0P6gNLX9Vp2M4CpBHOY=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Sun, 19 Mar 2023 21:35:10 GMT
server: AmazonS3
x-timer: S1683577624.087177,VS0,VE1
etag: "5cdc25693b01a36bfabe5203c9f55c70"
content-type: video/mp4;codecs=avc1
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 710e2647d6b1dd0827badeb56325233f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 38ms
37ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/710e2647d6b1dd0827badeb56325233f.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7e005dd43c2718af39b6e9bf14b624e447f7943f4ec183cdb5fa810bbbbc9c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/710e2647d6b1dd0827badeb56325233f.png
age: 3045541
edge-cache-tag: 595629037177767479183546216043569688665,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 595629037177767479183546216043569688665,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 93
req-referer: https://www.schnelle-online.info/
content-length: 11704
x-request-id: fa4d83c4fc5b8fe7c1255e4a9a849e4b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100101-IAD, cache-iad-kjyo7100116-IAD, cache-lax10621-LGB, cache-iad-kiad7000156-IAD, cache-fra-eddf8230074-FRA
last-modified: Fri, 10 Mar 2023 03:16:42 GMT
server: nginx
x-timer: S1683577624.123979,VS0,VE1
etag: "acb1189ecdb2a339c81edf2f3ef43e4e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 9, 1

GET
H2 200 66482f086ab99ba9eae154465b1288da.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
6 KB 37ms
34ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66482f086ab99ba9eae154465b1288da.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c1bd5eb4d5dfaa9a98def7e5a80fe927b37c4e7c0b3e3bf6df526a05d6894e75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66482f086ab99ba9eae154465b1288da.jpeg
age: 1242663
edge-cache-tag: 474297464142718761789131574290849194387,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 474297464142718761789131574290849194387,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 146
expiration: expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://teslamag.de/
content-length: 5700
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200049-IAD, cache-iad-kcgs7200115-IAD, cache-chi-kigq8000052-CHI, cache-iad-kjyo7100150-IAD, cache-fra-eddf8230074-FRA
last-modified: Mon, 27 Mar 2023 15:46:39 GMT
server: nginx
x-timer: S1683577624.127333,VS0,VE1
etag: "3f1d5c4eb3d9e1c9655b221ed1e453a4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame B000 714 B
811 B 44ms
44ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 8096
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7c4470f74de9bbef-FRA
content-encoding: br
content-type: text/html
date: Mon, 08 May 2023 20:27:04 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BqyMiDqQ2klJ7YvGR%2FqSkFBNdbXyal6v1FJyDgf2NKQdfEZzWFqv5RhyUvyoM%2BuZZTfxqYh3tloMw2wAXmjh1dSNlg3oTI8OSZIHlRhaRmWrPU1d8aKpzYJVc65AbXMMTU78Ch5orYvSnv3Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 325ms
109ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:04 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame BA04 714 B
780 B 40ms
40ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 8096
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7c4470f75dedbbef-FRA
content-encoding: br
content-type: text/html
date: Mon, 08 May 2023 20:27:04 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2F9aTBBISiDCtWUUNQKGFXeBGUDxOc9R5LguJ0zDRoEz9aeOCsvNyqBljYLZ%2F81af8%2F1cZEeKTV%2BT%2BgM5U4%2Bh%2FumVou4UnmS6vmvydq2bVFOkIaMPVc0Eu1oF9ydPKLVHyUQeRkdaaSdvGyqPw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B000 74 KB
24 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be5858af440ee5e3da915614ed676dd8085add14c0cc28f4e6e61c1e62cc643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24899
x-xss-protection: 0
server: cafe
etag: 270 / 19485 / m202305040101 / config-hash: 15255505272217764160
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 May 2023 20:27:04 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BA04 74 KB
24 KB 186ms
185ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34daad21cf86dec76697d7975977280edfdfca5a2e5e1c5358b83668fd931570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24899
x-xss-protection: 0
server: cafe
etag: 560 / 19485 / m202305040101 / config-hash: 15255505272217764160
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 May 2023 20:27:04 GMT

GET
H/1.1 200
OK im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
700 B 162ms
36ms Script
text/javascript 2a02:26f0:3500:c::5c7b:680f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:680f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Content-Type: text/javascript
Cache-Control: public, max-age=3600, s-maxage=10800
Connection: keep-alive
Content-Length: 445

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 314ms
255ms Script
text/plain 108.138.7.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY4MzU3NzYyM18xNjgzNTc3NjI0XzBjMzg1NmQyOTUxZQ%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-20.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 May 2023 20:27:04 GMT
Via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: 3qkdbQJeX44Gw4ew6T7hAqGSLEg3FHJ2Rbx3sUObg8cU9s5x8yWXvA==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 3E76 91 KB
32 KB 196ms
152ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44edea4a5fcf5c4ab00339f28907aae2925f2febcfe6bc76b94da8658fc6641b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32282
x-xss-protection: 0
server: cafe
etag: 16114775674009101196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 08 May 2023 20:27:04 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 32C7 91 KB
32 KB 123ms
101ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

770142c691ca2a59644b397237981f056274fbe81346dd0e54e76bbab67da8f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32319
x-xss-protection: 0
server: cafe
etag: 2960920818255552884
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 08 May 2023 20:27:04 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame FC35 577 B
450 B 79ms
72ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&cmcv=&pix=undefined&cb=1683577624287&uv=3273&tms=1683577624287&abt=dfrc_vB!eidc_vB!esv_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=60ae713b-52e3-4ef8-acc8-f03543299257&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ce63ef33c684831db2c3417703df5246e51dd002277a9bc48db46dddd9ccda7f

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Mon, 08 May 2023 20:27:04 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230074-FRA
x-timer: S1683577624.303395,VS0,VE9

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 3DCA 577 B
671 B 41ms
29ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: ce63ef33c684831db2c3417703df5246e51dd002277a9bc48db46dddd9ccda7f

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 08 May 2023 20:27:04 GMT
machineid: 3406
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
787 B 83ms
76ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1683577624292&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1516&pt=-266371444&tz=0&viewable=true&ddast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=dfrc_vB!eidc_vB!esv_vA!nonrv_vA!t45!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 65b9b126401693ab7b8b544c147895ae789ca3beb7301ef362e3abb8cd5639c3

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1491
x-cache: MISS
x-served-by: cache-fra-eddf8230074-FRA
pragma: no-cache
server: nginx
x-timer: S1683577624.306553,VS0,VE54
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 41ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&cmcv=&pix=31589837&cb=1683577624287&uv=3273&tms=1683577624287&abt=dfrc_vB!eidc_vB!esv_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1683577621304.4!ts:1683577624287&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-length: 0
server: nginx

GET
H2 206 gdetfj8uapoef9uovk9f.mp4
cdn.taboola.com/libtrc/static/video/v1679261701/ 80 KB
0 23ms
23ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1679261701/gdetfj8uapoef9uovk9f.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: vLt8qBQwpjSWOpbpRZJd.qY1SyjnMfj5
date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 varnish
x-amz-request-id: 2ZPACV4RQD8KQDTP
age: 88
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-1133441/1133442
x-amz-replication-status: COMPLETED
Content-Length: 1133442
x-amz-id-2: cN/pJqUUTOC94LM1FSSdnW2Ata8tSZ6MrYzu5U+XG11T93jwI6SIOU2g0P6gNLX9Vp2M4CpBHOY=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Sun, 19 Mar 2023 21:35:10 GMT
server: AmazonS3
x-timer: S1683577624.303368,VS0,VE1
etag: "5cdc25693b01a36bfabe5203c9f55c70"
content-type: video/mp4;codecs=avc1
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3DCA 70 B
265 B 154ms
49ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 08 May 2023 20:27:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 3DCA 43 B
426 B 153ms
49ms Image
image/gif 2a05:d018:d29:3605:3da9:ce9e:b459:fe7e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:3da9:ce9e:b459:fe7e Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5738 281 B
554 B 82ms
23ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 08 May 2023 20:27:04 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/ Frame B000 403 KB
125 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77384310d4ffb3b35481ce813a3ef4f3cbcf694e8a7a58f6698c692bdf27de5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 19:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3668
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127480
x-xss-protection: 0
server: cafe
etag: 445900462459606666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 07 May 2024 19:25:56 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FC35 70 B
264 B 120ms
50ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&cmcv=&pix=undefined&cb=1683577624287&uv=3273&tms=1683577624287&abt=dfrc_vB!eidc_vB!esv_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=60ae713b-52e3-4ef8-acc8-f03543299257&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 08 May 2023 20:27:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097
pr-bh.ybp.yahoo.com/sync/taboola/ Frame FC35 43 B
425 B 120ms
51ms Image
image/gif 2a05:d018:d29:3605:3da9:ce9e:b459:fe7e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&cmcv=&pix=undefined&cb=1683577624287&uv=3273&tms=1683577624287&abt=dfrc_vB!eidc_vB!esv_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=60ae713b-52e3-4ef8-acc8-f03543299257&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:3da9:ce9e:b459:fe7e Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2882 281 B
554 B 63ms
21ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&cmcv=&pix=undefined&cb=1683577624287&uv=3273&tms=1683577624287&abt=dfrc_vB!eidc_vB!esv_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=60ae713b-52e3-4ef8-acc8-f03543299257&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 08 May 2023 20:27:04 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/32_7_3/infra/ 889 KB
147 KB 75ms
23ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_7_3/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 85e5ff190babc749440afde5ed08f9a4e3ac618462c5bf29c4af553fa38b9610

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-meta-mtime: 1683446361
date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: DBHPGYWPFVYB1XXB
age: 131130
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1683446361
x-amz-meta-mode: 33188
content-length: 149973
x-amz-id-2: 7DSDzpA8LhYT/4hYC5/gwwTfU4/Z2MnVEfZrBmNOxNqJ7PN6eyc6n5+Ra6IuLUcI1vbh6dqr4YA=
x-served-by: cache-fra-etou8220057-FRA
last-modified: Sun, 07 May 2023 07:59:22 GMT
server: AmazonS3-br
x-timer: S1683577624.438989,VS0,VE0
etag: "3fd9699c8980338e6311be9e655fc760"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 6816

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_7_3/assets/css/ 60 KB
8 KB 23ms
22ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_7_3/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-meta-mtime: 1683446379
date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 4JXS0D06V2HG7GYE
age: 131131
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1683446379
x-amz-meta-mode: 33188
content-length: 7877
x-amz-id-2: Zsu3lU8gUuPhENsgdDOodfUwVpFGn3+toM2KeiWMCBNrUiUg99L/u7Uv+BuKfA1nu3qUMkzXLf0=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Sun, 07 May 2023 07:59:40 GMT
server: AmazonS3-br
x-timer: S1683577624.386067,VS0,VE0
etag: "92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 149318

GET
H/1.1 200
OK im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 36ms
36ms Script
application/javascript 2a02:26f0:3500:c::5c7b:680f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:680f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
Content-Encoding: gzip
Date: Mon, 08 May 2023 20:27:04 GMT
Last-Modified: Fri, 21 Apr 2023 06:05:08 GMT
ETag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=10800
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2434

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305030101/ Frame 32C7 355 KB
120 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31074330

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e27fa7f715264bc5f51ef099ff96457d7e7a9ef50bcd78e5ccbd63903c985b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122337
x-xss-protection: 0
server: cafe
etag: 17148799544080655106
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 May 2023 20:27:04 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5738 34 KB
10 KB 22ms
22ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: fa85b91728df6ce768e194698261b214027dc377341f15da4f459ec5c11117cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 May 2023 15:14:07 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=67623
Connection: keep-alive
Content-Length: 10020
Expires: Tue, 09 May 2023 15:14:07 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2882 34 KB
10 KB 22ms
22ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: fa85b91728df6ce768e194698261b214027dc377341f15da4f459ec5c11117cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 May 2023 15:14:07 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=67623
Connection: keep-alive
Content-Length: 10020
Expires: Tue, 09 May 2023 15:14:07 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/ Frame BA04 403 KB
125 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77384310d4ffb3b35481ce813a3ef4f3cbcf694e8a7a58f6698c692bdf27de5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 19:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3668
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127480
x-xss-protection: 0
server: cafe
etag: 445900462459606666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 07 May 2024 19:25:56 GMT

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
180 B 316ms
261ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01GZYGQNWMCR3D0F68649FVARJ
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 2882 284 B
536 B 113ms
22ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5738 284 B
536 B 108ms
23ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B000 107 B
531 B 96ms
30ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B000 107 B
196 B 33ms
32ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B000 492 B
265 B 54ms
53ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1582365911906264&correlator=1287993008391535&eid=44790318%2C31061690&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1683577624494&lmt=1644386353&dlt=1683577624238&idt=213&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=khnrrt3b092x&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1018693961.1683577624&ga_sid=1683577624&ga_hid=334326080&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df8442ec855a7a2ec93cf771f4a05ea70618863f00bd66d38363ade83f64e5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B000 14 KB
11 KB 75ms
73ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b0f0d097c4993d6065e1b902f99e72fc3374fbc2795963e9e12bb87a124dbdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11173
x-xss-protection: 0

GET
H2 200 container.html Show response
a2c7834c0170e5cd782ac29214576d8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2B5B 6 KB
3 KB 111ms
31ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a2c7834c0170e5cd782ac29214576d8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 20:27:04 GMT
expires: Tue, 07 May 2024 20:27:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/ Frame 3E76 355 KB
119 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c78cc6bbe421e667438c99c2deade09b2c4b591155de58f0189004b32c0f8cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122157
x-xss-protection: 0
server: cafe
etag: 8689926300171492602
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 May 2023 20:27:04 GMT

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 22ms
22ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_7_3/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 3754166
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1683577625.598143,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits: 364085

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.1.6/ 438 KB
83 KB 24ms
24ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.6/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_7_3/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 3718a87766ac337a304d23998d75ffef8af5ef627158f3754169f6dd80ede1fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-meta-mtime: 1683363669
date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: DFDJRM419MYP2R4S
age: 213663
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1683363683
x-amz-meta-mode: 33188
content-length: 84548
x-amz-id-2: 0gi3MVb6CuuIwzzozeiabn8voLQCobOTAttcMrgJ8r9tcnh9dfQihPDJkGlAWOxNRuxyyM02OFI=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Sat, 06 May 2023 09:01:24 GMT
server: AmazonS3-br
x-timer: S1683577625.614797,VS0,VE0
etag: "932690c50b5cdd83942772cb40da814f"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 163753

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 939C 577 B
671 B 30ms
30ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_7_3/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: ce63ef33c684831db2c3417703df5246e51dd002277a9bc48db46dddd9ccda7f

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 08 May 2023 20:27:04 GMT
machineid: 3402
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 30ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&cmcv=&pix=31579697&cb=1683577624608&uv=3273&tms=1683577624608&su=3&abt=dfrc_vB!eidc_vB!esv_vA!nonrv_vA!t45!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-length: 0
server: nginx

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B000 17 KB
7 KB 90ms
31ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 May 2023 20:27:04 GMT

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 29ms
22ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: FRA60-P1
age: 3613978
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1683577625.655982,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: aFo3XPtUcu-k-9AV0uKFRtVm8akzQN1fEAzXYOh9CqA7dLERIrBsUg==
x-cache-hits: 780727

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 939C 70 B
264 B 50ms
49ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 08 May 2023 20:27:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 939C 43 B
425 B 48ms
48ms Image
image/gif 2a05:d018:d29:3605:3da9:ce9e:b459:fe7e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:3da9:ce9e:b459:fe7e Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1793 281 B
554 B 22ms
21ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 08 May 2023 20:27:04 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame BA04 107 B
165 B 35ms
34ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame BA04 107 B
122 B 32ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BA04 492 B
265 B 77ms
77ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3204056798889148&correlator=1824020161518901&eid=31074371%2C44789879&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1683577624677&lmt=1644386353&dlt=1683577624239&idt=408&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=q73ggtipr5s4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1057926640.1683577625&ga_sid=1683577625&ga_hid=151756772&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41cf41ecfa372170eed19c574ea84901ea24dfd094d7411d0e94451dd2fcf3e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BA04 14 KB
11 KB 74ms
74ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

172bebe6c6656fce79ef8ee0525ef7b8f19a3d81ee917e22f1fc8c5165ffab21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11126
x-xss-protection: 0

GET
H2 200 container.html Show response
177d726dc3143343d3ae16e8bf27df81.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A3E4 6 KB
3 KB 44ms
29ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://177d726dc3143343d3ae16e8bf27df81.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 20:27:04 GMT
expires: Tue, 07 May 2024 20:27:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 404 L2EvcmkteXVlLWd1YW5nLWs3dGluZy1nb25nLXlpbmcteGlhbmcteWluZy1zaG91LWJ1LWRhby0zLWNoZW4tanUta2FpLXpoYS1zdS1kdS15aW4temhlbmctYmlhbi5odG1s.json Show response
cdn.adpushup.com/42753/ 555 B
876 B 148ms
148ms XHR
text/html 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvcmkteXVlLWd1YW5nLWs3dGluZy1nb25nLXlpbmcteGlhbmcteWluZy1zaG91LWJ1LWRhby0zLWNoZW4tanUta2FpLXpoYS1zdS1kdS15aW4temhlbmctYmlhbi5odG1s.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-akamai-country: DE
date: Mon, 08 May 2023 20:27:04 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=9, origin; dur=89, ak_p; desc="467660_34650647_241901873_9835_1145_47_0";dur=1
content-length: 555
expires: Mon, 08 May 2023 21:27:04 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1793 34 KB
10 KB 24ms
24ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: fa85b91728df6ce768e194698261b214027dc377341f15da4f459ec5c11117cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 May 2023 15:14:07 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=67623
Connection: keep-alive
Content-Length: 10020
Expires: Tue, 09 May 2023 15:14:07 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 32C7 379 B
597 B 116ms
35ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31074330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

368ca5349137feeb0032e4e0091c3e21c34b9e09f8d5e68f48647bbb98f5d3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 32C7 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bg3.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 32C7 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6AA3 21 KB
9 KB 512ms
512ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683577624413&bpp=15&bdt=667&idt=279&shv=r20230504&mjsv=m202305030101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=2&ga_vid=2126600658.1683577625&ga_sid=1683577625&ga_hid=338400775&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3718&biw=1600&bih=1200&isw=336&ish=280&ifk=2206411751&scr_x=0&scr_y=0&eid=44759842%2C44773809%2C44759927%2C44759876%2C31074330%2C31074431%2C42531705%2C44788441%2C44789925&oid=2&pvsid=3050135006661982&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dj52destmvw2&btvi=1&fsb=1&dtd=338

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5c6f997935bad62c0587b271a977942a9978dab032f04f3e44ab699b19f4fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 9101
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 20:27:05 GMT
expires: Mon, 08 May 2023 20:27:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 32C7 14 KB
11 KB 76ms
75ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230504&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8065220eb39c10124f41199488379499693f803665f15a0f8add734456fff24e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11101
x-xss-protection: 0

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame D69E 495 B
664 B 856ms
283ms Document
text/html 54.249.242.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.249.242.97 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-249-242-97.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Mon, 08 May 2023 20:27:05 GMT
etag: "6458a01d-1ef"
last-modified: Mon, 08 May 2023 07:09:17 GMT
server: nginx

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BA04 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 May 2023 20:27:04 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1793 284 B
536 B 25ms
24ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 3E76 379 B
317 B 79ms
44ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29ece969763da407f7fd2c061ca2b2ca14a4b2abf23a6084660750e5ed3d62bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3E76 107 B
122 B 38ms
38ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bg3.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3E76 107 B
122 B 37ms
37ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F0A5 29 KB
13 KB 559ms
558ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55ac44af16963b4aac8085e41039e5bffafb65c04caf4bbee575ae44abeaf1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13224
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 20:27:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3E76 14 KB
11 KB 71ms
71ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230504&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbd7b4e8b348e75dfec7e701491e787028c171c8e37cec59a484f4d63a170cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11051
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C2F1 13 KB
5 KB 23ms
23ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3666
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 19:25:58 GMT
expires: Tue, 07 May 2024 19:25:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C7AD 783 B
1 KB 82ms
31ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7b0c70ff28ca35cf1717500ae231dd4a7924f2d9d03d01778bc6e8fef74de87f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hFsvnaj_coa3AFUxw6lqrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-hFsvnaj_coa3AFUxw6lqrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 20:27:04 GMT
expires: Mon, 08 May 2023 20:27:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CD33 13 KB
5 KB 24ms
23ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3666
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 19:25:58 GMT
expires: Tue, 07 May 2024 19:25:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E72A 783 B
739 B 81ms
33ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8c676e17e7663cea0cd0f0cbcb599b72929d94acccd9a9d27d682bff57ccf2b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0q0EOkm30cb_3jDIepkaLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-0q0EOkm30cb_3jDIepkaLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 20:27:04 GMT
expires: Mon, 08 May 2023 20:27:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 32C7 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 May 2023 20:27:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
80 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b10529211bd9c2d04ac1644fb6ffef760f5f5d0276ccbf45d2599b383cd6ad4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81965
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 May 2023 20:27:04 GMT

GET
H3 200 WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js Show response
pagead2.googlesyndication.com/bg/ Frame C2F1 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 12:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14616
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 May 2024 12:58:49 GMT

GET
H3 200 WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js Show response
pagead2.googlesyndication.com/bg/ Frame CD33 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 12:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14616
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 May 2024 12:58:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C368 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3666
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 19:25:58 GMT
expires: Tue, 07 May 2024 19:25:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BE2F 783 B
737 B 33ms
32ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2d7953b8c3575a0f9b1f66339a1f427ef851fe88447e931eacd03ec95405657f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-shHoOUg_qPEIW-qQGpP8QA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-shHoOUg_qPEIW-qQGpP8QA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 20:27:04 GMT
expires: Mon, 08 May 2023 20:27:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3E76 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 May 2023 20:27:04 GMT

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
303 B 56ms
56ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=12
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230508-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 12
pragma: no-cache
date: Mon, 08 May 2023 20:27:04 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230074-FRA
server: nginx
x-timer: S1683577625.986907,VS0,VE12
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.bg3.co
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C7AD 0
0 56ms
55ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305040101&jk=1582365911906264&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E72A 0
0 89ms
89ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305040101&jk=3204056798889148&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DA9A 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3666
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 19:25:58 GMT
expires: Tue, 07 May 2024 19:25:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C493 783 B
761 B 31ms
30ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5ab1122b7b2e08792e2aec20b0759835b0b9e6bd63c2a52a4e16114214c60281

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-u-donSuMqA1dcUegXaXZHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-u-donSuMqA1dcUegXaXZHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 20:27:05 GMT
expires: Mon, 08 May 2023 20:27:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BE2F 0
0 56ms
56ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230504&jk=3050135006661982&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 200 WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js Show response
pagead2.googlesyndication.com/bg/ Frame C368 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 12:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14616
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 May 2024 12:58:49 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 79ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3530&_p=5040&cid=1892113472.1683577625&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683577625&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&dt=%E6%97%A5%E6%9C%88%E5%85%89K7%E5%81%9C%E5%B7%A5%E5%BD%B1%E9%9F%BF%E7%87%9F%E6%94%B6%E4%B8%8D%E5%88%B03%25%E3%80%80%E9%99%B3%E8%8F%8A%E9%96%8B%E9%8D%98%E9%80%9F%E5%BA%A6%E5%BC%95%E7%88%AD%E8%BE%AF%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
757 B 23ms
23ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Mon, 08 May 2023 20:27:05 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 21654
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1683577625.040825,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 7646

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C2F1 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?u-m-Yg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CD33 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9CejpA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C493 0
0 55ms
55ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230504&jk=14120132055281&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 200 WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js Show response
pagead2.googlesyndication.com/bg/ Frame DA9A 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 12:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14616
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 May 2024 12:58:49 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C368 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fLNjlg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DA9A 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XPCKSw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A44D 624 B
242 B 64ms
63ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjs8rHlATAB&v=APEucNUrFegtp8WnRQLySztFtRVsAdTSQkyp-5IrKnJiFm7S-vyP6UCi4XzLmQv6CpYjt-X7RiKQmZqsNdF20yUkPqeWCiq07Cev51DDLaZw2bntP9JMxz_aRvMytpZwk5FDjyosxy_inaouvjt2wQW9DL6cmNudC65L90Zu_ZBl-_6nRcJ2PwM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683577624413&bpp=15&bdt=667&idt=279&shv=r20230504&mjsv=m202305030101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=2&ga_vid=2126600658.1683577625&ga_sid=1683577625&ga_hid=338400775&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3718&biw=1600&bih=1200&isw=336&ish=280&ifk=2206411751&scr_x=0&scr_y=0&eid=44759842%2C44773809%2C44759927%2C44759876%2C31074330%2C31074431%2C42531705%2C44788441%2C44789925&oid=2&pvsid=3050135006661982&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dj52destmvw2&btvi=1&fsb=1&dtd=338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683577624413&bpp=15&bdt=667&idt=279&shv=r20230504&mjsv=m202305030101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=2&ga_vid=2126600658.1683577625&ga_sid=1683577625&ga_hid=338400775&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3718&biw=1600&bih=1200&isw=336&ish=280&ifk=2206411751&scr_x=0&scr_y=0&eid=44759842%2C44773809%2C44759927%2C44759876%2C31074330%2C31074431%2C42531705%2C44788441%2C44789925&oid=2&pvsid=3050135006661982&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dj52destmvw2&btvi=1&fsb=1&dtd=338
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 20:27:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2E2C 78 KB
27 KB 128ms
128ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 08 May 2023 20:27:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 2E2C 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 14:39:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 May 2023 14:39:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 2E2C 19 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 14:39:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 8677084837583379376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 May 2023 14:39:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2E2C 0
0 30ms
29ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSjB_CA54pSlfLoLR8CbOtjir3cp_FgZdsYbTrkCD2Elpg542rl_iOkpBPsf-2KtTyhX3bqajuwDQrQZVelDQIKqvHerA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683577624413&bpp=15&bdt=667&idt=279&shv=r20230504&mjsv=m202305030101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=2&ga_vid=2126600658.1683577625&ga_sid=1683577625&ga_hid=338400775&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3718&biw=1600&bih=1200&isw=336&ish=280&ifk=2206411751&scr_x=0&scr_y=0&eid=44759842%2C44773809%2C44759927%2C44759876%2C31074330%2C31074431%2C42531705%2C44788441%2C44789925&oid=2&pvsid=3050135006661982&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dj52destmvw2&btvi=1&fsb=1&dtd=338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E2C 169 KB
53 KB 97ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53484
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683228402947650"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 May 2023 20:27:05 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E2C 42 B
63 B 56ms
55ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CGgV-9pjrEC_v9xhN1zd-iBuz54MVZ6j4tZjVvYljQS8YTkkTe15uSKHmTGtvK0z4f5HqAZakIbBqeKOzMcTDTHX9oF9bkDeSfJBIQ0PFh2eIpOhU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E2C 0
20 B 92ms
91ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3517467869212796398&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A44D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvcIaf9UxIM9PT_PBejmtc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvcIaf9UxIM9PT_PBejmtc&google_cver=1&C=1

43 B
766 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvcIaf9UxIM9PT_PBejmtc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjs8rHlATAB&v=APEucNUrFegtp8WnRQLySztFtRVsAdTSQkyp-5IrKnJiFm7S-vyP6UCi4XzLmQv6CpYjt-X7RiKQmZqsNdF20yUkPqeWCiq07Cev51DDLaZw2bntP9JMxz_aRvMytpZwk5FDjyosxy_inaouvjt2wQW9DL6cmNudC65L90Zu_ZBl-_6nRcJ2PwM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 May 2023 20:27:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 08 May 2023 20:27:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEPvcIaf9UxIM9PT_PBejmtc&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A44D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFlbGWHiat0qAc-1amvx-AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvcIaf9UxIM9PT_PBejmtc&google_cver=1

43 B
766 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvcIaf9UxIM9PT_PBejmtc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjs8rHlATAB&v=APEucNUrFegtp8WnRQLySztFtRVsAdTSQkyp-5IrKnJiFm7S-vyP6UCi4XzLmQv6CpYjt-X7RiKQmZqsNdF20yUkPqeWCiq07Cev51DDLaZw2bntP9JMxz_aRvMytpZwk5FDjyosxy_inaouvjt2wQW9DL6cmNudC65L90Zu_ZBl-_6nRcJ2PwM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 May 2023 20:27:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvcIaf9UxIM9PT_PBejmtc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A44D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBnIQi0UUzudr4CVVb-ZRXg&google_cver=1

43 B
1 KB

28ms
28ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBnIQi0UUzudr4CVVb-ZRXg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjs8rHlATAB&v=APEucNUrFegtp8WnRQLySztFtRVsAdTSQkyp-5IrKnJiFm7S-vyP6UCi4XzLmQv6CpYjt-X7RiKQmZqsNdF20yUkPqeWCiq07Cev51DDLaZw2bntP9JMxz_aRvMytpZwk5FDjyosxy_inaouvjt2wQW9DL6cmNudC65L90Zu_ZBl-_6nRcJ2PwM

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 May 2023 20:27:05 GMT
AN-X-Request-Uuid: ebec0f49-e441-49d9-97db-4295eca87636
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBnIQi0UUzudr4CVVb-ZRXg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A44D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkwMTM0NzgxODczMzExMTYxMA%3D%3D

170 B
243 B

34ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkwMTM0NzgxODczMzExMTYxMA%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 08 May 2023 20:27:05 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: fdb7ef77-3ac5-472d-ab25-c8f79fc61b57
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkwMTM0NzgxODczMzExMTYxMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame F0A5 3 KB
2 KB 794ms
597ms Script
application/x-javascript 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdNeVlqRTNPREV0WTJNMFlTMHhOVE14TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMTUxOTk0NTI4OTQxODg1ODUvNjYyMjMyOC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LS1pS0h3R184RjI0RURTbmpOODEycy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTE1MTk5NDUyODk0MTg4NTg1L2hrZy8wLzUwMC85My85OTkvMzIyLzIwMDE6MWI2MDoxMDEwOjovMC4wMDAvMTY4MzU3NzYyNS8xNjgzNjAxNjI1LzQvcHViLTQ0ODUyMzk0MjU5MjQ3ODcv/WGtQ0J0Fi4J_tvwq59mYW3LUhFs&nodeid=3358&group=hkg&auctionid=4115199452894188585&pbs_auctionid=4115199452894188585&shardkey=4115199452894188585&sid=4562306&cid=6622328&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.105&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvy_GFtZZM3KOp6Rpt8Pr4GPsA3Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBJoCT9ACQTGdB5hT6YMklfAdkNbm1Gxcrbz7--Sco6Cbe8EMfBaQPs1BHKqZ6TMJ3uHD8aLCxAr_TfIIvgJ4CKEFbFN8duPHPUPl1ktm61z3y9wGnv-zh3D-Fspai9W8R1Fg-4710v72-_2ya04DPyzxuf_L26NiFpY9quISAXAUM8CXlz0sBuaoH0N0yOIGfPxYKim1m5vftdiDhXMk0BmK1Q_ZkXFJSwvW1uBF1vgeGHIUcYdUe0xJJQDe9s2YEb76kRGsBg7lz4Y9-6206yVlXOm9MQ3TGNm3onJylT6VukGaiQQNk5x6m5028UhalUOU4rA-W6GiItcXXjddM07J4iXhiTJ7NEcrqJ6S5m4ub4ovPkx9OnMCTfGRgAbJkfea2dCvrdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_27mxvmS9yBySnFwexUwStPCp_JnA%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.387.0 /
Resource Hash: bacf6f3aee8b3884c0b9c467be978195118cb00e3c99e343d90d19db71be5394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:06 GMT
x-mm-nodeid: 3358
Content-Encoding: gzip
x-mm-bid-request-time: 1683577625
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Mon, 08 May 2023 20:27:05 GMT
Server: MMBD/3.387.0
x-mm-latency: 504 (1)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: zrh-router-x76, hkg-bidder-x117
x-mm-lag: 0
Expires: Mon, 08 May 2023 20:27:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame F0A5 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 14:39:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 May 2023 14:39:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame F0A5 19 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 14:39:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 8677084837583379376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 May 2023 14:39:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F0A5 0
0 30ms
29ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQceFaXNkjDx-Pf7UnvHrLwHPZTX8ITZ1rBLjpnaODpXnCgJSP0IbonpuFm9KFXIZSdDNDlo-b3rlSF5UEkkoMcBDYFQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0A5 169 KB
52 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53484
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683228402947650"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 May 2023 20:27:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F0A5 0
0 66ms
66ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPlYNGFtZZM3KOp6Rpt8Pr4GPsA3Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBJcCT9ACQTGdB5hT6YMklfAdkNbm1Gxcrbz7--Sco6Cbe8EMfBaQPs1BHKqZ6TMJ3uHD8aLCxAr_TfIIvgJ4CKEFbFN8duPHPUPl1ktm61z3y9wGnv-zh3D-Fspai9W8R1Fg-4710v72-_2ya04DPyzxuf_L26NiFpY9quISAXAUM8CXlz0sBuaoH0N0yOIGfPxYKim1m5vftdiDhXMk0BmK1Q_ZkXFJSwvW1uBF1vgeGHIUcYdUe0xJJQDe9s2YEb76kRGsBg7lz4Y9-6206yVlXOm9MQ3TGNm3onJylT6VukGaiQQNk5x6m5028UhalUOU4vI8ejMOnnMQ05MVmJaJTdX8nTjHPmkzSSNSpsHUzpQDJuLkhnSPgAbJkfea2dCvrdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=vyk_LE-4jf4&uach_m=[UACH]&cid=CAQSKQBygQiD8EZEKvyJl1H8bImhbweD4mIHTQUK1Wks5oQMbWG0xR8H2CQxGAE&tpd=AGWhJmul5N5jJBnqpugeYNxqXjcL_T-Ii7DGXpK0QUgtYUeap5oD5kXR5MrY4b8Bm3VUeUfgkzV2ImFF1x06aTLtYsvBhH3Ni5CjM6VbXSXR3gYpO8lu7I0XUYjLUL7ebK-nWYaJ-ovfiv-DJgRPHP8cu3sOp0ds51ebldCwYljiNBBU_IDctF3oNOtSnIKDOnj8ZG9laNAwP_C8uQ7wKOVwfhkRmTspQLkHrzfptKLbNsiO7smmZqinf2TKh4l8edML1MnC_BdQXkWcF16B9oo3OiCQP9X3N4X89fglU31QXmEIczf4wQEoQZwjceU_8avaqEIDADZbL8BPgvVoIi_b7u5iEl6LPJEhHmjKPKMfvBjpfojYWrrVBVgLb86SwSs2EQxAfaQ3C7MQUnwgxkFHDVtlygF3CwAZZCaHaLTFytHhbetB3BVzP5oyw1tIckrgVQZTsZYD6S11kteNgXpjJGSiyo4e1t_OlZyj6NWD2kJDp31B6AC--6C-PrUjoLoy6t2amVVpBcO1X57RC61uYG9oWolI41jL6RqEcEwW_2WdViMtMMESOcx9uBdPmwV5QkGK55AD9UDTfXL9eTuJafFEs7BVG9myAyG8csK25nDKtqsog46Lsqu_wfA9_vJ1nSagXLQZ7NNadEg4gjYc5nxa-H1ufane7_cy6R8FlQv1AUmxxkho-I4THYGaLM4Fuy_2ZdSYSfBMUQhY3VAby-3yXIW_DQJXD8wXS2nTIzQeIFrpMsWEsH4WiLuehO70uSAprjVb4cxBGrNQdAXU1neuwct-t-7RX7s1UiCqS3Oaxs9egxGfiw6P_gMRKeNOLnRgOVpViC7JTQGDjN2IIwOj5uVDDsy2NHF_rP8MUEADzymqOc0GFW8gn9Aqkd2v3MNir4hTqpKMhtNjUBuwLdQ_lUZFGTTSS4y_CHaOqkBC2pTgsgGzeKIfsC3NScudGWx7RAg_eNZjsM_DgMAYxp3SyK5E_bdgKFcsC4C6e0HqFSjTzPWmt33DLXFxjHIn5D7uCvWfWVRh5S2S2CkRJ2hhWnDxG4jyo4b1-EV8V5hMwxeHZWPEjUJprpLlfI-QytCUNhkVFTC1OQxOLrv4HUJJ6Uo3LEVRZT3UwQ1Xm3myg09UhZOcGk6f

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 May 2023 20:27:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E2C 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3876452470165&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E2C 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3876452470165&version=m202301230201&ct=76&x=1&cor=3517467869212796400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2E2C 83 KB
35 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADmkVI017FdUmzT7RX-41lNzLCMj0VtpF3wbDdVN4tN75NfaSIhCywZjOsvQ9F6rNTEgWU9auNMHPpIzR1iPmRomkE8y4gtqDLsgSTi3azSF60RclxOOZj_OhVMyEgMlTv3jrz-43tNUZxCfH9PEuGdQE__3HyVn540mOgIuaGiKW2fec&dbm_d=AKAmf-A7pJBOr3HvF_0Hen1tfFldnAd8sydVNsD2Juo-reOTStWRjkmSptzPHf6tx4lQpvBcn8I8xXDWeCGkDXnwpzTGI2APhFO_oRZqOkTnsyoDQIT0UTydrlwtCzT6MQY8syWuWJ0iEcX0qZBhqVyGHdk3VwKSgMhuPdhMadWJuAy_nacU1uDoFFWlhpXEK0y-QInCc6EmTR8RHcguF9IiOoymme-6fI46jIoGzx1bNXKlPs7NTJnfK1YijnV6wASKh2fxry38fI4HPjDgwTaVQsGJNrpyG2FmbD-4FXHzI5iiy9210UyL2ODjEnNKGvyz9XIfEiQBdSuC26BVtSckFyC_xqCLCNlVYg8lt0yUCa436j6zPJ7QcVstu2UptICtiyxZWVvqqw5HXEqDuC7tVnkrolxtYSDTDS6S094XhyQlYakSvhtRhfzuSXdDBg3Z78TP68EpktTJXG8vp8P3UOtoRXt1YhaBN-YWP3OGaseiIhflwG3Mj67T-y7nROklCt7l6cLpeI7N1m-QiVsIkVXabDkrx5138PVV1Rc541BnNtmiuyILPmFhj1vuqK262D6WADwJ4LmLTWx-7SvYXpuLj5zKmX8deUQ3AMqb6ZPLUuB4aCo4LVRYzjkm0TcOYDL4N-qAWLtR7DWHaHAQUqEoKJ0CsXnrgHMW1qgIGY5FiXW2XvQDnEgsUcbjtUtEIMRCuXNToj7MxlyrrfeM6Fq0thSjCl_Sb49n16A7EwbTCoBbaUN5ADMnqMkwNwi_NXzY8hq4_g8EBYkuFv0G1MiJqAuaVNC_rwuNZHQZ9F6zN6bF88eT7QryNy2JPCBIT-Zg0xGz-lIS3V3P0yOHNzqwbcVUA5FOqqDQ1mGvY_FBepeYA23C66A6TleqJOfK-t-fGRRwHKXqHeFp5v_6EtFu461dxuPf2rs7onU2mjPxcblQqxDQnIoEMAInUqXtxMWpCEsEOrkz7H5drbwWcQcbEXQAjnDrAJ8ZE4CImGL9blJET17FSDEs8FVB6Z58Ypl1hmy9kQx2gUB2x-qpm_AuDgLKCHXPK_jYHkzu76V9-SDn7_R2iTQY6xwM4ITxH2l80I6Y_yBDTJMUatneEMBxmHWlZPFyHdxksc97zcNBgSmyeo077KcCUwuGRmfyZAwnxmeJ9wFLZ5grHGlbR22I6czDSqOzeNfzZVJjKDsw_VzItpzm0XijDCs8OsQM822UZlPSbeOGJ2C3bLhhF3RPpVx0I2gfmDuqQfctnqRsBp78gk2KGS1CimDQlT5Kkc3QzpzrRp3T5Qa982hEsD8wZ9xmB-G2sE3oG-IVi9-jmwI6A_zmEYFnQB0vKT7htHsILCn97Y2fERUi6oSr280byIwAMuBW-PuSq0INTC2Ev0Z5IN7YGNJpH98h9APt68pfMlFEBOFTjdxdA_Z0d3H56ohDCreb5II4di73HSDeipyB-pmk-MimcZBJpM9m-wWtOU3o7M_IFwXylriMewnA7F8YcYZYksEaU_ids9SloMOvTM393ppRVSUllI-eucXa_SOUq7mDWM-FnwEpoYq3Ucb-r7Fm91NOZ7Ql8uyA-5NeYaP5jKePsYvRINKY9OsSZzpEertWCeT_SyAKIiTvdOMWBsUCgy2IOoGTkP8sOI1aptivwtmpT4TzpV9kF_Sa8N-O6ALVwoiB2DiHUmOS3LUB4TJOdSQZEUc-MmWqpnh5hTivnedfmUUoOUZIUMBEqmgD0jDYUHCmVMLAeum27KdJe5ki-n3yhF8UEz1LynFPwdlOg91sVdUpr_7cgHENpkItcOm9pptiaEo1I64cQoS9qs9K9AamdTRVV8urnEJclrJwnAgSxUbLmWRWyYhVCiWJ3RYsV_oIp4YNnSbQ6jmBi6tI0AgPJnslas-KP3GRfMU4hdx75EP4lDt7f1NeR7vBzLl9TnQsCJ8I1B2u6EPxaIDrd2k2lJgp2ZZ_i80uMMWQml4bG4b05no2uiBU3Fp3xjzyyWQcGcJL2sW1dUVen2dEtKGRI5oxzZfrxD2O1SkfOO5nVpZS6ydIlnA4EbgDo4kt4TWzYDZ_Jf7oo82QCs44vXotBJ6XOzI3V33_1z3y9pAsgoPHCkZzfJ-uNCr77F5SjRU5Fk9IbHiLsL9rigc8Xt4K6SRfHT6A0b52TwNA8QKFhwo_B6z1G9Xt6UTev9Pj9i-F1aRDVr2kgYybHcnJE7LJmR0Fdakb3IFdGA6k8_XY8ZsWb6Vrg5qTLk6vHVsZJ6CNGhsUk576uHJb83tSiz3E8g8UkRsXGxSdleNbt2kFDQ0mIM8vLVIk0-Vh3_Kffm3Nn3idPCypdrWtgGVPzLoHeUFoaIqonVeB8kraBSH4XRh9E90EV82-FryjrtTeAC2MSlU-EvShgziNwiaHOllvseTPQ7jYTzFXhBbhrs2KW_NTlUdGssfQ-7anSVSP0_tlUVnG8GsQtnXizOLXFCdCQTRuuK9gRDmGfbfhOQBk-noY7Fj6Z8h00tMhlO571Jh5UYZGiCwUJq3XHujoXOg1PW6uL4cJee0JoVgLjCIHksAj9Seza3B3pc2quk4sRzRL0bvw921_3ybMjeO9IKtUQ4AyPWtSiwA4PzD7fP5KgVvMFdBTo47O7uBYyCEiYrAp1a0E5OMuyQ9QPXYGi_o6XEvNw2tTvd9vvwCSAp1RdNht-xsra5Jk6FYbMhWPPNxrCo-rEtgsYgt2JKPVsrzvbz467qcMi4s6F-bTYB1cuEn9pgdFp72ImqyyAx6jCW46m7lhdf408W7GueOWLYvNTy-2SH1EtqvFtdWseo6V0mXa36i3378AjmGpXu3cfhY4XHFcsn_83pNBoc4KGJDPd1mvWrnjCQ_gWc8VrwkJGLWV_sGEKu1w4qyLGilMCC12bKOu1Wt1tlzQQ69oHvgxMn1Yz93eb3UFtG6WrKkKUM8daTs1Q1VodRaxUb0uM63fIcZibKAT9HDQfgs1m3EDbnswi7O0J4GKTjw4QJWTG5BOh9EFy_3ff81WrrvTCunZwI8tGYLUQHE3bnJPGAPsDkxpVxmc1Tj0MaOmQlR3ELgVW3VxxocQ_VZf6dQX_S7lxVrf8cfCFkThj42A2q7mS5ocCe2TKNFqzyVl3efsN07S4G2VZ4VLFq7yf7ed-Mpa5JMgPdlu46Jojyb2wshVcxCFr2ZuxYYu3u2y3DXLtiPdWSE7fFk27GoacX8cuovYtOjwDuk0BPF9WnxuGDnPNZVQXFkpZ2yH8fNKv4k3SoH-si_GjoI82YCY&cid=CAQSKQBygQiDz6b2pG7Tmlc9dWk4Y7QabwgWqSzdrdq4tOXml_cP5XobbnE_GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=3517467869212796400&adk=1626895633&idt=159&cac=0&dtd=33

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f932f790da0c6b080ad7f3fdaf34469d78f7fd16290536e42f91e17b2535ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683577624413&bpp=15&bdt=667&idt=279&shv=r20230504&mjsv=m202305030101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=2&ga_vid=2126600658.1683577625&ga_sid=1683577625&ga_hid=338400775&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3718&biw=1600&bih=1200&isw=336&ish=280&ifk=2206411751&scr_x=0&scr_y=0&eid=44759842%2C44773809%2C44759927%2C44759876%2C31074330%2C31074431%2C42531705%2C44788441%2C44789925&oid=2&pvsid=3050135006661982&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dj52destmvw2&btvi=1&fsb=1&dtd=338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35777
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2E2C 170 KB
59 KB 89ms
22ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 11:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 May 2023 11:36:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/elements/html/ Frame 2E2C 11 KB
4 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADmkVI017FdUmzT7RX-41lNzLCMj0VtpF3wbDdVN4tN75NfaSIhCywZjOsvQ9F6rNTEgWU9auNMHPpIzR1iPmRomkE8y4gtqDLsgSTi3azSF60RclxOOZj_OhVMyEgMlTv3jrz-43tNUZxCfH9PEuGdQE__3HyVn540mOgIuaGiKW2fec&dbm_d=AKAmf-A7pJBOr3HvF_0Hen1tfFldnAd8sydVNsD2Juo-reOTStWRjkmSptzPHf6tx4lQpvBcn8I8xXDWeCGkDXnwpzTGI2APhFO_oRZqOkTnsyoDQIT0UTydrlwtCzT6MQY8syWuWJ0iEcX0qZBhqVyGHdk3VwKSgMhuPdhMadWJuAy_nacU1uDoFFWlhpXEK0y-QInCc6EmTR8RHcguF9IiOoymme-6fI46jIoGzx1bNXKlPs7NTJnfK1YijnV6wASKh2fxry38fI4HPjDgwTaVQsGJNrpyG2FmbD-4FXHzI5iiy9210UyL2ODjEnNKGvyz9XIfEiQBdSuC26BVtSckFyC_xqCLCNlVYg8lt0yUCa436j6zPJ7QcVstu2UptICtiyxZWVvqqw5HXEqDuC7tVnkrolxtYSDTDS6S094XhyQlYakSvhtRhfzuSXdDBg3Z78TP68EpktTJXG8vp8P3UOtoRXt1YhaBN-YWP3OGaseiIhflwG3Mj67T-y7nROklCt7l6cLpeI7N1m-QiVsIkVXabDkrx5138PVV1Rc541BnNtmiuyILPmFhj1vuqK262D6WADwJ4LmLTWx-7SvYXpuLj5zKmX8deUQ3AMqb6ZPLUuB4aCo4LVRYzjkm0TcOYDL4N-qAWLtR7DWHaHAQUqEoKJ0CsXnrgHMW1qgIGY5FiXW2XvQDnEgsUcbjtUtEIMRCuXNToj7MxlyrrfeM6Fq0thSjCl_Sb49n16A7EwbTCoBbaUN5ADMnqMkwNwi_NXzY8hq4_g8EBYkuFv0G1MiJqAuaVNC_rwuNZHQZ9F6zN6bF88eT7QryNy2JPCBIT-Zg0xGz-lIS3V3P0yOHNzqwbcVUA5FOqqDQ1mGvY_FBepeYA23C66A6TleqJOfK-t-fGRRwHKXqHeFp5v_6EtFu461dxuPf2rs7onU2mjPxcblQqxDQnIoEMAInUqXtxMWpCEsEOrkz7H5drbwWcQcbEXQAjnDrAJ8ZE4CImGL9blJET17FSDEs8FVB6Z58Ypl1hmy9kQx2gUB2x-qpm_AuDgLKCHXPK_jYHkzu76V9-SDn7_R2iTQY6xwM4ITxH2l80I6Y_yBDTJMUatneEMBxmHWlZPFyHdxksc97zcNBgSmyeo077KcCUwuGRmfyZAwnxmeJ9wFLZ5grHGlbR22I6czDSqOzeNfzZVJjKDsw_VzItpzm0XijDCs8OsQM822UZlPSbeOGJ2C3bLhhF3RPpVx0I2gfmDuqQfctnqRsBp78gk2KGS1CimDQlT5Kkc3QzpzrRp3T5Qa982hEsD8wZ9xmB-G2sE3oG-IVi9-jmwI6A_zmEYFnQB0vKT7htHsILCn97Y2fERUi6oSr280byIwAMuBW-PuSq0INTC2Ev0Z5IN7YGNJpH98h9APt68pfMlFEBOFTjdxdA_Z0d3H56ohDCreb5II4di73HSDeipyB-pmk-MimcZBJpM9m-wWtOU3o7M_IFwXylriMewnA7F8YcYZYksEaU_ids9SloMOvTM393ppRVSUllI-eucXa_SOUq7mDWM-FnwEpoYq3Ucb-r7Fm91NOZ7Ql8uyA-5NeYaP5jKePsYvRINKY9OsSZzpEertWCeT_SyAKIiTvdOMWBsUCgy2IOoGTkP8sOI1aptivwtmpT4TzpV9kF_Sa8N-O6ALVwoiB2DiHUmOS3LUB4TJOdSQZEUc-MmWqpnh5hTivnedfmUUoOUZIUMBEqmgD0jDYUHCmVMLAeum27KdJe5ki-n3yhF8UEz1LynFPwdlOg91sVdUpr_7cgHENpkItcOm9pptiaEo1I64cQoS9qs9K9AamdTRVV8urnEJclrJwnAgSxUbLmWRWyYhVCiWJ3RYsV_oIp4YNnSbQ6jmBi6tI0AgPJnslas-KP3GRfMU4hdx75EP4lDt7f1NeR7vBzLl9TnQsCJ8I1B2u6EPxaIDrd2k2lJgp2ZZ_i80uMMWQml4bG4b05no2uiBU3Fp3xjzyyWQcGcJL2sW1dUVen2dEtKGRI5oxzZfrxD2O1SkfOO5nVpZS6ydIlnA4EbgDo4kt4TWzYDZ_Jf7oo82QCs44vXotBJ6XOzI3V33_1z3y9pAsgoPHCkZzfJ-uNCr77F5SjRU5Fk9IbHiLsL9rigc8Xt4K6SRfHT6A0b52TwNA8QKFhwo_B6z1G9Xt6UTev9Pj9i-F1aRDVr2kgYybHcnJE7LJmR0Fdakb3IFdGA6k8_XY8ZsWb6Vrg5qTLk6vHVsZJ6CNGhsUk576uHJb83tSiz3E8g8UkRsXGxSdleNbt2kFDQ0mIM8vLVIk0-Vh3_Kffm3Nn3idPCypdrWtgGVPzLoHeUFoaIqonVeB8kraBSH4XRh9E90EV82-FryjrtTeAC2MSlU-EvShgziNwiaHOllvseTPQ7jYTzFXhBbhrs2KW_NTlUdGssfQ-7anSVSP0_tlUVnG8GsQtnXizOLXFCdCQTRuuK9gRDmGfbfhOQBk-noY7Fj6Z8h00tMhlO571Jh5UYZGiCwUJq3XHujoXOg1PW6uL4cJee0JoVgLjCIHksAj9Seza3B3pc2quk4sRzRL0bvw921_3ybMjeO9IKtUQ4AyPWtSiwA4PzD7fP5KgVvMFdBTo47O7uBYyCEiYrAp1a0E5OMuyQ9QPXYGi_o6XEvNw2tTvd9vvwCSAp1RdNht-xsra5Jk6FYbMhWPPNxrCo-rEtgsYgt2JKPVsrzvbz467qcMi4s6F-bTYB1cuEn9pgdFp72ImqyyAx6jCW46m7lhdf408W7GueOWLYvNTy-2SH1EtqvFtdWseo6V0mXa36i3378AjmGpXu3cfhY4XHFcsn_83pNBoc4KGJDPd1mvWrnjCQ_gWc8VrwkJGLWV_sGEKu1w4qyLGilMCC12bKOu1Wt1tlzQQ69oHvgxMn1Yz93eb3UFtG6WrKkKUM8daTs1Q1VodRaxUb0uM63fIcZibKAT9HDQfgs1m3EDbnswi7O0J4GKTjw4QJWTG5BOh9EFy_3ff81WrrvTCunZwI8tGYLUQHE3bnJPGAPsDkxpVxmc1Tj0MaOmQlR3ELgVW3VxxocQ_VZf6dQX_S7lxVrf8cfCFkThj42A2q7mS5ocCe2TKNFqzyVl3efsN07S4G2VZ4VLFq7yf7ed-Mpa5JMgPdlu46Jojyb2wshVcxCFr2ZuxYYu3u2y3DXLtiPdWSE7fFk27GoacX8cuovYtOjwDuk0BPF9WnxuGDnPNZVQXFkpZ2yH8fNKv4k3SoH-si_GjoI82YCY&cid=CAQSKQBygQiDz6b2pG7Tmlc9dWk4Y7QabwgWqSzdrdq4tOXml_cP5XobbnE_GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=3517467869212796400&adk=1626895633&idt=159&cac=0&dtd=33

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 14:48:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 May 2023 14:48:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/ Frame 2E2C 28 KB
11 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c637f20aa2c06194694dfbdce826e0c2dc27be6768a7f796c9196e35e67e6c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 14:43:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10900
x-xss-protection: 0
server: cafe
etag: 15736755800806341048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 May 2023 14:43:48 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2E2C 41 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 19:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 19:45:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AA1C 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 19:00:25 GMT
etag: 48472445140208031
expires: Tue, 09 May 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2E2C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f865c6f7723b310a2b684d3f341e91d5bf7b6a7e7aed5e91a745477a28802de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame AA1C 35 B
362 B 24ms
22ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENMGZ3fwMT5o3XPSJoZMa-4&google_cver=1&google_push=ATf1kGNXBw3-im0VLgcVFC_nsAXiifjNo8cHkfi6QZlnio4sNk4iM8BO3qpL15kkjUDSFE5fgfWwEvZladTAiWrzyzU-U4j5dyjgVw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame AA1C 0
104 B 229ms
74ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHj3sW6tgv_Pii_bZm00IG4&google_cver=1&google_push=ATf1kGPuuqEvM4Tb9RkX5gwlAlcmg5F9wyJR30bncwU9-8qSJk6_0iJVSBiQW1e8kUI_m13MBEg1RBxF3MAjamwP-pgPaQBx7h0yCA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683577624413&bpp=15&bdt=667&idt=279&shv=r20230504&mjsv=m202305030101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=2&ga_vid=2126600658.1683577625&ga_sid=1683577625&ga_hid=338400775&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3718&biw=1600&bih=1200&isw=336&ish=280&ifk=2206411751&scr_x=0&scr_y=0&eid=44759842%2C44773809%2C44759927%2C44759876%2C31074330%2C31074431%2C42531705%2C44788441%2C44789925&oid=2&pvsid=3050135006661982&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dj52destmvw2&btvi=1&fsb=1&dtd=338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA1C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECJAnYd9HFXs35XwtDS6krk&google_cver=1&google_push=ATf1kGO_Mqsddav_e4CgpDxFJkilUO526kZzJq4icG-m0X0asjk744QjqVeKASaIjjkDDzz_JC1KechELTiFjrvL...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO_Mqsddav_e4CgpDxFJkilUO526kZzJq4icG-m0X0asjk744QjqVeKASaIjjkDDzz_JC1KechELTiFjrvLSULMGkL2w4oSjQ

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO_Mqsddav_e4CgpDxFJkilUO526kZzJq4icG-m0X0asjk744QjqVeKASaIjjkDDzz_JC1KechELTiFjrvLSULMGkL2w4oSjQ

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 08 May 2023 20:27:05 GMT
Server: MT3 851 9bd98ae master zrh-pixel-x26 config_version:"79"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO_Mqsddav_e4CgpDxFJkilUO526kZzJq4icG-m0X0asjk744QjqVeKASaIjjkDDzz_JC1KechELTiFjrvLSULMGkL2w4oSjQ
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 08 May 2023 20:27:04 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame AA1C 70 B
264 B 51ms
50ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDg4YXpacOWMlQHPHGyIf1A&google_cver=1&google_push=ATf1kGNsdcDKugFLE659N0-JmekA6AiPEjPkryvhHxX1FXNsxXIyngGnfrQW-cKt5hvXPmfv3_-4cXk8Q2kjZbV_9Xl25_u-QSVn4g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683577624413&bpp=15&bdt=667&idt=279&shv=r20230504&mjsv=m202305030101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=2&ga_vid=2126600658.1683577625&ga_sid=1683577625&ga_hid=338400775&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3718&biw=1600&bih=1200&isw=336&ish=280&ifk=2206411751&scr_x=0&scr_y=0&eid=44759842%2C44773809%2C44759927%2C44759876%2C31074330%2C31074431%2C42531705%2C44788441%2C44789925&oid=2&pvsid=3050135006661982&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dj52destmvw2&btvi=1&fsb=1&dtd=338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame AA1C 0
173 B 87ms
31ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECd7cJzZuFQdnj7iHLtUfKI&google_cver=1&google_push=ATf1kGM444XC1WvcG8iTHYeFWvkocAHOZz-B-KPYmvB1-r2ToCh0l7JjVWvk2MNUzjf0yZmxjz12JDy6QI50osgbq8Rakatgna0gGg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683577624413&bpp=15&bdt=667&idt=279&shv=r20230504&mjsv=m202305030101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=2&ga_vid=2126600658.1683577625&ga_sid=1683577625&ga_hid=338400775&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3718&biw=1600&bih=1200&isw=336&ish=280&ifk=2206411751&scr_x=0&scr_y=0&eid=44759842%2C44773809%2C44759927%2C44759876%2C31074330%2C31074431%2C42531705%2C44788441%2C44789925&oid=2&pvsid=3050135006661982&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dj52destmvw2&btvi=1&fsb=1&dtd=338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA1C
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMQF6taL2SXgN0Zxf5gea28&google_cver=1&google_push=ATf1kGPEKJel6wVBqVYmIpYbPtW-sgUExQy_uXy_NzcQv1XYkXjb2RQq4RSsWpB5pQSvCIVy56QgaHJ_NgTArJTvMGJzo-pKWL...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGPEKJel6wVBqVYmIpYbPtW-sgUExQy_uXy_NzcQv1XYkXjb2RQq4RSsWpB5pQSvCIVy56QgaHJ_NgTArJTvMGJzo-pKWLb...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkwOTI5NjA4NDM2ODA3NDMwMjIwOA%3D%3D&google_push=ATf1kGPEKJel6wVBqVYmIpYbPtW-sgUExQy_uXy_NzcQv1XYkXjb2RQq...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkwOTI5NjA4NDM2ODA3NDMwMjIwOA%3D%3D&google_push=ATf1kGPEKJel6wVBqVYmIpYbPtW-sgUExQy_uXy_NzcQv1XYkXjb2RQq4RSsWpB5pQSvCIVy56QgaHJ_NgTArJTvMGJzo-pKWLb66A

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkwOTI5NjA4NDM2ODA3NDMwMjIwOA%3D%3D&google_push=ATf1kGPEKJel6wVBqVYmIpYbPtW-sgUExQy_uXy_NzcQv1XYkXjb2RQq4RSsWpB5pQSvCIVy56QgaHJ_NgTArJTvMGJzo-pKWLb66A
date: Mon, 08 May 2023 20:27:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA1C
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEASiYT4y-...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAS...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=69860ae3-fbb0-4d79-8078-bcdcceb382cf&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=69860ae3-fbb0-4d79-8078-bcdcceb382cf&%%GOOGLE_PUSH_PAIR%%

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=69860ae3-fbb0-4d79-8078-bcdcceb382cf&%%GOOGLE_PUSH_PAIR%%
date: Mon, 08 May 2023 20:27:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AA1C 0
12 B 31ms
30ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IbhkY8JbYfEjyaYSGhgF0AFZA1m6RIP2b1T4zYGwpgnFuWN7dRc684eUvHc05iknFgDScAng

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A825 22 KB
8 KB 21ms
21ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 204619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 06 May 2023 11:36:46 GMT
expires: Sun, 05 May 2024 11:36:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame D69E 0
268 B 284ms
284ms Script
text/plain 54.249.242.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.249.242.97 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-249-242-97.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B000 0
0 59ms
59ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305040101&jk=1582365911906264&bg=!WVqlWg7NAAYV_mUANf47ADkAdvg8Wt5lzuQwjzlMZoxUYF4G5HIzEQKZkdKGsUBzKRF9EmXGzOXLCP_4RKLljrta5w72ZT037VQCAAAA8VIAAAADaAEHCgCRwt264oVJrceLrmTjYmaZqlVKibm2nF4XohF3E_tD6Q78LQK2jW_kYIXZCWrWrR6R09jW155wmkX8DL_AQ_R3ZToTWYY5-4u_X95vxFnAM4OfemqPq8556lZpvKJBnDVbzPwOpz1YplkU8cgWhMqCDHwv5l7p5q_39Xj4FY3hdqK2vy0_lSzuf7UQgLrH28wIAZkCyxJoNenAw-Fxzm7Zpgufd05NDBQ-LaKVEVq__6Tfj85dRFGtcdjnLS4gcvRyDCVIkNW_ffSa3-NaTWQQ7fMizuHvaJckpIGCvxLFV-gbwU56eRMFR7kOFHDbm4R0tMHDUEpewR59RWzYp7I7TM3GkR2ZsDcZg2QaliRioR9XrbqhYhSnmUI8QuM-BRpXYyXplCHTBn1mkykVphpue6w4IBHkkZNy073lXqa-RjfA2vgAhflJDxu7hT2j55gJR-sSH6RAnWyn5zGESWiiQWyX58N4HuZ4sWzKlj1-eeq9-H4qjnHqIK0SEYgewJEy5betD5-vUxQq8xM2s-XgjomEE7PcWNoMtK4-EEL_WYAy5shJZJ7fAFoymWiNJxbKgwP7VtENLzSqpEKPfBnSdEMrJHSXAx1BZyCnNj3obpIfpHLHCoun4d3z9RGtLRNffag-PZGNI7F_bqsCJvH0LPE5_RRTNoitt10hPEQQHkL-I-y6QHrvWEXdXaOgFpIQkNwFu2UhdBBGNgyQtLOPppGZUzY9rVad1-5e_UdvVqsXgQCN8Uu7GwVD5b-JLzRjLrsw0Whx3SIUdMf6CIGtJ47uXbj55Kkg2lUah-VamI4W1XttL3E7dVl2sv-DqDbtCnuYcjoK5ycsApcBuq8nN1NCX5uhaLRuCG43hD70viRJCZao3rhyTWcibP70ggXK8NpFUA2-PcSgvuO6uHQ-wwYXA3DBIM39TQpGkycr0BaLYbQPbieQT-1y6FxHnsmsGW6ersjQQulsOFWEFEO96-eRQmo5s3qZN2QDEVQBJisnWZNxoq-pF3i_fi1iv2g2XqI2ntGeR5rx6_dI62F_J7EWelNX4SeYCwlzLnWIrgMdM9yUCOrmWiiL0fjG97fZyMFM15PvZAMYhD13fKvHbTM1dzyhwN9WIzrjhMFMrmh_z0W1tyg58a5choxQOf8
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BA04 0
0 92ms
91ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305040101&jk=3204056798889148&bg=!0tGl0YXNAAYV_mUANf47ADkAdvg8Wlu87zYs4rLZs5b_N1GKwyBv6lrjECrvFvcbphTHQmjCYKP3su6ipAYJw3SgNbuvYPpUIwcCAAAAv1IAAAADaAEHCgCHxGbc4T_VCpaLBDxeUcNwD8Ux0-gQ7p6ME_EVN7hzW0EYdUeMmTJFToIkw9qmRi0js16Rbc7OfdshKpuJ0Ftv4GWx7t5k7-jT5xocuJ3kKBtm9HoJwt1ZPhme1G2vk1T72ZpDsZNL-VxilRnUGxZaUhzJcxFiwLuPy2cIAhPNPA4YvuvtfyLWmQKt-kL0GUdHR_uko4pmc-3nVrek6sWQ-N6FK6x5pXWMcfdd57yru2lcqrYfWl566bLhEKt0N3BpBBTzlU1CWNbtLPrQtS7uHsI_CgVUAUYXinmSbaR4KcC0y0hBzl0bRYfOhfkM-qv4u7i0jG4DykcqEKYDNYcGR-32hrwUhr8J78IE0GAjTKyDbPD2U7tknRP5tW4JGOsBZpSzNFsREnB1amtfkbmisrEjzfs9uhxZDHfisShGk2aQHCGCcI3moW9Dvrj34vW0TfRryVNvw4q_ASkrR28vYibDWPOuLJtUmjhXqAv2mAIerCT7mIk8fj_mz9gC1NUYLuBc6E55vTr-jlG-K3pMRc5th3JelP5S1NTf9d0teZ22EXdigCAE_oUYUsXKPhFbqV_cmcsmpoyzxkE-GJhKbJVIQLaHLUkhz808RqSYSIAy3NbNWdV-ktESBYeRglsQwE_I9kXTHzeLEX1YTleJTj3e4D1aVhFVyqewnR6alIi1xLjKhB3sCHXNu0X38aPorb_77-Agc8D5cnLOm7G_rne9h6hmYUCYpLtlxqL7L4RinuOvlZMBJjmIwUbOquCpYXkRqJhVWaQuKjZESFpmypO6qeuefTaekPBFoGsag4zfZTwWXMjLR4B5tDcW_LRTixWplHYmzWVjpbJBZugc511hoGXt2BcaMJa2JWITP6o9u66RE3cUCfyLvtvSiEQYXkQDVkMR0lrIjz_-sSEVKo5SSlW2HTQDCNvjUa8twQdUOjuFuxVBo-3CgyzSYPasGFIqSqBU6WClafBQ-_hcouPaYAWE5CPRDoUhk-cyp3_dBIx5FSjVZ3D9is_Chp-0ljE_b9ik0yM96NOO7UXHf5m2ovioMwcd7h4jeqYVZ4ts7TA-0LjVT8200uL3q3kAlsau42FCcw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 200 WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js Show response
pagead2.googlesyndication.com/bg/ Frame A825 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 12:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14616
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 May 2024 12:58:49 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11934569601524222564/ Frame F320 13 KB
3 KB 78ms
31ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=I8aMpL1D2o&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

293c4dc30efea546e286c0185dce44c51099dd75f3486716f08547a8df84d6a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2688
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 20:27:05 GMT
expires: Tue, 07 May 2024 20:27:05 GMT
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2E2C 0
0 138ms
69ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdF39qgvaIiRLXMAQO0K8WXqDg2uVtrO_5NHuEEAnfRZM2NcZuouo21IPIvDLIsrPBr8Ki0jYDBqS4X_LLjYApIJml6COreqDAy0daNdzok-lGvnpmLruKELy9M_kNMe1gjuWum-HMqHmuCi0aYMONCp5xjEkkkgH7XJC2ayq2RqSkYnK9Y8gJEswga1gLMChEImpWTpEPo4Xwt-Po9JJDp9-u-jxZFRh7jNxALJRXeNzggESPL6zbSVpWcT_hvZEv469Nw3eZ0FhTPxSC2bHHRLoWe5po8jID5WQZEyvIUXZrKV8nagj3I7ffboeOaYtqWPcvTF6d-hEJmTTlxiVAlX78Tn3726_iEb8cm7Cda61i7NfjmmoWwLjPtHvNvD0Opn79xE1nqb2QmrlMFfTonhuhuIPG2NMbNZMbxodwbjwcgVv3ky3RBwgs8Vrk6LMNHmOEsOWJJFBDfe6Fdtlv4I-_DnxrCWYY5o-RmjQQobo3WUYKmPUB0JpUgWtj_e11BximaYIXRoU0kmIC7hXr65nf8ErnsMpMESKGUdbFzEtnjMDqJuJE3QGE3jnVompUW27vTqRPV9sqtCubTIub5_rNUfoFcpHI8902maoldJ6a7BqKd4V-H8EJSUCNDMXLwR-lJ7IEkSQXeM1p8llE2730DxaMUY27MzX55bigxjOvJwUKVw_Fy2CcllF2UbQpytV6lSQt1hxi7O4Y-AmNCVog2VY0QwUmmdjltpqWzYKlNZUkba8hWxSflRWovw_tfNKGlAH4wxU2bIi5hHemn9oxos0wmUMj_Vo-lOa9EZpir982hK_jvxH1p1MzlMlGWSN6y3v_-sb43bLNd24KPU0-h9LVJn1iqU03V4lVFHUI9l2F18buwjItBztrXK6mUNMB3Yo-dotWzpYdEgAclXMdrmOfhbpEBg0-rUCP6hf_d3NHXRzuf8VDvklaA6H8fsWRHJFAhv9i00O4FXHBoAInNNNBoLi75-k3AW-7MmeCFftwaEOmavnlGAlrmvvqz-K23rHMc1U9gGXI3zNWbIlJiSsyTeR_buWC5RIXFp6G4muHRNa3jv4njSr12SebAXekdw5TuhopNJeg8PEsWFq41Dto0JTTGD1_Wl0mg6ZT53Vr5_LMoPqlQ6-7je3Ais-u8Gy_oi-vEI_q5cO4hx0QWSWbfpW7SjQueh4F_DN-lcLIbKTBuaRoqrHyK8lSJVo3Ewghic7xLYdawZV9PDlyLA&sai=AMfl-YRXIo9g9UzcbJp95jQ6a0Uk0eRKbxUsipCzLtj_joyaQ4D5mP0SZUCY4-hiEcK20OLb8k5va_GlFkkvRpoG55LujA0G9sGj1JQ5e0N8X37tEB6d7kg4cjJwgotIVmITk-hU1zGPSFrIoYLvWKgg0Ib5pKpjDU41R6Xf32jR1lc3ECf-uOy9Yy3ikOCLv_DSfX8vuij1FPKbolSAzRWjAK6UNN-S9MT2lnGwpQ&sig=Cg0ArKJSzChtv3jpPS_YEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=143&cbvp=1&cstd=134&cisv=r20230504.65034&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 May 2023 20:27:05 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 08 May 2023 20:27:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 32C7 0
0 59ms
59ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230504&jk=3050135006661982&bg=!OTqlOm7NAAYV_mUANf47ADkAdvg8WgJNT-wTl5G3NKrCbmUaoK4y4NGYyDHB0hYaYX9BKtC6RkE9z1KRNO4b68AS8F4113WACSACAAAAflIAAAACaAEHCgA5QGQOx0n9wfpBpn_pt7fO0UBfbDewyaI6Wrg3SKltc_fkUxXfduo_mZSg_JOvPzw8DmLguMlBJxUImQKzrPNF2uDWKKNt0uhK-hkdiJrQ8a2b7UZDtJLV5yU-jWx_WRxa36H4IN8CxSknsbZC7HLY5OaToo_LPnK-xkp3mKwbTKFFXfG3tYkR18Q3CyOgIWev1WdCwe0cqoHug9ihwN4hryoTtCdkSAetFEdpZ6kMe6Ow_JS3I7TPOhSKgoQUIKcZvvmqmfHjhpS2fW3WAlhZeJISUY_4Mubq6Eh3kdOjOLMHjtg_vIhx9iBUyyicfC3zchAdcvM6xG8oMhiSh95Nm7gLxFdF6N_vzpIc_TvjSbHDQMzV2Ndp9l6OqYjYBEmIRIa4HmQ-sTHLBA8aBSjtUCm4tj3w0nLnYoTJn53Sa_uvJSSieQ_lhJswg14ZHqNNM0yD250sQyhCdr8JAE6wqhdhvqhqAMXD-Ki7rEw_KkuqnmpZAWguwInGlx_3NzF5ZrE-CWi5cTFWFVqfAspKhQ-W3ezolf0ochEeLwQ8CLYEnqjbIsMEBTLAzjrsUnQFoc56mqEB4ppp_0CjdQeB0oey1Ir56lCmcoQJ31bjZe4fBVvzpTMb4IVi1BbpJpMb8ydw1h02AkdcbYTw1B3_aTf6Vni1gpCYL96gtkwovHZhtryac2AosziHO6AgXNuMuPReNyfJLuFQEfN-kzXiAAtUoJqWW3ysIm-FQ6LOW8IngUwgICfowlvmgREIsRnzxlzMvX-Ae4FtnsaZOKhheCQEgitVPDpa6aAuW7F7zATFG9juN_OIiCV_PkpZWvAKSh6mtSS7yW0lIiJIsueTO9BvUegmi1wDo8RoMt85R5rF5uBHcjKR7PToxxbO7i_1y2ht-tKUhM6tfilrQooXF81Fa0I8Mg0ebOIA67bmjdHOBt2vaTlhzpQWMJCeMWoIJC1TA0ELFlY6CoYY04--dItctBelj9fAfkN2vSo0dg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3E76 0
0 72ms
72ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230504&jk=14120132055281&bg=!_f6l_qrNAAYV_mUANf47ADkAdvg8WmlgigNnoTNSVLpAizNRFCIPVU_-yUdJLiSRGXnA5BEBK697p3eJGOeJ0UC2uJzHWVTwOeACAAAATFIAAAADaAEHCgDEpzYVpraXfaXfYzcwWP0Av4LCmCuJ_fJC1rQ71tntcMVVq_C3A5MGF1m1g9PFYEdSW-rTvdPvGPdYbTG10RDnlIEydg3Au6H2uybAa8vuGLL3P3paHh0Ok2GSr0r6CJgm8rZv6Gi9rWC9Y6WOOlWsr7x8OvqSl9FfdWAIbp55Gl_I_HM4BmbIF6HjqdrpDtpdAfVugadHNa9sS59VJh8sulClKBjETVl3UzMz4odEAC4nHaWAtNQE3wm4PcjDJC0XuqPdUZkCwOZdUQw2IpVD5j9lg4RhE0m5nfC0MOc7jTKuJIB57M_1VjHQT783FpAxNrO793D33nmo--LRg9GaxkcNCjbV8PaArC_9NWucNjRRsClG30diUx1bTeKVoR9ywxSslpSkZY5gq172et7WtMZAEGmsiuLCMb2G4mpQEkHtqDBEhKvUzpYSWsBlYXpOvOdASiFRid-Dlg_iNhG7ea4cXQwm4SkN4dHHR_xgxDZRLKde79N9bQE72vzimiDhaAC-L_8DEOuhQrJRhJ9SHrn6QhcAFIIv6FC5nfzxGjRVoOMIwNq6dauqkF_8H5DhGCkmXdTlm6ZcV5fExx_6AfBTzUlJyoHEalOtvMuPcAyE0gNqD5Xzv11UiFDZzSFpaxPKHIZWOwwdB3nrXjQ1SX-jjtw5dcaHHu4tBLbCoYoOzmNIY4TsXLW6TUSfcydZUSSMpG2GSmRjHoGfPLnKXZ5wCBgzARqL6YQq8myVMMT8q24Tgy72y1U6u99uFIWVuVYmB-3rnS09brhkpAvIU-1Q72DoT3wXu4j2pTl58gpKmhShHaK-gA5gKJabCH2bpDBvwt79h4K4pf1B6Bm-OX8xSL2HTl8c9TZmVBx1msx-NBF0sLyWykrioazdzTih54L2knlLtRmG3FTXw9wp0hDMiAc-tfOX3LD5qPI-EZwr0F9sLgdxp7VvAIzdnZPmRxdWrFvJJvTapBi6hOFHqPYv8KsCKsSewTmWkvS86YknG8IWXCL5uiZnZyrVZeg91FLExeD_ROFQnbhWyQTdgN38mZnvffpBz87SsUI9pTCwRvCGuibBrr2PA-3KBozRZALl-lm0d7IOBxigAVXIzSexEosZ83iA8_OTL-sU6_G0Wb1ow3KXh0D8OQXtx6GUO1tRehQjcCzqDww94EgDbPmMMiyhL2vzviHvQ4YOuQiqVSq-kBFs
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/11934569601524222564/css/ Frame F320 5 KB
1 KB 25ms
24ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=I8aMpL1D2o&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

889f2bab730d916ae6b55451a2f2fcdb173b310e29306103ece5b4c545a38156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=I8aMpL1D2o&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 23:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249821
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1412
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 May 2024 23:03:24 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame F320 118 KB
40 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=I8aMpL1D2o&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=I8aMpL1D2o&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 08:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42888
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 May 2023 08:32:17 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/11934569601524222564/img/ Frame F320 6 KB
3 KB 24ms
24ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/img/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=I8aMpL1D2o&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=I8aMpL1D2o&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268025
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2563
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 May 2024 18:00:00 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F320 60 KB
24 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=I8aMpL1D2o&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=I8aMpL1D2o&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 May 2023 20:27:05 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A825 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnJ-JGVtZZLTEHtvhgAfq1ojoBwAAAAA4AeAEAg&bg=!Hh2lHUnNAAYV_mUANf47ADkAdvg8Wjk5TO0G0XUyxOextc3bYRbfxCscjiWZnDoDCC_r3sLmTB0DH445-E8xNgVRdT0X3ahb53oCAAAAT1IAAAACaAEHmQL1sp9FXrpZ1g9f-chcOFt7w0lHb82dH43hgJ36Fsstkhlu380e8aFbxujQHyMparnkdC19PEeR1jJtQtwTldAnqOm7u0nfuT9Hi9cMJ8PqqZXSk5CZSfwE97MgEVMVi63rYavb93nRVXXx77IOd_G8iqZYs3Pw92cjMpB_sYuDPiMK7j9lI0J2fBz1hibWypI0S44yqz7SsZR4bBse_SiNQYEbwJWzD_1OOD3Nc9m05-pXOsMr-vd83yL3fZwXjqJhJ3A0SItYAA_2bu5ZIm7W50N1GwsRyhl_QMnEt6nCtOET4wCRcaoPjz3GIHma2nyoZeKwQlN7Y0x1sBTOft0Dp-U8GJ3wiLrdaHa1aoY7yD5247rNlBxaD1-kw8MOPCpHQSZrFzy9nGAc4HiavT7VYPOPsJloOD2F9o4gPaw52ldmA_XbXLc2nNnXiPMnfC7uLYh5EXKvYkDoHErHAuqy2T48QxVzjcAArk7EHsOxKS3zye8FFllxK7_fOLwjDCl3GAGf71ZwfrIVuKryrh8v6PiZGZdXVT9Mko5M4KfmDDVLh7XpOHPuo_Eswl0kL4EaxGqUdomNJGGfiRNOh1gNO81Ecfr4oz-BzHAmm2I8t9GyfKTwhQFUi_zE__YlCiWp0iWg-aF2uY3SLfUGXwfNNJKixPQ3HoNskO91VUAAzaIa4TXPoYDNQUI3BwBHQBA1flH5g03LFZUjvdSYOPGAblsd_3ajqsKeGEK8S7hKasROfI1TPpfeXItBZz1ofURU-Zlgk24cc2QuW6u50c3nPD4jB9NrhbGPfy_ip8R_WvIGCutb641wz-n1fF708AaZQ8JcWIomvheNcJyb41UFc571yGEZy67FLU1Nok-vDy9rgZZWAZLQAdcWg4SyGYDmc52zAsgF99krUjbNO9-xp8SkglAUxKqeyikDzt71uuSP9lx0zeu39jhuluXuCJ0a7ApaZc31Xf462Waq66mhEbqclrYJj6hhTEuFPDMcdrlXbyyxAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 23ms
23ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230508-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Mon, 08 May 2023 20:27:05 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 2888
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230074-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1683577626.831205,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 26
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 12824

GET
H3 200 FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/11934569601524222564/fonts/ Frame F320 13 KB
13 KB 23ms
23ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/fonts/FordAntennaCondMedium.subline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 02:45:05 GMT
x-content-type-options: nosniff
age: 236520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13336
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 May 2024 02:45:05 GMT

GET
H3 200 FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/11934569601524222564/fonts/ Frame F320 12 KB
12 KB 31ms
30ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/fonts/FordAntennaBlack.headline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 21:18:28 GMT
x-content-type-options: nosniff
age: 169717
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11876
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 May 2024 21:18:28 GMT

GET
H3 200 FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/11934569601524222564/fonts/ Frame F320 14 KB
14 KB 26ms
26ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/fonts/FordAntennaRegular.legal.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 18:36:39 GMT
x-content-type-options: nosniff
age: 179426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14468
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 May 2024 18:36:39 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
119 B 49ms
43ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220057-FRA
date: Mon, 08 May 2023 20:27:05 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2E2C 0
0 61ms
61ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdF39qgvaIiRLXMAQO0K8WXqDg2uVtrO_5NHuEEAnfRZM2NcZuouo21IPIvDLIsrPBr8Ki0jYDBqS4X_LLjYApIJml6COreqDAy0daNdzok-lGvnpmLruKELy9M_kNMe1gjuWum-HMqHmuCi0aYMONCp5xjEkkkgH7XJC2ayq2RqSkYnK9Y8gJEswga1gLMChEImpWTpEPo4Xwt-Po9JJDp9-u-jxZFRh7jNxALJRXeNzggESPL6zbSVpWcT_hvZEv469Nw3eZ0FhTPxSC2bHHRLoWe5po8jID5WQZEyvIUXZrKV8nagj3I7ffboeOaYtqWPcvTF6d-hEJmTTlxiVAlX78Tn3726_iEb8cm7Cda61i7NfjmmoWwLjPtHvNvD0Opn79xE1nqb2QmrlMFfTonhuhuIPG2NMbNZMbxodwbjwcgVv3ky3RBwgs8Vrk6LMNHmOEsOWJJFBDfe6Fdtlv4I-_DnxrCWYY5o-RmjQQobo3WUYKmPUB0JpUgWtj_e11BximaYIXRoU0kmIC7hXr65nf8ErnsMpMESKGUdbFzEtnjMDqJuJE3QGE3jnVompUW27vTqRPV9sqtCubTIub5_rNUfoFcpHI8902maoldJ6a7BqKd4V-H8EJSUCNDMXLwR-lJ7IEkSQXeM1p8llE2730DxaMUY27MzX55bigxjOvJwUKVw_Fy2CcllF2UbQpytV6lSQt1hxi7O4Y-AmNCVog2VY0QwUmmdjltpqWzYKlNZUkba8hWxSflRWovw_tfNKGlAH4wxU2bIi5hHemn9oxos0wmUMj_Vo-lOa9EZpir982hK_jvxH1p1MzlMlGWSN6y3v_-sb43bLNd24KPU0-h9LVJn1iqU03V4lVFHUI9l2F18buwjItBztrXK6mUNMB3Yo-dotWzpYdEgAclXMdrmOfhbpEBg0-rUCP6hf_d3NHXRzuf8VDvklaA6H8fsWRHJFAhv9i00O4FXHBoAInNNNBoLi75-k3AW-7MmeCFftwaEOmavnlGAlrmvvqz-K23rHMc1U9gGXI3zNWbIlJiSsyTeR_buWC5RIXFp6G4muHRNa3jv4njSr12SebAXekdw5TuhopNJeg8PEsWFq41Dto0JTTGD1_Wl0mg6ZT53Vr5_LMoPqlQ6-7je3Ais-u8Gy_oi-vEI_q5cO4hx0QWSWbfpW7SjQueh4F_DN-lcLIbKTBuaRoqrHyK8lSJVo3Ewghic7xLYdawZV9PDlyLA&sai=AMfl-YRXIo9g9UzcbJp95jQ6a0Uk0eRKbxUsipCzLtj_joyaQ4D5mP0SZUCY4-hiEcK20OLb8k5va_GlFkkvRpoG55LujA0G9sGj1JQ5e0N8X37tEB6d7kg4cjJwgotIVmITk-hU1zGPSFrIoYLvWKgg0Ib5pKpjDU41R6Xf32jR1lc3ECf-uOy9Yy3ikOCLv_DSfX8vuij1FPKbolSAzRWjAK6UNN-S9MT2lnGwpQ&sig=Cg0ArKJSzChtv3jpPS_YEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=315&vt=11&dtpt=172&dett=3&cstd=134&cisv=r20230504.65034&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 08 May 2023 20:27:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F320 8 KB
6 KB 65ms
65ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0365dfe1b3338d87854640ca45491c64f4e63b820e0c3e89591b417bde9a3934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5830
x-xss-protection: 0

GET
H3 200 visual.jpg
s0.2mdn.net/sadbundle/11934569601524222564/img/ Frame F320 81 KB
81 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/img/visual.jpg

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c07684aa8b5395431f3b243baad78a2ddac988833fed866fa18b7d9cb6e1fdce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=I8aMpL1D2o&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 07:44:39 GMT
x-content-type-options: nosniff
age: 218546
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82828
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 May 2024 07:44:39 GMT

GET
H3 200 overlay.png
s0.2mdn.net/sadbundle/11934569601524222564/img/ Frame F320 95 B
122 B 29ms
28ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/img/overlay.png

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=I8aMpL1D2o&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 08:27:30 GMT
x-content-type-options: nosniff
age: 215975
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 May 2024 08:27:30 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 517ms
168ms XHR
text/plain 141.226.230.50
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 08 May 2023 20:27:06 GMT
cache-control: no-store
server: nginx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F320 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 May 2023 20:27:05 GMT

GET
H3 200 WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js Show response
pagead2.googlesyndication.com/bg/ Frame E844 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 12:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14616
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 May 2024 12:58:49 GMT

GET
H/1.1 200
OK h78o6ojw9z7r Show response
hal9000.redintelligence.net/zone/ Frame F0A5 11 KB
4 KB 94ms
29ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/h78o6ojw9z7r?subid=&rnd=4115199452894188585&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJXOUwhufdRQGqFV7DxXzfQ%26exch_seat%3D20035004448%26mt_aid%3D4115199452894188585%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D95d76459-5b19-4401-9699-99bbbdaa7432%26mt_cid%3D95d76459-5b19-4401-9699-99bbbdaa7432%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCfvy_GFtZZM3KOp6Rpt8Pr4GPsA3Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBJoCT9ACQTGdB5hT6YMklfAdkNbm1Gxcrbz7--Sco6Cbe8EMfBaQPs1BHKqZ6TMJ3uHD8aLCxAr_TfIIvgJ4CKEFbFN8duPHPUPl1ktm61z3y9wGnv-zh3D-Fspai9W8R1Fg-4710v72-_2ya04DPyzxuf_L26NiFpY9quISAXAUM8CXlz0sBuaoH0N0yOIGfPxYKim1m5vftdiDhXMk0BmK1Q_ZkXFJSwvW1uBF1vgeGHIUcYdUe0xJJQDe9s2YEb76kRGsBg7lz4Y9-6206yVlXOm9MQ3TGNm3onJylT6VukGaiQQNk5x6m5028UhalUOU4rA-W6GiItcXXjddM07J4iXhiTJ7NEcrqJ6S5m4ub4ovPkx9OnMCTfGRgAbJkfea2dCvrdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_27mxvmS9yBySnFwexUwStPCp_JnA%2526client%253Dca-pub-4485239425924787%2526adurl%253D%26redirect%3D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9e8f2f4892b2bec2a1d503d372fca5c0be4d89dff523265b89e7d678cf589804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3546
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame F0A5 49 B
330 B 774ms
593ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=4115199452894188585&node_id=3358&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdNeVlqRTNPREV0WTJNMFlTMHhOVE14TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMTUxOTk0NTI4OTQxODg1ODUvNjYyMjMyOC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LS1pS0h3R184RjI0RURTbmpOODEycy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTE1MTk5NDUyODk0MTg4NTg1L2hrZy8wLzUwMC85My85OTkvMzIyLzIwMDE6MWI2MDoxMDEwOjovMC4wMDAvMTY4MzU3NzYyNS8xNjgzNjAxNjI1LzQvcHViLTQ0ODUyMzk0MjU5MjQ3ODcv/WGtQ0J0Fi4J_tvwq59mYW3LUhFs&nodeid=3358&group=hkg&auctionid=4115199452894188585&pbs_auctionid=4115199452894188585&shardkey=4115199452894188585&sid=4562306&cid=6622328&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.105&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvy_GFtZZM3KOp6Rpt8Pr4GPsA3Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBJoCT9ACQTGdB5hT6YMklfAdkNbm1Gxcrbz7--Sco6Cbe8EMfBaQPs1BHKqZ6TMJ3uHD8aLCxAr_TfIIvgJ4CKEFbFN8duPHPUPl1ktm61z3y9wGnv-zh3D-Fspai9W8R1Fg-4710v72-_2ya04DPyzxuf_L26NiFpY9quISAXAUM8CXlz0sBuaoH0N0yOIGfPxYKim1m5vftdiDhXMk0BmK1Q_ZkXFJSwvW1uBF1vgeGHIUcYdUe0xJJQDe9s2YEb76kRGsBg7lz4Y9-6206yVlXOm9MQ3TGNm3onJylT6VukGaiQQNk5x6m5028UhalUOU4rA-W6GiItcXXjddM07J4iXhiTJ7NEcrqJ6S5m4ub4ovPkx9OnMCTfGRgAbJkfea2dCvrdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_27mxvmS9yBySnFwexUwStPCp_JnA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.387.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:06 GMT
Server: MMBD/3.387.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x87, hkg-bidder-x117
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 08 May 2023 20:27:05 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame F0A5 7 KB
3 KB 230ms
47ms Script
text/javascript 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ui=ac2b1781-cc4a-1531-0000-000000000000&ap=&ti=4115199452894188585&pv=da1d5cbb-bba1-43a5-9173-929aa532051b&pp=pub-4485239425924787&sr=4&de=43003&si=1056695144&dm=336x280&ac=651871&cr=6622328&ai=216536&c1=4562306&r1=2001:1b60:1010::&r2=&r3=

Requested by

Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdNeVlqRTNPREV0WTJNMFlTMHhOVE14TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMTUxOTk0NTI4OTQxODg1ODUvNjYyMjMyOC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LS1pS0h3R184RjI0RURTbmpOODEycy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTE1MTk5NDUyODk0MTg4NTg1L2hrZy8wLzUwMC85My85OTkvMzIyLzIwMDE6MWI2MDoxMDEwOjovMC4wMDAvMTY4MzU3NzYyNS8xNjgzNjAxNjI1LzQvcHViLTQ0ODUyMzk0MjU5MjQ3ODcv/WGtQ0J0Fi4J_tvwq59mYW3LUhFs&nodeid=3358&group=hkg&auctionid=4115199452894188585&pbs_auctionid=4115199452894188585&shardkey=4115199452894188585&sid=4562306&cid=6622328&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.105&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvy_GFtZZM3KOp6Rpt8Pr4GPsA3Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBJoCT9ACQTGdB5hT6YMklfAdkNbm1Gxcrbz7--Sco6Cbe8EMfBaQPs1BHKqZ6TMJ3uHD8aLCxAr_TfIIvgJ4CKEFbFN8duPHPUPl1ktm61z3y9wGnv-zh3D-Fspai9W8R1Fg-4710v72-_2ya04DPyzxuf_L26NiFpY9quISAXAUM8CXlz0sBuaoH0N0yOIGfPxYKim1m5vftdiDhXMk0BmK1Q_ZkXFJSwvW1uBF1vgeGHIUcYdUe0xJJQDe9s2YEb76kRGsBg7lz4Y9-6206yVlXOm9MQ3TGNm3onJylT6VukGaiQQNk5x6m5028UhalUOU4rA-W6GiItcXXjddM07J4iXhiTJ7NEcrqJ6S5m4ub4ovPkx9OnMCTfGRgAbJkfea2dCvrdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_27mxvmS9yBySnFwexUwStPCp_JnA%26client%3Dca-pub-4485239425924787%26adurl%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-130-15.eu-west-1.compute.amazonaws.com

Software

Resource Hash

158d2aba910cffe8e5dede9728cc4dd7e6b45bbee01f24667eb0d75d96596851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 May 2023 20:27:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 3087
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame F0A5 43 B
411 B 139ms
72ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=4115199452894188585&v3=651871&v4=4562306&v5=6622328&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdNeVlqRTNPREV0WTJNMFlTMHhOVE14TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMTUxOTk0NTI4OTQxODg1ODUvNjYyMjMyOC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LS1pS0h3R184RjI0RURTbmpOODEycy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTE1MTk5NDUyODk0MTg4NTg1L2hrZy8wLzUwMC85My85OTkvMzIyLzIwMDE6MWI2MDoxMDEwOjovMC4wMDAvMTY4MzU3NzYyNS8xNjgzNjAxNjI1LzQvcHViLTQ0ODUyMzk0MjU5MjQ3ODcv/WGtQ0J0Fi4J_tvwq59mYW3LUhFs&nodeid=3358&group=hkg&auctionid=4115199452894188585&pbs_auctionid=4115199452894188585&shardkey=4115199452894188585&sid=4562306&cid=6622328&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.105&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvy_GFtZZM3KOp6Rpt8Pr4GPsA3Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBJoCT9ACQTGdB5hT6YMklfAdkNbm1Gxcrbz7--Sco6Cbe8EMfBaQPs1BHKqZ6TMJ3uHD8aLCxAr_TfIIvgJ4CKEFbFN8duPHPUPl1ktm61z3y9wGnv-zh3D-Fspai9W8R1Fg-4710v72-_2ya04DPyzxuf_L26NiFpY9quISAXAUM8CXlz0sBuaoH0N0yOIGfPxYKim1m5vftdiDhXMk0BmK1Q_ZkXFJSwvW1uBF1vgeGHIUcYdUe0xJJQDe9s2YEb76kRGsBg7lz4Y9-6206yVlXOm9MQ3TGNm3onJylT6VukGaiQQNk5x6m5028UhalUOU4rA-W6GiItcXXjddM07J4iXhiTJ7NEcrqJ6S5m4ub4ovPkx9OnMCTfGRgAbJkfea2dCvrdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_27mxvmS9yBySnFwexUwStPCp_JnA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 851 9bd98ae master cdg-pixel-x34 config_version:"79" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:06 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x34 config_version:"79"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 08 May 2023 20:27:05 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame F0A5 49 B
330 B 773ms
592ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=4115199452894188585&st=4562306&time=1683577625&nodeid=3358
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdNeVlqRTNPREV0WTJNMFlTMHhOVE14TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMTUxOTk0NTI4OTQxODg1ODUvNjYyMjMyOC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LS1pS0h3R184RjI0RURTbmpOODEycy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTE1MTk5NDUyODk0MTg4NTg1L2hrZy8wLzUwMC85My85OTkvMzIyLzIwMDE6MWI2MDoxMDEwOjovMC4wMDAvMTY4MzU3NzYyNS8xNjgzNjAxNjI1LzQvcHViLTQ0ODUyMzk0MjU5MjQ3ODcv/WGtQ0J0Fi4J_tvwq59mYW3LUhFs&nodeid=3358&group=hkg&auctionid=4115199452894188585&pbs_auctionid=4115199452894188585&shardkey=4115199452894188585&sid=4562306&cid=6622328&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.105&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvy_GFtZZM3KOp6Rpt8Pr4GPsA3Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBJoCT9ACQTGdB5hT6YMklfAdkNbm1Gxcrbz7--Sco6Cbe8EMfBaQPs1BHKqZ6TMJ3uHD8aLCxAr_TfIIvgJ4CKEFbFN8duPHPUPl1ktm61z3y9wGnv-zh3D-Fspai9W8R1Fg-4710v72-_2ya04DPyzxuf_L26NiFpY9quISAXAUM8CXlz0sBuaoH0N0yOIGfPxYKim1m5vftdiDhXMk0BmK1Q_ZkXFJSwvW1uBF1vgeGHIUcYdUe0xJJQDe9s2YEb76kRGsBg7lz4Y9-6206yVlXOm9MQ3TGNm3onJylT6VukGaiQQNk5x6m5028UhalUOU4rA-W6GiItcXXjddM07J4iXhiTJ7NEcrqJ6S5m4ub4ovPkx9OnMCTfGRgAbJkfea2dCvrdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_27mxvmS9yBySnFwexUwStPCp_JnA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.387.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:06 GMT
Server: MMBD/3.387.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x75, hkg-bidder-x117
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 08 May 2023 20:27:05 GMT

GET
H/1.1

200
OK

request.php Show response
hal900022.redintelligence.net/ Frame F0A5
Redirect Chain

https://hal900022.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f02d492718&subid=&uid=15bedaca7602c5db&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900022.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f02d492718&subid=&uid=15bedaca7602c5db&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

353ms
300ms

Script
application/x-javascript

144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f02d492718&subid=&uid=15bedaca7602c5db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJXOUwhufdRQGqFV7DxXzfQ%26exch_seat%3D20035004448%26mt_aid%3D4115199452894188585%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D95d76459-5b19-4401-9699-99bbbdaa7432%26mt_cid%3D95d76459-5b19-4401-9699-99bbbdaa7432%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCfvy_GFtZZM3KOp6Rpt8Pr4GPsA3Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBJoCT9ACQTGdB5hT6YMklfAdkNbm1Gxcrbz7--Sco6Cbe8EMfBaQPs1BHKqZ6TMJ3uHD8aLCxAr_TfIIvgJ4CKEFbFN8duPHPUPl1ktm61z3y9wGnv-zh3D-Fspai9W8R1Fg-4710v72-_2ya04DPyzxuf_L26NiFpY9quISAXAUM8CXlz0sBuaoH0N0yOIGfPxYKim1m5vftdiDhXMk0BmK1Q_ZkXFJSwvW1uBF1vgeGHIUcYdUe0xJJQDe9s2YEb76kRGsBg7lz4Y9-6206yVlXOm9MQ3TGNm3onJylT6VukGaiQQNk5x6m5028UhalUOU4rA-W6GiItcXXjddM07J4iXhiTJ7NEcrqJ6S5m4ub4ovPkx9OnMCTfGRgAbJkfea2dCvrdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_27mxvmS9yBySnFwexUwStPCp_JnA%2526client%253Dca-pub-4485239425924787%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8848723791683&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293
Protocol: HTTP/1.1
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 227dedc5f37d808a50412a83264b5fc88d4dd3572c9e23cf2d26cd231a1245ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 May 2023 20:27:06 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 80959700206410000951407012318022
Connection: close
Content-Length: 1330
Expires: Mon, 08 May 2023 21:27:06 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 08 May 2023 20:27:06 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f02d492718&subid=&uid=15bedaca7602c5db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJXOUwhufdRQGqFV7DxXzfQ%26exch_seat%3D20035004448%26mt_aid%3D4115199452894188585%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D95d76459-5b19-4401-9699-99bbbdaa7432%26mt_cid%3D95d76459-5b19-4401-9699-99bbbdaa7432%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCfvy_GFtZZM3KOp6Rpt8Pr4GPsA3Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBJoCT9ACQTGdB5hT6YMklfAdkNbm1Gxcrbz7--Sco6Cbe8EMfBaQPs1BHKqZ6TMJ3uHD8aLCxAr_TfIIvgJ4CKEFbFN8duPHPUPl1ktm61z3y9wGnv-zh3D-Fspai9W8R1Fg-4710v72-_2ya04DPyzxuf_L26NiFpY9quISAXAUM8CXlz0sBuaoH0N0yOIGfPxYKim1m5vftdiDhXMk0BmK1Q_ZkXFJSwvW1uBF1vgeGHIUcYdUe0xJJQDe9s2YEb76kRGsBg7lz4Y9-6206yVlXOm9MQ3TGNm3onJylT6VukGaiQQNk5x6m5028UhalUOU4rA-W6GiItcXXjddM07J4iXhiTJ7NEcrqJ6S5m4ub4ovPkx9OnMCTfGRgAbJkfea2dCvrdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_27mxvmS9yBySnFwexUwStPCp_JnA%2526client%253Dca-pub-4485239425924787%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8848723791683&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Mon, 08 May 2023 21:27:06 +0200

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame BFFB 0
365 B 174ms
85ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=80959700206410000951407012318022&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f02d492718&subid=&uid=15bedaca7602c5db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJXOUwhufdRQGqFV7DxXzfQ%26exch_seat%3D20035004448%26mt_aid%3D4115199452894188585%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D95d76459-5b19-4401-9699-99bbbdaa7432%26mt_cid%3D95d76459-5b19-4401-9699-99bbbdaa7432%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCfvy_GFtZZM3KOp6Rpt8Pr4GPsA3Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBJoCT9ACQTGdB5hT6YMklfAdkNbm1Gxcrbz7--Sco6Cbe8EMfBaQPs1BHKqZ6TMJ3uHD8aLCxAr_TfIIvgJ4CKEFbFN8duPHPUPl1ktm61z3y9wGnv-zh3D-Fspai9W8R1Fg-4710v72-_2ya04DPyzxuf_L26NiFpY9quISAXAUM8CXlz0sBuaoH0N0yOIGfPxYKim1m5vftdiDhXMk0BmK1Q_ZkXFJSwvW1uBF1vgeGHIUcYdUe0xJJQDe9s2YEb76kRGsBg7lz4Y9-6206yVlXOm9MQ3TGNm3onJylT6VukGaiQQNk5x6m5028UhalUOU4rA-W6GiItcXXjddM07J4iXhiTJ7NEcrqJ6S5m4ub4ovPkx9OnMCTfGRgAbJkfea2dCvrdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_27mxvmS9yBySnFwexUwStPCp_JnA%2526client%253Dca-pub-4485239425924787%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8848723791683&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Content-Type: application/javascript; charset=utf-8
Date: Mon, 08 May 2023 20:27:06 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: 5413AFB8:C75C_91EFC182:01BB_64595B1A_8F07B56:6DD9

GET
H2 200 / Show response
adv.office-partner.de/ Frame 4C25 930 B
931 B 89ms
23ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f02d492718&subid=&uid=15bedaca7602c5db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJXOUwhufdRQGqFV7DxXzfQ%26exch_seat%3D20035004448%26mt_aid%3D4115199452894188585%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D95d76459-5b19-4401-9699-99bbbdaa7432%26mt_cid%3D95d76459-5b19-4401-9699-99bbbdaa7432%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCfvy_GFtZZM3KOp6Rpt8Pr4GPsA3Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBJoCT9ACQTGdB5hT6YMklfAdkNbm1Gxcrbz7--Sco6Cbe8EMfBaQPs1BHKqZ6TMJ3uHD8aLCxAr_TfIIvgJ4CKEFbFN8duPHPUPl1ktm61z3y9wGnv-zh3D-Fspai9W8R1Fg-4710v72-_2ya04DPyzxuf_L26NiFpY9quISAXAUM8CXlz0sBuaoH0N0yOIGfPxYKim1m5vftdiDhXMk0BmK1Q_ZkXFJSwvW1uBF1vgeGHIUcYdUe0xJJQDe9s2YEb76kRGsBg7lz4Y9-6206yVlXOm9MQ3TGNm3onJylT6VukGaiQQNk5x6m5028UhalUOU4rA-W6GiItcXXjddM07J4iXhiTJ7NEcrqJ6S5m4ub4ovPkx9OnMCTfGRgAbJkfea2dCvrdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_27mxvmS9yBySnFwexUwStPCp_JnA%2526client%253Dca-pub-4485239425924787%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8848723791683&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Mon, 08 May 2023 20:27:06 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Mon, 15 May 2023 20:27:06 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame F0A5 2 KB
2 KB 159ms
77ms Script
text/html 13.41.237.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=80959700206410000951407012318022&nw=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.237.64 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-237-64.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e9040ce471b7f8133b978389e0181ee13d9ba451d009f4f04cb69a137201fcfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:06 GMT
last-modified: Mon, 08 May 2023 20:27:06 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 08 May 2023 20:28:06 GMT

GET
H2

200

activityi;dc_pre=CNGbl7PH5v4CFQZ2GQodOwQG5Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2962304987686.5815 Show response
5994599.fls.doubleclick.net/ Frame 8035
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2962304987686.5815?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGbl7PH5v4CFQZ2GQodOwQG5Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2962304987686.5815?

392 B
325 B

66ms
66ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGbl7PH5v4CFQZ2GQodOwQG5Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2962304987686.5815?

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

f6d72584b16de741485a0d6b2bec27964c9a329ecd8c7b4fe685bae5390b00b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 20:27:06 GMT
expires: Mon, 08 May 2023 20:27:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 20:27:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGbl7PH5v4CFQZ2GQodOwQG5Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2962304987686.5815?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900022.redintelligence.net/ Frame 7FBF 7 KB
2 KB 84ms
28ms Document
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request_content.php?s=80959700206410000951407012318022&a=df83deac
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f02d492718&subid=&uid=15bedaca7602c5db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJXOUwhufdRQGqFV7DxXzfQ%26exch_seat%3D20035004448%26mt_aid%3D4115199452894188585%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D95d76459-5b19-4401-9699-99bbbdaa7432%26mt_cid%3D95d76459-5b19-4401-9699-99bbbdaa7432%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCfvy_GFtZZM3KOp6Rpt8Pr4GPsA3Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBJoCT9ACQTGdB5hT6YMklfAdkNbm1Gxcrbz7--Sco6Cbe8EMfBaQPs1BHKqZ6TMJ3uHD8aLCxAr_TfIIvgJ4CKEFbFN8duPHPUPl1ktm61z3y9wGnv-zh3D-Fspai9W8R1Fg-4710v72-_2ya04DPyzxuf_L26NiFpY9quISAXAUM8CXlz0sBuaoH0N0yOIGfPxYKim1m5vftdiDhXMk0BmK1Q_ZkXFJSwvW1uBF1vgeGHIUcYdUe0xJJQDe9s2YEb76kRGsBg7lz4Y9-6206yVlXOm9MQ3TGNm3onJylT6VukGaiQQNk5x6m5028UhalUOU4rA-W6GiItcXXjddM07J4iXhiTJ7NEcrqJ6S5m4ub4ovPkx9OnMCTfGRgAbJkfea2dCvrdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_27mxvmS9yBySnFwexUwStPCp_JnA%2526client%253Dca-pub-4485239425924787%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8848723791683&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 1a05f6eb56810064be20015a39ea3e3d485a40bb366cdba267077840a09e05f3

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2094
Content-Type: text/html; charset=utf-8
Date: Mon, 08 May 2023 20:27:06 GMT
Expires: Mon, 08 May 2023 21:27:06 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame F0A5
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=80959700206410000951407012318022&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=80959700206410000951407012318022&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=

43 B
381 B

185ms
116ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=80959700206410000951407012318022&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293

Protocol

HTTP/1.1

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:06 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 5413AFB8:C75C_91EFC182:01BB_64595B1A_8F07B66:6DD9
X-IPLB-Instance: 40027
Content-Type: image/gif
Keep-Alive: timeout=20
Content-Length: 43
Proxy-Host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=80959700206410000951407012318022&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=
date: Mon, 08 May 2023 20:27:06 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame F0A5 43 B
705 B 219ms
125ms Image
image/gif 104.96.147.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=80959700206410000951407012318022&pv=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.96.147.178 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-147-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 May 2023 20:27:06 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 73E5 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 19:00:25 GMT
etag: 48472445140208031
expires: Tue, 09 May 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F0A5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88cd4b7748b72a42212b51570515851ad9dfd0fe46474d58634ad317bfb445bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/ Frame F0A5 0
145 B 189ms
47ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/postback?oz_pl=1&pv=da1d5cbb-bba1-43a5-9173-929aa532051b&sr=4&si=1056695144&dm=336x280&dt=6196211556140246740000&di=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&r3=&ti=4115199452894188585&pp=pub-4485239425924787&de=43003&cr=6622328&r1=2001%3A1b60%3A1010%3A%3A&ui=ac2b1781-cc4a-1531-0000-000000000000&ap=&ai=216536&c1=4562306&r2=&ci=619621&pd=avt&ac=651871&psv=2.91.0&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ui=ac2b1781-cc4a-1531-0000-000000000000&ap=&ti=4115199452894188585&pv=da1d5cbb-bba1-43a5-9173-929aa532051b&pp=pub-4485239425924787&sr=4&de=43003&si=1056695144&dm=336x280&ac=651871&cr=6622328&ai=216536&c1=4562306&r1=2001:1b60:1010::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 08 May 2023 20:27:06 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/2.91.0/ Frame F0A5 171 KB
54 KB 47ms
46ms Script
text/javascript 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/2.91.0/main.js

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ui=ac2b1781-cc4a-1531-0000-000000000000&ap=&ti=4115199452894188585&pv=da1d5cbb-bba1-43a5-9173-929aa532051b&pp=pub-4485239425924787&sr=4&de=43003&si=1056695144&dm=336x280&ac=651871&cr=6622328&ai=216536&c1=4562306&r1=2001:1b60:1010::&r2=&r3=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-130-15.eu-west-1.compute.amazonaws.com

Software

Resource Hash

92ae4e84bc78354fa23b9f0a45989817fe6a2242af3be667e0b9907903e568b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 55047
Expires: Thu, 14 Jan 2055 17:27:51 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 73E5 0
103 B 38ms
37ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEN1Cwmv4kC8BBMgqBdD3UI8&google_cver=1&google_push=ATf1kGM997glQ7mEsiaEX_DgcH9TK9mEJ4Wv1AYvEFcdoRMFuUbfSIfOo9oZS5KKqbfjrZQVwj7TCHKwp6BhIlVLMfF0UyOtV80
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:06 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 73E5
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKCTYsxukVKHk33DwCg8xGU&google_cver=1&google_push=ATf1kGMrqqO2Xu9vpBgePUM_aUKgYBe63f0DXddbQLm6Cpl7YGEU1et0fxsiYrodwmw1qq8F-Cem_sbGof1xZOP0ksHxwXse0Q&re...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKCTYsxukVKHk33DwCg8xGU&google_cver=1&google_push=ATf1kGMrqqO2Xu9vpBgePUM_aUKgYBe63f0DXddbQLm6Cpl7YGEU1et0fxsiYrodwmw1qq8F-Cem_sbGof1xZOP0ksHxwXse0Q&...

43 B
439 B

188ms
179ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKCTYsxukVKHk33DwCg8xGU&google_cver=1&google_push=ATf1kGMrqqO2Xu9vpBgePUM_aUKgYBe63f0DXddbQLm6Cpl7YGEU1et0fxsiYrodwmw1qq8F-Cem_sbGof1xZOP0ksHxwXse0Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMrqqO2Xu9vpBgePUM_aUKgYBe63f0DXddbQLm6Cpl7YGEU1et0fxsiYrodwmw1qq8F-Cem_sbGof1xZOP0ksHxwXse0Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:07 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c447108ff1d1e49-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:06 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1037
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKCTYsxukVKHk33DwCg8xGU&google_cver=1&google_push=ATf1kGMrqqO2Xu9vpBgePUM_aUKgYBe63f0DXddbQLm6Cpl7YGEU1et0fxsiYrodwmw1qq8F-Cem_sbGof1xZOP0ksHxwXse0Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMrqqO2Xu9vpBgePUM_aUKgYBe63f0DXddbQLm6Cpl7YGEU1et0fxsiYrodwmw1qq8F-Cem_sbGof1xZOP0ksHxwXse0Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c4471079d721e49-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 73E5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJ-swWML9-zsDb4jg84eap4&google_push=ATf1kGNcWfapEg3rpA3A6qt32Cdo6JPdsAPCt7m6llNQGm04obIBLN3vmc...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJ-swWML9-zsDb4jg84eap4&google_push=ATf1kGNcWfapEg3rpA3A6qt32Cdo6JPdsAPCt7m6llNQGm04obIBLN3vmcAF7kYzzfItWKi-sJ-1cQOk5jFcrG3YTbIPWTDn-GI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230035-FRA
pragma: no-cache
date: Mon, 08 May 2023 20:27:06 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1683577627.819661,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJ-swWML9-zsDb4jg84eap4&google_push=ATf1kGNcWfapEg3rpA3A6qt32Cdo6JPdsAPCt7m6llNQGm04obIBLN3vmcAF7kYzzfItWKi-sJ-1cQOk5jFcrG3YTbIPWTDn-GI
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 73E5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN-evpH7T1mLmYvYFG_GIsk&google_cver=1&google_push=ATf1kGMFevFNQZglS82N-kz6YOZ2udCnlJuwmZ-hB4-kX9zHJa2qGWSkS4j8hzbfti8O3FNnLCBs7ixU...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN-evpH7T1mLmYvYFG_GIsk&google_cver=1&google_push=ATf1kGMFevFNQZglS82N-kz6YOZ2udCnlJuwmZ-hB4-kX9zHJa2qGWSkS4j8hzbfti8O3FNnLCB...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc1ODQ4NzMxNzc3MTQ3MzQ1Ng&google_push=ATf1kGMFevFNQZglS82N-kz6YOZ2udCnlJuwmZ-hB4-kX9zHJa2qGWSkS4j8hzbfti8O3FNnLCBs7i...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc1ODQ4NzMxNzc3MTQ3MzQ1Ng&google_push=ATf1kGMFevFNQZglS82N-kz6YOZ2udCnlJuwmZ-hB4-kX9zHJa2qGWSkS4j8hzbfti8O3FNnLCBs7ixUvKN1ZYS_oZbVLy35FQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc1ODQ4NzMxNzc3MTQ3MzQ1Ng&google_push=ATf1kGMFevFNQZglS82N-kz6YOZ2udCnlJuwmZ-hB4-kX9zHJa2qGWSkS4j8hzbfti8O3FNnLCBs7ixUvKN1ZYS_oZbVLy35FQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 73E5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN-evpH7T1mLmYvYFG_GIsk&google_cver=1&google_push=ATf1kGNCQmNewJGeGdHN3-VK-o2ZiCIxhWylyZALNAyNxeM8V1xtaN_KslmaKFgwL2IkoKukxRcKpjwh...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN-evpH7T1mLmYvYFG_GIsk&google_cver=1&google_push=ATf1kGNCQmNewJGeGdHN3-VK-o2ZiCIxhWylyZALNAyNxeM8V1xtaN_KslmaKFgwL2IkoKukxRc...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY5NDUzODEzNTM3MDA5MDg5OA&google_push=ATf1kGNCQmNewJGeGdHN3-VK-o2ZiCIxhWylyZALNAyNxeM8V1xtaN_KslmaKFgwL2IkoKukxRcKpj...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY5NDUzODEzNTM3MDA5MDg5OA&google_push=ATf1kGNCQmNewJGeGdHN3-VK-o2ZiCIxhWylyZALNAyNxeM8V1xtaN_KslmaKFgwL2IkoKukxRcKpjwh0BvkNLH1MbPYN5rRj3A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY5NDUzODEzNTM3MDA5MDg5OA&google_push=ATf1kGNCQmNewJGeGdHN3-VK-o2ZiCIxhWylyZALNAyNxeM8V1xtaN_KslmaKFgwL2IkoKukxRcKpjwh0BvkNLH1MbPYN5rRj3A
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 73E5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE_ZoiNI7cNaL2ERAM8BVVM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE_ZoiNI7cNaL2ERAM8BVVM&google_hm=ZFlbGWHiat0qAc_1amvx_QAAFIgAAAAB&google_nid=index&google_push=ATf1kGPGV3RPeLBAvIskuX6d5kjf1xp7mKJAr...

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE_ZoiNI7cNaL2ERAM8BVVM&google_hm=ZFlbGWHiat0qAc_1amvx_QAAFIgAAAAB&google_nid=index&google_push=ATf1kGPGV3RPeLBAvIskuX6d5kjf1xp7mKJArkgwBl9oti48-Hq8rWUVEa9kaa1HVn4UqNUUeh0GA5h44Jh55yDbDgD5kufT-8w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 08 May 2023 20:27:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE_ZoiNI7cNaL2ERAM8BVVM&google_hm=ZFlbGWHiat0qAc_1amvx_QAAFIgAAAAB&google_nid=index&google_push=ATf1kGPGV3RPeLBAvIskuX6d5kjf1xp7mKJArkgwBl9oti48-Hq8rWUVEa9kaa1HVn4UqNUUeh0GA5h44Jh55yDbDgD5kufT-8w
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 73E5
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDS3a3aj3pdiKndecdOohjI&google_cver=1&google_push=ATf1kGNteUYUOnzb3SwQfVFf2Eg3irH2eF-Lqw3wc_QjbDCnhEjO-YUJJBAC8dyZfBNYFynW7SZMH_oGkLT-wWa7...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNteUYUOnzb3SwQfVFf2Eg3irH2eF-Lqw3wc_QjbDCnhEjO-YUJJBAC8dyZfBNYFynW7SZMH_oGkLT-wWa7f3wXWrdAZB8

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNteUYUOnzb3SwQfVFf2Eg3irH2eF-Lqw3wc_QjbDCnhEjO-YUJJBAC8dyZfBNYFynW7SZMH_oGkLT-wWa7f3wXWrdAZB8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 08 May 2023 20:27:06 GMT
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNteUYUOnzb3SwQfVFf2Eg3irH2eF-Lqw3wc_QjbDCnhEjO-YUJJBAC8dyZfBNYFynW7SZMH_oGkLT-wWa7f3wXWrdAZB8
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: yuyCn0LWzSP_WojG8TKHPSyWIxfaNNPJwxiTNf2i9A1HoCaq0R0MjA==

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 73E5 0
12 B 31ms
30ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IIsdPVBfPoC1arbEWubTTbcUwYoamtnQsQtNbhFPk7gNzGwVGFvWgeM2fThLT3hw2HAn8r

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ Frame 7FBF 5 KB
1 KB 84ms
33ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=80959700206410000951407012318022&a=df83deac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30ece5ac4e330eb0d7d2f0ff3096f914def5a156abfd9f6f0352d03bcf40311b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 May 2023 20:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 May 2023 20:03:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 May 2023 20:27:06 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7FBF 16 KB
16 KB 83ms
28ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=80959700206410000951407012318022&a=df83deac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: df528919e6a8d5108d04b90dda496cb76b464364de3bcdf3744eded6646ec198

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16230
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7FBF 16 KB
16 KB 81ms
28ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=80959700206410000951407012318022&a=df83deac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 73ace05b22fb659b2526335ecfba59eeb21035bdcfc2d28f158cc22a038db3ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16511
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7FBF 15 KB
15 KB 83ms
29ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/1200x627-1.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=80959700206410000951407012318022&a=df83deac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a67ef016bee71acd858584a2168a9530e811838305a8639248424f3d87097455

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15529
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 4C25 108 KB
41 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a4507f3d679565dff9d66f716381ee18dec93064d1491877f9934944a0322a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:27:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42324
x-xss-protection: 0
last-modified: Mon, 08 May 2023 19:48:49 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 May 2023 20:27:06 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E2C 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3876452470165&version=m202301230201&ct=76&x=1&cor=3517467869212796400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/ Frame F0A5 0
145 B 47ms
47ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/postback?oz_pl=1&pv=da1d5cbb-bba1-43a5-9173-929aa532051b&sr=4&si=1056695144&dm=336x280&dt=6196211556140246740000&di=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&r3=&ti=4115199452894188585&pp=pub-4485239425924787&de=43003&cr=6622328&r1=2001%3A1b60%3A1010%3A%3A&ui=ac2b1781-cc4a-1531-0000-000000000000&ap=&ai=216536&c1=4562306&r2=&ci=619621&pd=avt&ac=651871&psv=2.91.0&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.bg3.co/a/ri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ui=ac2b1781-cc4a-1531-0000-000000000000&ap=&ti=4115199452894188585&pv=da1d5cbb-bba1-43a5-9173-929aa532051b&pp=pub-4485239425924787&sr=4&de=43003&si=1056695144&dm=336x280&ac=651871&cr=6622328&ai=216536&c1=4562306&r1=2001:1b60:1010::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 08 May 2023 20:27:06 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK viewability Show response
hal900022.redintelligence.net/ Frame 7FBF 0
150 B 80ms
27ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/viewability?s=80959700206410000951407012318022&a=dc6321ff&vb=m
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=80959700206410000951407012318022&a=df83deac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/request_content.php?s=80959700206410000951407012318022&a=df83deac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:06 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame F0A5 85 KB
31 KB 92ms
25ms Script
text/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=80959700206410000951407012318022&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 03:50:30 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 59798
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: ogZxXHXjIrT3CvK-L1WkMQtghwLlYi2YsdcrIFKeYP7V8vCbqSMCuA==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame F0A5 85 B
437 B 85ms
24ms Image
image/gif 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1683577926&Signature=YS4X3~4YhELYXylwoEZUNibAMqpCyVY31AiDyL4pGHzAJwW0paUZ5z7tsErLmHrovQd6gyJY2a85gMAStndQh7YlQRbmDI2cXx99CVQXD-HpanAl50rH0nLXTxL~mq4z6TBcdCYSUoEIiF3JLdmdDunhTwMz~KoO8QLiFDe4hAaevo6iCwI4bhhV1GKmm2tvRCq8MxOcRLzlWj6rYPHfOREMUekdPw4OjJZ1LfVizXqwhTbSbVzpfj8-gd6n0AskkavomGsAVDfOCVJDxBnbK0ys5TSx91ICTikj1imngMnj2Sfg0E9PzTCipD4oMHZAGheAnxen4QVA9d96byJXSQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 08 May 2023 03:06:22 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 62446
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: sHyP9umtey-lt1wxNQPiRFXIYi7GT7cqjw6MaGyQozlLgY2HPWUtpA==

GET
H3 200 dc_pre=CNGbl7PH5v4CFQZ2GQodOwQG5Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2962304987686.5815
adservice.google.com/ddm/fls/z/ Frame 8035 42 B
63 B 60ms
60ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNGbl7PH5v4CFQZ2GQodOwQG5Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2962304987686.5815

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGbl7PH5v4CFQZ2GQodOwQG5Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2962304987686.5815?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 7FBF 13 KB
13 KB 72ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900022.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 03:23:58 GMT
x-content-type-options: nosniff
age: 320589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 May 2024 03:23:58 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 7FBF 13 KB
13 KB 76ms
26ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900022.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:12:56 GMT
x-content-type-options: nosniff
age: 357251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 May 2024 17:12:56 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/ Frame F0A5 0
145 B 85ms
47ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/postback?pv=da1d5cbb-bba1-43a5-9173-929aa532051b&sr=4&si=1056695144&dm=336x280&dt=6196211556140246740000&di=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&r3=&ti=4115199452894188585&pp=pub-4485239425924787&de=43003&cr=6622328&r1=2001%3A1b60%3A1010%3A%3A&ui=ac2b1781-cc4a-1531-0000-000000000000&ap=&ai=216536&c1=4562306&r2=&ci=619621&pd=avt&ac=651871&sid=Afy6akwDEeYFLAdh&oz_sc=7238de1029a974d924fe2900&oz_df=1683577626932&oz_l=1203&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 08 May 2023 20:27:06 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
838 B 68ms
68ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1683577626982&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1516&pt=1763061558&tz=0&viewable=true&ddast=V8F0QCLAZ8oqZ-mBuykBD4RE39MDdkISkAAABgYID-AIkNFi7fYjNxqyYrz1q0shnXCo_HuJYZNqvRZrJcTla7ISCxwcLlW2wmbtVk5VmLVjbjWuHxGNcyw2Y12kyWy8lqNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8kqdb-Xq5da6H3efW-kZPu8-t89t9buXT7nMLnw67z6182n1uzdHvektcb5HD79asNUaX3S11vbUOp1t6dLg1r7fI9VY-7W7p0WX3uSVOh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcEcdk9R5fT7Q8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DHHfX1-SMgjeIVKgW4QRAAAAAKqJV9wjk3SCikWV____fisAVwAAAg77F6Y5s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRsiIuTlNUMJ6oZpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KzzWQwGjlXK8vCs1tuTBOHaTSzGRce08bhXFi8x3Fe2qzC5yC1z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmZjaLYTGYuRWewcItmq0ca-VotnIrN5vhyjEaWRzDwVr0-pgursnKsNxtkWCA3l4kT4t0ovDsZquVc2NzuTYrx8jj2yycy5ljY9r4NhOXaTkRSzQni3Qiu-xbs81kMBo5VyvLwrNbbkwTh2k0sxkXHtPG4VxY_J2ZzWJYDGZuhWewcItmK8daOZqt3MrNZrhyjEYWx3CwFr0-potrsjIsd_vGbLhZ7XazyWbfmA03q91uNtnsO3SG7-pzNirLKslH5bUtb6m_zWFQuAwW709iWky7s4Po5Ds6dc6es7Mz-v1-v9_v9_v9fr9B6zmYDQrf8azaKiPn2V873DwOBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfsnTrXy93DrXw-5za32jp93n1vntPrfyafe5hU-H3edWPu0-t-bod70lrrfI4Xdr1hqjy-6Wut5ah9MtPTrcmtdb5Horn3a39Oiy-9wSp8NuF5reZotYIjhdpBPRy3i6qP-oAUdzxXKu2K3miuFolQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAXXdeOBuDfaObxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0EMVsvJ_gGoEGu1Wt1urNVqAQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=dfrc_vB!eidc_vB!esv_vA!nonrv_vA!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 976b6df70055e00ee218b8c4f3e1c23c3fabeb47c692c46a650db1b1a89cf7e3

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 08 May 2023 20:27:07 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1467
x-cache: MISS
x-served-by: cache-fra-eddf8230074-FRA
pragma: no-cache
server: nginx
x-timer: S1683577627.991035,VS0,VE46
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
BLOB 200
OK c0dde6d1-8cec-446e-9e90-e4264c83c8df
https://googleads.g.doubleclick.net/ Frame F150 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/c0dde6d1-8cec-446e-9e90-e4264c83c8df
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1683577624&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683577624504&bpp=11&bdt=773&idt=231&shv=r20230504&mjsv=m202305020101&ptt=5&saldr=sa&correlator=7139102779565&frm=23&ife=1&pv=1&ga_vid=1565035639.1683577625&ga_sid=1683577625&ga_hid=331664661&ga_fc=0&ga_cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=306943579&scr_x=0&scr_y=0&eid=44759876%2C44773810%2C44759842%2C44759927%2C44782467%2C44785293%2C44788441%2C44789923&oid=2&pvsid=14120132055281&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zncpe8h52cw&fsb=1&dtd=293
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5a61134a6532a5623e5055442e4b88e247c0a5c8b0f8c1a9c6e2bfba6bf422c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 29ms
28ms Ping
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5040&cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&dr=&dt=%E6%97%A5%E6%9C%88%E5%85%89K7%E5%81%9C%E5%B7%A5%E5%BD%B1%E9%9F%BF%E7%87%9F%E6%94%B6%E4%B8%8D%E5%88%B03%25%E3%80%80%E9%99%B3%E8%8F%8A%E9%96%8B%E9%8D%98%E9%80%9F%E5%BA%A6%E5%BC%95%E7%88%AD%E8%BE%AF%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&en=performance_timing&sid=1683577624&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&epn.page_load_time=5756&epn.domain_lookup_time=9&epn.tcp_connect_time=781&epn.redirect_time=0&epn.server_response_time=976&epn.page_download_time=1&epn.content_download_time=1798&epn.dom_interactive_time=1798
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304212144000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
119 B 22ms
21ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E6%97%A5%E6%9C%88%E5%85%89K7%E5%81%9C%E5%B7%A5%E5%BD%B1%E9%9F%BF%E7%87%9F%E6%94%B6%E4%B8%8D%E5%88%B03%25%E3%80%80%E9%99%B3%E8%8F%8A%E9%96%8B%E9%8D%98%E9%80%9F%E5%BA%A6%E5%BC%95%E7%88%AD%E8%BE%AF%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-7XLtZDXGsa1AOEYkQi1ayQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=5756&dns=9&tcp=781&rrt=0&srt=976&pdt=1&clt=1798&dit=1798&a=5040&z=0.8726474456827038&gtm=45De000&t=timing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 09:15:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40326
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/ Frame F0A5 0
145 B 48ms
48ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/postback?pv=da1d5cbb-bba1-43a5-9173-929aa532051b&sr=4&si=1056695144&dm=336x280&dt=6196211556140246740000&di=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&r3=&ti=4115199452894188585&pp=pub-4485239425924787&de=43003&cr=6622328&r1=2001%3A1b60%3A1010%3A%3A&ui=ac2b1781-cc4a-1531-0000-000000000000&ap=&ai=216536&c1=4562306&r2=&ci=619621&pd=avt&ac=651871&sid=Afy6akwDEeYFLAdh&oz_sc=7238de1029a974d924fe2900&oz_df=1683577627083&oz_l=5867&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 08 May 2023 20:27:06 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/ Frame F0A5 0
145 B 48ms
47ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/postback?pv=da1d5cbb-bba1-43a5-9173-929aa532051b&sr=4&si=1056695144&dm=336x280&dt=6196211556140246740000&di=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&r3=&ti=4115199452894188585&pp=pub-4485239425924787&de=43003&cr=6622328&r1=2001%3A1b60%3A1010%3A%3A&ui=ac2b1781-cc4a-1531-0000-000000000000&ap=&ai=216536&c1=4562306&r2=&ci=619621&pd=avt&ac=651871&sid=Afy6akwDEeYFLAdh&oz_sc=7238de1029a974d924fe2900&oz_df=1683577627273&oz_l=6437&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 08 May 2023 20:27:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/ Frame F0A5 0
145 B 48ms
48ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/postback?pv=da1d5cbb-bba1-43a5-9173-929aa532051b&sr=4&si=1056695144&dm=336x280&dt=6196211556140246740000&di=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&r3=&ti=4115199452894188585&pp=pub-4485239425924787&de=43003&cr=6622328&r1=2001%3A1b60%3A1010%3A%3A&ui=ac2b1781-cc4a-1531-0000-000000000000&ap=&ai=216536&c1=4562306&r2=&ci=619621&pd=avt&ac=651871&sid=Afy6akwDEeYFLAdh&oz_sc=7238de1029a974d924fe2900&oz_df=1683577627463&oz_l=468&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 08 May 2023 20:27:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 8fd77280-b7a4-470b-84d1-94ad9866fb0f
https://googleads.g.doubleclick.net/ Frame F0A5 802 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/8fd77280-b7a4-470b-84d1-94ad9866fb0f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65c876916342706407c80d81b27b17937b0551c1c94267ff20ffc0fa9930b395

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length: 802
Content-Type

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/ Frame F0A5 0
145 B 48ms
48ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/postback?pv=da1d5cbb-bba1-43a5-9173-929aa532051b&sr=4&si=1056695144&dm=336x280&dt=6196211556140246740000&di=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&r3=&ti=4115199452894188585&pp=pub-4485239425924787&de=43003&cr=6622328&r1=2001%3A1b60%3A1010%3A%3A&ui=ac2b1781-cc4a-1531-0000-000000000000&ap=&ai=216536&c1=4562306&r2=&ci=619621&pd=avt&ac=651871&sid=Afy6akwDEeYFLAdh&oz_sc=7238de1029a974d924fe2900&oz_df=1683577627684&oz_l=9022&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 08 May 2023 20:27:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F0A5 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn_I0GtOxt6FT2mPNftJIGLKh6CQBNFJZv0UTIRXBoN5BP_PzIq4VcdDH2UKRBT1W3nEgW0fpkXY14fav1pRAfDzxE&sig=Cg0ArKJSzMQMzdQwHdRTEAE&id=lidar2&mcvt=1045&p=0,0,280,336&mtos=1045,1045,1045,1045,1045&tos=1045,0,0,0,0&v=20230504&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=758607166&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683577624799&rpt=1935&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 20:27:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame F0A5 16 B
232 B 88ms
88ms Fetch
application/json 18.130.95.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.130.95.23 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-130-95-23.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 08 May 2023 20:27:07 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 121ms
36ms Preflight 18.130.95.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.95.23 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-95-23.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 08 May 2023 20:27:07 GMT
server: nginx

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/ Frame F0A5 0
145 B 47ms
47ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/postback?pv=da1d5cbb-bba1-43a5-9173-929aa532051b&sr=4&si=1056695144&dm=336x280&dt=6196211556140246740000&di=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&r3=&ti=4115199452894188585&pp=pub-4485239425924787&de=43003&cr=6622328&r1=2001%3A1b60%3A1010%3A%3A&ui=ac2b1781-cc4a-1531-0000-000000000000&ap=&ai=216536&c1=4562306&r2=&ci=619621&pd=avt&ac=651871&sid=Afy6akwDEeYFLAdh&oz_sc=7238de1029a974d924fe2900&oz_df=1683577627836&oz_l=398&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 08 May 2023 20:27:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/ Frame F0A5 0
145 B 48ms
48ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/Afy6akwDEeYFLAdh/postback?pv=da1d5cbb-bba1-43a5-9173-929aa532051b&sr=4&si=1056695144&dm=336x280&dt=6196211556140246740000&di=https%3A%2F%2Fwww.bg3.co%2Fa%2Fri-yue-guang-k7ting-gong-ying-xiang-ying-shou-bu-dao-3-chen-ju-kai-zha-su-du-yin-zheng-bian.html&r3=&ti=4115199452894188585&pp=pub-4485239425924787&de=43003&cr=6622328&r1=2001%3A1b60%3A1010%3A%3A&ui=ac2b1781-cc4a-1531-0000-000000000000&ap=&ai=216536&c1=4562306&r2=&ci=619621&pd=avt&ac=651871&sid=Afy6akwDEeYFLAdh&oz_sc=7238de1029a974d924fe2900&oz_df=1683577627995&oz_l=493&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 08 May 2023 20:27:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK viewability Show response
hal900022.redintelligence.net/ Frame 7FBF 0
150 B 90ms
34ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/viewability?s=80959700206410000951407012318022&a=dc6321ff&vb=v
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=80959700206410000951407012318022&a=df83deac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/request_content.php?s=80959700206410000951407012318022&a=df83deac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 20:27:08 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/6a9e9b56e450f50780f718e07379ddb2.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/2d6da625860c8a95592ad2029e14e4de.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/82ef4e444452fdfe7e745652f6eadb3c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/ee68bf83288f7c28d6138ae25cc56e4a.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/44fbcb4f3919cfff2bd2c17dba5538e1.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/559ff879174ff7e93385bc5f848702d5.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/4ed2b7623f6d4d5b1589518b4f225a0b.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/ee68bf83288f7c28d6138ae25cc56e4a.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/f8fe1e517a1b4d81ff3ee9928d4d7b68.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/6d32a2afcecb3f263979df8d3296f882.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/35cfad3b2bf1ec8f585b14f8b7e480b9.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/9a3b41da31805f056259dea035cecbca.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/2d6da625860c8a95592ad2029e14e4de.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/eedc6bc65490c474f4d2fb7686618e9e.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/6a9e9b56e450f50780f718e07379ddb2.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/71fd4d2c34e3b86afe67f0d069b0b105.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/716d206f00e6f660537f2c3ca752dff8.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/5b0cf497f3b55acd3880de165ae3a69a.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/fd57b840ca69b62ca1e57e3045eab3a1.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202202/2a018e5d728a302f646bd30153fe9b7c.jpg?w=150&h=100&q=100

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bg3.co/	1970-01-20 20:25:13	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D3ffb010f-a30a-46e1-946e-9338e14db180-tuctb52e097
.quantserve.com/	1970-01-20 21:09:52	Name: mc Value: 64595b18-06c60-c71a1-1b516
.bg3.co/	1970-01-20 21:04:06	Name: __qca Value: P0-1021767959-1683577623792
.aralego.com/	1970-01-20 20:25:13	Name: sspid Value: e09f19ec-f330-38e1-9394-1d31e63bbf64
.www.bg3.co/	1970-01-20 12:22:49	Name: _im_vid Value: 01GZYGQNWMCR3D0F68649FVARJ
.aralego.com/	1970-01-20 20:25:13	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 20:25:13	Name: gdpr Value: 1
.bg3.co/	1970-01-20 21:01:13	Name: __gads Value: ID=c756329362c6a875-22dffaa0c3dd0023:T=1683577624:RT=1683577624:S=ALNI_MbzrqLUXRFWjob-ktD9C2qwtZ3cbQ
.bg3.co/	1970-01-20 21:01:13	Name: __gpi Value: UID=00000bf88d37e0f7:T=1683577624:RT=1683577624:S=ALNI_MYp9Y_1jxV5_Sn_Kgit9bCl8cFAdw
.bg3.co/	1970-01-20 21:15:37	Name: _ga Value: GA1.1.1892113472.1683577625
.bg3.co/	1970-01-20 21:15:37	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1683577625.1.0.1683577625.0.0.0
.doubleclick.net/	1970-01-20 21:01:13	Name: IDE Value: AHWqTUkv8fKQq0H7msAKmpsM-7rFn3tx3xriod5xukNC33L_hTA0gahTIOEJRtGv9qI
.adnxs.com/	1970-01-20 13:49:13	Name: uuid2 Value: 3901347818733111610
.casalemedia.com/	1970-01-20 13:49:13	Name: CMPS Value: 5256
.casalemedia.com/	1970-01-20 13:49:13	Name: CMPRO Value: 5256
.adnxs.com/	1970-01-20 13:49:13	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVPh+MM$!]tbPl1M>e)ZlrFUfJ+tGXxo@WsHL19#ov6FmJQIJ)+T0HL)K$b#qS/>Hc=03If)y3KL9D3I?+]AZj`R
.casalemedia.com/	1970-01-20 20:25:13	Name: CMID Value: ZFlbGWHiat0qAc-1amvx-QAA
.quantserve.com/	1970-01-20 13:49:13	Name: d Value: EEgBCQH4KIEA
.3lift.com/	1970-01-20 13:49:13	Name: tluid Value: 2909296084368074302208
.bidswitch.net/	1970-01-20 20:25:13	Name: tuuid Value: 69860ae3-fbb0-4d79-8078-bcdcceb382cf
.bidswitch.net/	1970-01-20 20:25:13	Name: c Value: 1683577625
.bidswitch.net/	1970-01-20 20:25:13	Name: tuuid_lu Value: 1683577625
.blismedia.com/	1970-01-20 20:25:17	Name: b Value: 64595B194270F437571F4459BLIS
.mathtag.com/	1970-01-20 12:22:49	Name: mt_mop Value: 4:1683577626
.mathtag.com/	1970-01-20 20:25:13	Name: uuid Value: 95d76459-5b19-4401-9699-99bbbdaa7432
.redintelligence.net/	1970-01-20 13:49:13	Name: 8lcfmzhxc8d6_uid Value: c5d9a6ef071a21e0
.adform.net/	1970-01-20 12:24:16	Name: C Value: 1
.office-partner.de/	1970-01-20 21:15:37	Name: source Value: {"webgains_webgains":{"timestamp":1683577626875,"clickCookie":false}}
.adform.net/	1970-01-20 13:06:01	Name: uid Value: 1758487317771473456
.everesttech.net/	1970-01-20 20:25:13	Name: everest_g_v2 Value: g_surferid~ZFlbGgAIph6hhgBa
.awin1.com/	1970-01-20 11:42:30	Name: awpv11830 Value: 296283\|1683577626\|b385dad0-edde-11ed-9d45-2261c3620022
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357066:2338577
.tribalfusion.com/	1970-01-20 13:49:13	Name: ANON_ID Value: auntmIwl6h7bQQwbQQqJsf8bnC5l20VglCMDqk9F8UtgrO4TpIr8YABGaQE23SrQHBUWiL3HFT3fUR3vjvUPE2Rh

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202105/4ed2b7623f6d4d5b1589518b4f225a0b.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/6a9e9b56e450f50780f718e07379ddb2.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/559ff879174ff7e93385bc5f848702d5.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/ee68bf83288f7c28d6138ae25cc56e4a.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/44fbcb4f3919cfff2bd2c17dba5538e1.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/2d6da625860c8a95592ad2029e14e4de.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/82ef4e444452fdfe7e745652f6eadb3c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/ee68bf83288f7c28d6138ae25cc56e4a.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/f8fe1e517a1b4d81ff3ee9928d4d7b68.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/6d32a2afcecb3f263979df8d3296f882.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/9a3b41da31805f056259dea035cecbca.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/6a9e9b56e450f50780f718e07379ddb2.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/35cfad3b2bf1ec8f585b14f8b7e480b9.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/71fd4d2c34e3b86afe67f0d069b0b105.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/716d206f00e6f660537f2c3ca752dff8.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/fd57b840ca69b62ca1e57e3045eab3a1.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/2d6da625860c8a95592ad2029e14e4de.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/eedc6bc65490c474f4d2fb7686618e9e.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/5b0cf497f3b55acd3880de165ae3a69a.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202202/2a018e5d728a302f646bd30153fe9b7c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2EvcmkteXVlLWd1YW5nLWs3dGluZy1nb25nLXlpbmcteGlhbmcteWluZy1zaG91LWJ1LWRhby0zLWNoZW4tanUta2FpLXpoYS1zdS1kdS15aW4temhlbmctYmlhbi5odG1s.json Message: Failed to load resource: the server responded with a status of 404 ()
worker	error	URL: blob:https://googleads.g.doubleclick.net/c0dde6d1-8cec-446e-9e90-e4264c83c8df Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/c0dde6d1-8cec-446e-9e90-e4264c83c8df' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://googleads.g.doubleclick.net/c0dde6d1-8cec-446e-9e90-e4264c83c8df Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/c0dde6d1-8cec-446e-9e90-e4264c83c8df' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

177d726dc3143343d3ae16e8bf27df81.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
a.tribalfusion.com
a2c7834c0170e5cd782ac29214576d8c.safeframe.googlesyndication.com
ads.aralego.com
adservice.google.com
adservice.google.de
adv.office-partner.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
amp.analytics-debugger.com
analytics.webgains.io
api.webgains.io
audiencedata.im-apps.net
c1.adform.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cdn.track.production.webgains.team
cds.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
d-8076783033038022112.ampproject.net
dclk-match.dotomi.com
delivery.adrecover.com
dmp.im-apps.net
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900022.redintelligence.net
http-intake.logs.datadoghq.com
ib.adnxs.com
images.taboola.com
imprammp.taboola.com
l.logly.co.jp
match.adsrvr.org
medialead.de
nt.compass-fit.jp
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel.mathtag.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
pv.medialead.de
region1.google-analytics.com
rules.quantcount.com
s.ad.smaato.net
s.tribalfusion.com
s.update.mediamathtag.com
s0.2mdn.net
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.bg3.co
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.aralego.com
sync.logly.co.jp
sync.mathtag.com
tags.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
trc.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.awin1.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
static.bg3.co
104.96.147.178
108.138.7.20
13.32.99.21
13.41.237.64
138.201.84.252
141.226.228.48
141.226.230.50
142.250.181.230
142.250.186.34
142.250.186.98
144.76.104.53
145.239.193.130
151.101.1.44
151.101.193.44
151.101.66.49
18.130.95.23
18.203.130.15
18.66.147.98
185.29.132.241
185.29.132.246
185.80.39.216
185.89.211.84
192.96.203.13
2.18.233.201
2001:4860:4802:32::36
2001:4de0:ac18::1:a:1b
23.37.42.132
23.97.225.52
2600:1901:0:e207::
2600:1f18:24e6:b901:e1d1:5b35:d046:4c40
2600:9000:211e:f600:1b:5138:8a40:93a1
2600:9000:223c:8600:6:44e3:f8c0:93a1
2606:4700:20::681a:567
2606:4700::6812:18ad
2606:4700:e4::ac40:a11f
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:800::200e
2a00:1450:4001:801::2008
2a00:1450:4001:806::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2004
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c09::9b
2a02:2638:3::c
2a02:26f0:3500:c::5c7b:680f
2a02:26f0:6c00::210:ba1b
2a02:fa8:8806:12::1400
2a05:d018:d29:3605:3da9:ce9e:b459:fe7e
2a0b:4d07:101::1
3.122.139.171
34.96.105.8
35.71.131.137
37.157.2.237
54.249.242.97
54.64.31.222
69.173.144.139
76.223.111.18
84.17.37.44
94.23.99.218
99.86.4.36
00a0492e1b24f28e2b31d6a151bd5e246588c11f27329b05c6ea840e75f03653
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
0365dfe1b3338d87854640ca45491c64f4e63b820e0c3e89591b417bde9a3934
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
046d2f953e547e00cff170eb1ec1ed5b98d28e694acb5aaaf2d824334d120e03
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
08922f7235b4680a98dd67a6a3ebb936f20de01f8e2658bde0ce0bed120ff38c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c157d61213ca1da2359698579ed2a8f61afb4e7ac57ca483424b5bc66295b07
0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
158d2aba910cffe8e5dede9728cc4dd7e6b45bbee01f24667eb0d75d96596851
172bebe6c6656fce79ef8ee0525ef7b8f19a3d81ee917e22f1fc8c5165ffab21
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
198c7bce3540f24e6443c698764b81ed793bddc8163e3e2d76762e008b553933
1a05f6eb56810064be20015a39ea3e3d485a40bb366cdba267077840a09e05f3
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1be5858af440ee5e3da915614ed676dd8085add14c0cc28f4e6e61c1e62cc643
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1eb020010a5672a8b144cfd90b38f0e2b0146ba9f05faf2fab59dff6aa330a36
2177c1d9ade388f7cde9990d04ecd628269b8a81eed6190ee345218f88d1d205
227dedc5f37d808a50412a83264b5fc88d4dd3572c9e23cf2d26cd231a1245ed
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
28bb10ad395d322e68196f832c6bd13db2a751fefa28639ebf2b356327ffd937
28d37801802871b7c6943726da07f06110bc3b1400e050b8b86c82deefc635a3
293c4dc30efea546e286c0185dce44c51099dd75f3486716f08547a8df84d6a7
29cc5de7fd369d7e63e38cae1c883c52af46b8e6fb1b886d9bd861e5561f2533
29ece969763da407f7fd2c061ca2b2ca14a4b2abf23a6084660750e5ed3d62bb
2b7f11f6fe02925277f4a8140b880da74d24172ff6f1336c94f0701936eaa5a0
2d7953b8c3575a0f9b1f66339a1f427ef851fe88447e931eacd03ec95405657f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30ece5ac4e330eb0d7d2f0ff3096f914def5a156abfd9f6f0352d03bcf40311b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34daad21cf86dec76697d7975977280edfdfca5a2e5e1c5358b83668fd931570
368ca5349137feeb0032e4e0091c3e21c34b9e09f8d5e68f48647bbb98f5d3d9
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
3718a87766ac337a304d23998d75ffef8af5ef627158f3754169f6dd80ede1fa
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3df28cbccb082632a26254783c01ed22ef8bc69fc820188c257ef5c6a9a5849c
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f865c6f7723b310a2b684d3f341e91d5bf7b6a7e7aed5e91a745477a28802de
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
418eae0ba12f0f3db5cb6f4305fc87c2d1e57aab47c74e65a5ac23885d423467
41cf41ecfa372170eed19c574ea84901ea24dfd094d7411d0e94451dd2fcf3e7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44edea4a5fcf5c4ab00339f28907aae2925f2febcfe6bc76b94da8658fc6641b
452a33c0a5c956b541f0297af3f01aec8b92c830cc1748773b69b15a77e0efc1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
47b242495675a4a1acd46d253ddfafce009bdda322cf518dbd370baf293a14d5
47f380060f6dfcd4389bf5fcd96923aa1178d7399195a9b73a4369e7b4ac264f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ac44af16963b4aac8085e41039e5bffafb65c04caf4bbee575ae44abeaf1cc
5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409
5ab1122b7b2e08792e2aec20b0759835b0b9e6bd63c2a52a4e16114214c60281
5b0f0d097c4993d6065e1b902f99e72fc3374fbc2795963e9e12bb87a124dbdd
5bb56ad029b7ef8cf3bb97ad4cfcfaea3432c7b177b9d4f78b65c9216c845735
5dfb5ff7a222d0d4bae4f0e62f7a57bbbf0cd6d693e6ea1e725e350bf1c8685d
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65b9b126401693ab7b8b544c147895ae789ca3beb7301ef362e3abb8cd5639c3
65c876916342706407c80d81b27b17937b0551c1c94267ff20ffc0fa9930b395
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6d90478717fa9be02cf3eedf5e8529d0443b428f677b432c697da03bb3b893c2
73ace05b22fb659b2526335ecfba59eeb21035bdcfc2d28f158cc22a038db3ba
770142c691ca2a59644b397237981f056274fbe81346dd0e54e76bbab67da8f2
77384310d4ffb3b35481ce813a3ef4f3cbcf694e8a7a58f6698c692bdf27de5e
78e1bab8e13e9a00d8f6de70fd41b674ebf1ef3df1583aff391e6096584104de
7ab690638ea40ffe78c02adf6799b26b459b7a67dcabfb5afad3edc9107ed9d3
7b0c70ff28ca35cf1717500ae231dd4a7924f2d9d03d01778bc6e8fef74de87f
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
7fe46f0ac38046468c299a33208f637cf6f85a668013df7e354012a321fcd196
8065220eb39c10124f41199488379499693f803665f15a0f8add734456fff24e
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
81c13b8d82329cfd92ef15fe5af675f155c675793c09029d047833920e51f2bb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85e5ff190babc749440afde5ed08f9a4e3ac618462c5bf29c4af553fa38b9610
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
889f2bab730d916ae6b55451a2f2fcdb173b310e29306103ece5b4c545a38156
88cd4b7748b72a42212b51570515851ad9dfd0fe46474d58634ad317bfb445bf
891bcb08c2171aef7f57881171a66b97ea4f5b9265f6d1d5d032ee0e75b4bc4c
8a4507f3d679565dff9d66f716381ee18dec93064d1491877f9934944a0322a8
8b3f98f15a20ea4c69b4ed885e12395a1e63605d125fe9d393a78e0faabb0c42
8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1
8bdfb4f69bf4b36f3f547dab06813d8b865a439935725e3b97c95943f03291d9
8c676e17e7663cea0cd0f0cbcb599b72929d94acccd9a9d27d682bff57ccf2b1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f932f790da0c6b080ad7f3fdaf34469d78f7fd16290536e42f91e17b2535ade
924028269e2e886b495845934379458003e235c9a402812bfb568bb755332586
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92ae4e84bc78354fa23b9f0a45989817fe6a2242af3be667e0b9907903e568b7
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96f21a6e5283967ea8eca7e6e7ac9951a5080f180a9d89b7e318514e7dc6ae88
976b6df70055e00ee218b8c4f3e1c23c3fabeb47c692c46a650db1b1a89cf7e3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d0f800e4c7ebf992893a22514cec4873322c8832c17d3891aa4dc20946b2df0
9e27fa7f715264bc5f51ef099ff96457d7e7a9ef50bcd78e5ccbd63903c985b6
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
9e8f2f4892b2bec2a1d503d372fca5c0be4d89dff523265b89e7d678cf589804
9f12fc87f32bf1c6dccf15f556682f326eaed351be56709178fa7efbc541e12e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05b4715b24ccaa8ce73e4e65b7294852eb28ce89f148341edf670882f52c20f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a273601c208a9318e3cb639fc1f80e5d9aac968eb6f6302817488d8713c57b0f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4be027776a46ffa6d2ecc4c099dd15e51a06010a2db47e19a2be40d330530ce
a5c6f997935bad62c0587b271a977942a9978dab032f04f3e44ab699b19f4fb9
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a67ef016bee71acd858584a2168a9530e811838305a8639248424f3d87097455
a7b4aa8c74ee11b2db378cd5261d06632ea2eb3454de18c29f74dd3eb0378a3d
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
adede9d0f78596079c6ea6d8b2d6de0909d8555b25377948d506daf577ab1349
ae2da07af164be77868022720fc9852f61d3033976ef5d96e3d42b6dda1e2811
b10529211bd9c2d04ac1644fb6ffef760f5f5d0276ccbf45d2599b383cd6ad4f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b37107868e3ddc27e8474863051503794c877e7e7434829aad768a14de638f80
bacf6f3aee8b3884c0b9c467be978195118cb00e3c99e343d90d19db71be5394
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bcd0e5105f1c13cd0a0a015647e30c74fdb53bf8d88548846ad11ce5dbdfa40e
c07684aa8b5395431f3b243baad78a2ddac988833fed866fa18b7d9cb6e1fdce
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1bd5eb4d5dfaa9a98def7e5a80fe927b37c4e7c0b3e3bf6df526a05d6894e75
c3219109fc55539fa6289e7075a2a973e49a56a9c37583faa530b9dc3796b46f
c5a61134a6532a5623e5055442e4b88e247c0a5c8b0f8c1a9c6e2bfba6bf422c
c637f20aa2c06194694dfbdce826e0c2dc27be6768a7f796c9196e35e67e6c7f
c78cc6bbe421e667438c99c2deade09b2c4b591155de58f0189004b32c0f8cc8
c7a060ed168a6d3c172824a0b96d1dbed5df6af2968b7b4b4af1e4aee9fb5e4b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cd3270350f98cdf90fe632ae7b80707804060f8f65e3069a5a9330035b67d575
ce63ef33c684831db2c3417703df5246e51dd002277a9bc48db46dddd9ccda7f
da9a64f3c8e5965abdf2c0ff3edd7d6074fd5f81531269bc93f1cf95c4f9b492
df528919e6a8d5108d04b90dda496cb76b464364de3bcdf3744eded6646ec198
df8442ec855a7a2ec93cf771f4a05ea70618863f00bd66d38363ade83f64e5d4
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e1e3fd54bde275c31e4637e6cf8436150c6b9f89b6e2d16e5d8f2d8b5059cc1a
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47c15ae3a18f656600f80baa04ee8d468eab158e26f77c1de4caf5510506b86
e4f3c8091e8eb1109610b1105ae31851bf6f7ca69d20b1b2e2ee56aa528f19f9
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9040ce471b7f8133b978389e0181ee13d9ba451d009f4f04cb69a137201fcfc
e9fc42113544a86cf4055746168fe437292dbf28628587bf145760a3ada4bcd8
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20a18363ae371104987e0f495d4e9a8c111767948f36ce3f6bb063c5017e190
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f45619358bd0a3adcc3194ccbdd56ed12ac78950c862d6840d21b43a231f89e7
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6d72584b16de741485a0d6b2bec27964c9a329ecd8c7b4fe685bae5390b00b1
f7e005dd43c2718af39b6e9bf14b624e447f7943f4ec183cdb5fa810bbbbc9c5
fa85b91728df6ce768e194698261b214027dc377341f15da4f459ec5c11117cc
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbd7b4e8b348e75dfec7e701491e787028c171c8e37cec59a484f4d63a170cf8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
ff259edc629b5f5f868e877bd9c58b5ff43fe71a0282955dcdcf3cb967443c1d

www.bg3.co Open in urlscan Pro 84.17.37.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

323 Requests

88 %HTTPS

48 %IPv6

51 Domains

88 Subdomains

65 IPs

14 Countries

4565 kBTransfer

12471 kBSize

33 Cookies

18 Outgoing links

Redirected requests

323 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
84.17.37.44 Public Scan

Screenshot
Live screenshot

Full Image

323
Requests

88 %
HTTPS

48 %
IPv6

51
Domains

88
Subdomains

65
IPs

14
Countries

4565 kB
Transfer

12471 kB
Size

33
Cookies

323 HTTP transactions
3 data transactions