www.bg3.co Open in urlscan Pro
84.17.37.44 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Submission: On May 16 via api (May 16th 2023, 5:16:31 pm UTC) from US — Scanned from DE

Summary HTTP 303 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 62 IPs in 13 countries across 50 domains to perform 303 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	84.17.37.44 84.17.37.44	60068 (CDN77 ^_^) (CDN77 ^_^)
11	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 6	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
4	2606:4700:20:... 2606:4700:20::681a:467	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7ece	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a02:26f0:480... 2a02:26f0:480:f::213:7ede	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
51	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	3.114.156.25 3.114.156.25	16509 (AMAZON-02) (AMAZON-02)
2	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
30	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
26	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
9	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e4:... 2606:4700:e4::ac40:a01f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21c... 2600:9000:21ca:3400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 4	2a05:d018:d29... 2a05:d018:d29:3605:a767:7d1a:aeec:38d9	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
3 5	3.68.255.194 3.68.255.194	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
16	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.7.64 108.138.7.64	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:24e... 2600:1f18:24e6:b902:a2e8:aff4:6806:b125	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	54.65.183.34 54.65.183.34	16509 (AMAZON-02) (AMAZON-02)
3	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	18.185.190.24 18.185.190.24	16509 (AMAZON-02) (AMAZON-02)
14	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 3	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2 2	52.50.37.233 52.50.37.233	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
4	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
1	95.101.148.198 95.101.148.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	18.132.62.161 18.132.62.161	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
3	104.96.147.178 104.96.147.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
4	18.132.61.227 18.132.61.227	16509 (AMAZON-02) (AMAZON-02)
303	62

1 84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.210.196.208 (Hagerstown, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ece (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:f::213:7ede (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.114.156.25 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-156-25.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d-9171021731224332733.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:a01f (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ca:3400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d018:d29:3605:a767:7d1a:aeec:38d9 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.68.255.194 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-255-194.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4334f59a068941c2f77119db5b7ccaa0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a50a90721f36d032dd27e734b0933e86.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:bb90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-64.fra56.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b902:a2e8:aff4:6806:b125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.65.183.34 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-183-34.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.190.24 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-190-24.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.237 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.37.233 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-37-233.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (Castricum, Netherlands) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-198.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.135.164 (St. Ingbert, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

hal900015.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.132.62.161 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-62-161.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.96.147.178 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-147-178.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.132.61.227 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-61-227.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 990 trc.taboola.com — Cisco Umbrella Rank: 657 trc-events.taboola.com — Cisco Umbrella Rank: 1941 vidstat.taboola.com — Cisco Umbrella Rank: 2777 am-trc-events.taboola.com — Cisco Umbrella Rank: 16166 images.taboola.com — Cisco Umbrella Rank: 2040 imprammp.taboola.com — Cisco Umbrella Rank: 14139 am-match.taboola.com — Cisco Umbrella Rank: 14462 wf.taboola.com — Cisco Umbrella Rank: 2914 am-vid-events.taboola.com — Cisco Umbrella Rank: 13263 vidstatb.taboola.com — Cisco Umbrella Rank: 5371 pips.taboola.com — Cisco Umbrella Rank: 1646 cds.taboola.com — Cisco Umbrella Rank: 1909 am-wf.taboola.com Failed	1 MB
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 4334f59a068941c2f77119db5b7ccaa0.safeframe.googlesyndication.com a50a90721f36d032dd27e734b0933e86.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 143	476 KB
31	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 stats.g.doubleclick.net — Cisco Umbrella Rank: 91 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 234 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 196787	480 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 31186 ad4m.at — Cisco Umbrella Rank: 11978 assets.ad4m.at — Cisco Umbrella Rank: 41727	522 KB
13	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2017 adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	15 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 375	218 KB
9	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 33010 hal900015.redintelligence.net — Cisco Umbrella Rank: 338348	59 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19754 api.webgains.io — Cisco Umbrella Rank: 53004	63 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39 region1.google-analytics.com — Cisco Umbrella Rank: 2495	868 B
6	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 17233 e3.adpushup.com — Cisco Umbrella Rank: 19040	247 KB
6	aralego.com 1 redirects ads.aralego.com — Cisco Umbrella Rank: 28405 sync.aralego.com — Cisco Umbrella Rank: 2738	4 KB
5	mathtag.com 1 redirects tags.mathtag.com — Cisco Umbrella Rank: 4619 pixel.mathtag.com — Cisco Umbrella Rank: 1097 sync.mathtag.com — Cisco Umbrella Rank: 505	4 KB
5	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 324	2 KB
5	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448 ups.analytics.yahoo.com — Cisco Umbrella Rank: 301	2 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 7680	1 KB
4	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 12981	42 KB
3	awin1.com www.awin1.com — Cisco Umbrella Rank: 17733	2 KB
3	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 50654 medialead.de — Cisco Umbrella Rank: 50209	910 B
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 585	2 KB
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 61315 sync.logly.co.jp — Cisco Umbrella Rank: 69744	2 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 28289 audiencedata.im-apps.net — Cisco Umbrella Rank: 29201	4 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	793 B
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1129 pixel.quantserve.com — Cisco Umbrella Rank: 945 cms.quantserve.com — Cisco Umbrella Rank: 740	10 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	123 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 55691	18 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 29871	4 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 547	2 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2410	904 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 848	2 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 153404 static-de.ad4mat.net — Cisco Umbrella Rank: 199770	4 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	106 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	915 B
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 775	60 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 164	3 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 27728	11 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	1 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 352	463 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 792	715 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3063	104 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 200925	931 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1173	629 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 798	392 B
1	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 10042	253 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1077	634 B
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 23135	2 KB
1	ampproject.net d-9171021731224332733.ampproject.net
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 429	288 B
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 98637	16 KB
1	bg3.co www.bg3.co static.bg3.co Failed	15 KB
303	50

	Domain	Requested by
25	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co googleads.g.doubleclick.net www.googletagservices.com
23	images.taboola.com	www.bg3.co
21	am-trc-events.taboola.com	www.bg3.co cdn.taboola.com
17	cdn.taboola.com	www.bg3.co cdn.taboola.com
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.bg3.co
14	cm.g.doubleclick.net	googleads.g.doubleclick.net www.bg3.co
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
9	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net cdn.aralego.net
6	assets.ad4m.at	as.ad4m.at
6	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
6	adservice.google.com	cdn.ampproject.org securepubads.g.doubleclick.net pagead2.googlesyndication.com 5994599.fls.doubleclick.net
5	hal900015.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900015.redintelligence.net
5	x.bidswitch.net	3 redirects am-match.taboola.com
5	googleads.g.doubleclick.net	cdn.ampproject.org pagead2.googlesyndication.com www.bg3.co googleads.g.doubleclick.net
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
4	api.webgains.io	analytics.webgains.io
4	ad4m.at	as.ad4m.at ad4m.at
4	hal9000.redintelligence.net	www.bg3.co hal900015.redintelligence.net
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	pr-bh.ybp.yahoo.com	1 redirects imprammp.taboola.com am-match.taboola.com
4	www.google-analytics.com	www.bg3.co cdn.ampproject.org
4	cdn.aralego.net	www.bg3.co ads.aralego.com
3	www.awin1.com	googleads.g.doubleclick.net as.ad4m.at
3	c1.adform.net	3 redirects
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
3	sync.aralego.com	ads.aralego.com www.bg3.co
3	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com adv.office-partner.de
3	trc.taboola.com	cdn.taboola.com
3	ads.aralego.com	1 redirects ads.aralego.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.track.production.webgains.team	as.ad4m.at googleads.g.doubleclick.net
2	analytics.webgains.io	track.webgains.com
2	5994599.fls.doubleclick.net	1 redirects www.bg3.co
2	track.webgains.com	www.bg3.co as.ad4m.at
2	pv.medialead.de	hal900015.redintelligence.net googleads.g.doubleclick.net
2	sync.1rx.io	2 redirects
2	match.360yield.com	2 redirects
2	pm.w55c.net	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	region1.google-analytics.com	www.googletagmanager.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	am-vid-events.taboola.com	www.bg3.co
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	code.jquery.com	cdn.adpushup.com delivery.adrecover.com
2	sb.scorecardresearch.com	cdn.taboola.com www.bg3.co
2	delivery.adrecover.com	www.bg3.co
1	fonts.googleapis.com	hal900015.redintelligence.net
1	pixel.rubiconproject.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cds.taboola.com	cdn.taboola.com
1	medialead.de	1 redirects
1	adv.office-partner.de	hal900015.redintelligence.net
1	pips.taboola.com	cdn.taboola.com
1	static-de.ad4mat.net	as.ad4m.at
1	pixel.mathtag.com	tags.mathtag.com
1	sync.targeting.unrulymedia.com	1 redirects
1	onetag-sys.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	www.bg3.co
1	audiencedata.im-apps.net	dmp.im-apps.net
1	vidstatb.taboola.com	www.bg3.co
1	http-intake.logs.datadoghq.com	cdn.adpushup.com
1	l.logly.co.jp	nt.compass-fit.jp
1	a50a90721f36d032dd27e734b0933e86.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	4334f59a068941c2f77119db5b7ccaa0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ups.analytics.yahoo.com	imprammp.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	pixel.quantserve.com	www.bg3.co
1	rules.quantcount.com	secure.quantserve.com
1	stats.g.doubleclick.net	cdn.ampproject.org
1	secure.quantserve.com	cdn.adpushup.com
1	amp.analytics-debugger.com	cdn.ampproject.org
1	d-9171021731224332733.ampproject.net	cdn.ampproject.org
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	e3.adpushup.com	www.bg3.co
1	trc-events.taboola.com	cdn.taboola.com
1	gum.criteo.com	cdn.taboola.com
1	nt.compass-fit.jp	www.bg3.co
1	www.bg3.co
0	am-wf.taboola.com Failed	vidstat.taboola.com
0	static.bg3.co Failed	www.bg3.co
303	89

This site contains links to these domains. Also see Links.

Domain
liebesjuwel.de
popup.taboola.com
cf.anlim.de
gesunde-fuesse-ratgeber.de
lp.pflege-durch-angehoerige.de
www.natuerlichstraffehaut.com
go.safeclicklink.com
zorar.shop
shefence-citional.com
keram1n.com
wenked.com
cutesio.de
www.faltenfreialtern.com
app.goldentree.de
anwalt-kg.de

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G2	`2022-05-20` - `2023-06-21`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
cdn.adpushup.com R3	`2023-04-05` - `2023-07-04`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.analytics-debugger.com GTS CA 1P5	`2023-03-22` - `2023-06-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-04-10` - `2023-07-09`	3 months	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
redintelligence.net R3	`2023-04-10` - `2023-07-09`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
pv.medialead.de R3	`2023-04-15` - `2023-07-14`	3 months	crt.sh
adv.office-partner.de R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Frame ID: ABE8D44CABB5A7C86DB7861C3A2E30B9
Requests: 151 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2888225665894605628&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2772&oid=2&is_amp=5&amp_v=2304262219000&d_imp=1&c=985002443&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&ga_hid=2443&dt=1684257384322&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&bdt=651&dtd=18&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 32067C1858C4E0BDA220C8642663DB08
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: AB85EEDF71A7EA11C863731F6124B5B8
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 0DBEDE8D9C886D986E06252489BD7FB0
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 8A6EB09EA9FA4CB3EC9128F912DBB7FA
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: EF36B2701ACB73B95934B1EBAC260A4D
Requests: 9 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&cmcv=&pix=undefined&cb=1684257384997&uv=3280&tms=1684257384997&abt=nonrv_vA!rv0lcr_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=df01f046-4ec0-4768-95dd-9885b803723b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 9B88ABDA5B36D6AE0A606E50407E3491
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 832488F654615EE45F00846426ED5084
Requests: 4 HTTP requests in this frame

Frame: https://4334f59a068941c2f77119db5b7ccaa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 92B213CE4120FC2157C1831A53F68C78
Requests: 1 HTTP requests in this frame

Frame: https://a50a90721f36d032dd27e734b0933e86.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 410D72D9D34C595A89A227EE6737A4C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134191&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385006&bpp=19&bdt=711&idt=233&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=2&ga_vid=954611832.1684257385&ga_sid=1684257385&ga_hid=1808754396&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=980&biw=1600&bih=1200&isw=336&ish=280&ifk=3748379907&scr_x=0&scr_y=0&eid=42532186%2C44759926%2C44759875%2C44759842%2C42532090%2C44773810%2C31074469%2C31074545%2C44785292%2C44788442%2C44792089&oid=2&pvsid=2716245047709924&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w9r6tz6uww5o&fsb=1&dtd=265
Frame ID: F5A8CFF8659FFE372F18689D5138B65E
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385042&bpp=10&bdt=764&idt=256&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=1&ga_vid=354115225.1684257385&ga_sid=1684257385&ga_hid=500215803&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=605266209&scr_x=0&scr_y=0&eid=42532089%2C44759927%2C44759876%2C42532185%2C44773810%2C44759837%2C31071756%2C44788442%2C44792088&oid=2&pvsid=146831319684748&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ikzvglq8cotc&fsb=1&dtd=278
Frame ID: 303B848ADEB1E3F591B721E46207C225
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: C54351AF2BCD61F34FCD23BD5B61B3DA
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 64425F0DD2CE9CBEB92EDEE713D1C1CC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 02FF7F8EDB488D3EC9F43C2FF5C04E08
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77AE2B82F0B0D38E3F9BC1EEE13EAEF0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CD964C18B9A19BC223C144DB2CB9CF8B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D49DBAD09BCF70E6DE57AE97EC703DDB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 66ADC47A844DD0F797DDCE7A5025C506
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8A23518EF9FEA27AC0A8F33470D1D40F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F6931C40E6D60E5B5C8E83BC844D818
Requests: 2 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 5317FBC8AB26BACBC878B0B7DCABFFE4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CX8mYabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnAJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA4fyd9VCV0t2_PnVxJxQNC6w0le5Cph9nk1titcpNsZewpPCtI0n4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=HmA-4jdlUts&uach_m=[UACH]&cid=CAQSKQBygQiD03YxOZ6D1P-KLR3ITsH--p1c0jhkhu70d90gtpkWIDAo7hVoGAE
Frame ID: 77EC8F0B221EAC0AA801F6E0C12C7431
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g7t60f9z5s4s4zywvt6yvx249c2n536pgrzxdbrmzmc1mjwva1e4sd40n1xxaw4hgs54ztf461xvtrqgjt451apr6faybb7nna8xr2rjsk4k21hpysdbmpchcaqdtg7zxchc75whjatzymjaep2j5zywb6sfrneqj7cdf4adrxhgc7889kg2zkdcnztvepv2t4a48nzw5baebdbjkmm5sqrmx3yhcn4t47kf0g4xvh43enhrxg9y58fa9wvmhk06000tpz6vz70kh8hs9h0cwevk4wbd30r8pmpdb8b6zy9zc5wcnrt48yzx8p1pzrzq6tpry15m1q9beh7z2hnr55c5t080br01xxyadf1g7sxcyheg5asezx341afryrhsccp875vjgqq08bkft86hfmkc9yr59wc6y8229hsf8p3x0hphgaphpy4ebwk8h8abh4m65eg46y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 097F0120EFA14EBFBFB80BEF752CE738
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EE17A2284D5567B2F9FA5833874008E7
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 67740FAFD67EAE2D106F9DC8DF2D878A
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=a336912798cc01dda4d59d7d266c4608%2F17945804830575939436&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684257386298&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1htrbccs2vkzkv1gp20ds44a1kke3qvch84z0zmg6sq50823r2bws8jydb702shj7fkxb09zctepw2kfyd7k0aba3rdy378ywh78memaxn2z04ng8p89ntbth8j1snkt6rk4wwmdzvqg7p1167bcmxq27rwjm84xnzdtgd7han9yywhejkqz7xs7z6fgq8q6dwych5jggqhdtdj6djbqjsv37wrmj3f5bzn3nwtk6zw6rtxfkhkewmqkbmz64mz18vqc6vaw5mhb5bw0nh1hq03jq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Frame ID: D6D5364211EFB1D77FD3E57355B43953
Requests: 14 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=71853600129290700951407012326015&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 0AC3C4E78DAD7FE4728CD4ADAB4CE302
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 1241A90081A42BDA136F47554FD36701
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6a79mr-v4CFcrGsgodeXcMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2852188287937.5493
Frame ID: A59811F521A25D8C8E9C48BCFA130E35
Requests: 2 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=71853600129290700951407012326015&a=25ca20a0
Frame ID: 0A75E995AD88B4E21F932DD25034C213
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DC605E406F2468550B0F62146059CFD9
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

超高密度三維動態全息投影實現 - 天天要聞

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

303
Requests

90 %
HTTPS

50 %
IPv6

50
Domains

89
Subdomains

62
IPs

13
Countries

3794 kB
Transfer

10243 kB
Size

35
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://liebesjuwel.de/pages/Tochter-2-Spruchkette
Title: Liebesjuwel

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://cf.anlim.de/cf/r/644a69ca9cb53700128120e7
Title: Apotheke Regional

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://gesunde-fuesse-ratgeber.de/barfusschuhe/
Title: Pummys

Search URL Search Domain Scan URL

URL: https://lp.pflege-durch-angehoerige.de/zuzahlungsfreie-pflegehilfsmittelbox/
Title: Pflege durch Angehörige

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.natuerlichstraffehaut.com/der-kuerzeste-weg-tb
Title: Beauty Fokus

Search URL Search Domain Scan URL

URL: https://go.safeclicklink.com/f3773553-ee19-4552-9b98-bb7a56c963b0
Title: KetoXplode

Search URL Search Domain Scan URL

URL: https://zorar.shop/products/lederschuhe-f%C3%BCr-herren-1
Title: Zorar

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/7d579126-4d18-4d00-912f-43f83ac27ee6
Title: NutraFlex Nahrungsergänzungsmittel

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/c351a234-e6d9-4bf6-800c-f99fb09a6b14
Title: Prostata Gesundheit

Search URL Search Domain Scan URL

URL: https://keram1n.com/de/
Title: Keramin

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%207:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://wenked.com/products/handgefertigte-herren-seite-reissverschluss-l%C3%A4ssig-bequeme-leder-slip-on-loafers-1
Title: Besten Herrenschuhe

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%209:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://cutesio.de/products/armband-infinity-love
Title: cutesio

Search URL Search Domain Scan URL

URL: https://www.faltenfreialtern.com/anti-falten-trick/
Title: BeautyFokus

Search URL Search Domain Scan URL

URL: https://app.goldentree.de/abt/ageless-k6-ob
Title: goldentree.de

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%2011:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://anwalt-kg.de/bankenrecht/pkv-beitragserstattung/schnell-check
Title: PKV Beitragsrückerstattung

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=rec-reel-sc2-delta:Below%20Article%20Feed%20|%20Card%2012:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-em-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 225

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIkEpS1qpNr9Rb7H3hsixrw&google_cver=1&google_push=ATf1kGN9WO3CiqngFo0vi63LYmQo9tDo4sIt5-f8ix6EE3ULWrmXC0871C-tQuTrVbZ67itSVRkJ1NNyZd_EmwXG8QnFilLtHBZ39Dq_pgILLOAoe_NQPAjGS5KktpkaV1liPUguIKLp94vJgyJYdasW1V4m HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIkEpS1qpNr9Rb7H3hsixrw&google_cver=1&google_push=ATf1kGN9WO3CiqngFo0vi63LYmQo9tDo4sIt5-f8ix6EE3ULWrmXC0871C-tQuTrVbZ67itSVRkJ1NNyZd_EmwXG8QnFilLtHBZ39Dq_pgILLOAoe_NQPAjGS5KktpkaV1liPUguIKLp94vJgyJYdasW1V4m HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Q2dGWHNUSW0xUFlZaEk1&google_gid=CAESEIkEpS1qpNr9Rb7H3hsixrw&google_cver=1&google_push=ATf1kGN9WO3CiqngFo0vi63LYmQo9tDo4sIt5-f8ix6EE3ULWrmXC0871C-tQuTrVbZ67itSVRkJ1NNyZd_EmwXG8QnFilLtHBZ39Dq_pgILLOAoe_NQPAjGS5KktpkaV1liPUguIKLp94vJgyJYdasW1V4m

Request Chain 226

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKEt4dzl0Bfo6nLwoYPAR-g&google_cver=1&google_push=ATf1kGPHy3xIaoOHWqmyGeUHkvh_JW9J-0e4NPbWsWNZWzHlzQDvGo-NibJJn2R1_3Kg5Qn89E3t1lVvGA2sa7_ra7GcQbW2MhIEFnwI-sXHKVnGOP_GJO30eC0P0EJZQJZiWGaRKmorKurqa0fay5Y0-VD6 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKEt4dzl0Bfo6nLwoYPAR-g&google_cver=1&google_push=ATf1kGPHy3xIaoOHWqmyGeUHkvh_JW9J-0e4NPbWsWNZWzHlzQDvGo-NibJJn2R1_3Kg5Qn89E3t1lVvGA2sa7_ra7GcQbW2MhIEFnwI-sXHKVnGOP_GJO30eC0P0EJZQJZiWGaRKmorKurqa0fay5Y0-VD6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPHy3xIaoOHWqmyGeUHkvh_JW9J-0e4NPbWsWNZWzHlzQDvGo-NibJJn2R1_3Kg5Qn89E3t1lVvGA2sa7_ra7GcQbW2MhIEFnwI-sXHKVnGOP_GJO30eC0P0EJZQJZiWGaRKmorKurqa0fay5Y0-VD6&google_hm=TgaqQRCcTs6wV62pNRTgUQ==

Request Chain 227

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAJ7xBLCPDTh0kgf_cekk3g&google_cver=1&google_push=ATf1kGPcoccNMMa9FXzpainxlWcYulHV7JoxgXEjPWqMQDD6OQX0NWZaai2Q7WjI6ZpXiAuiqiryywJ5zt_gqF92Y2dyPy7bVkx5hmgg-9BfBNFKqaBwwIZk5GgxgIYsbYUuKNzVehLtxQ-03Ash8vyOSadt HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAJ7xBLCPDTh0kgf_cekk3g&google_cver=1&google_push=ATf1kGPcoccNMMa9FXzpainxlWcYulHV7JoxgXEjPWqMQDD6OQX0NWZaai2Q7WjI6ZpXiAuiqiryywJ5zt_gqF92Y2dyPy7bVkx5hmgg-9BfBNFKqaBwwIZk5GgxgIYsbYUuKNzVehLtxQ-03Ash8vyOSadt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMzODY0ODYzNjc0MzE4NDA0OQ&google_push=ATf1kGPcoccNMMa9FXzpainxlWcYulHV7JoxgXEjPWqMQDD6OQX0NWZaai2Q7WjI6ZpXiAuiqiryywJ5zt_gqF92Y2dyPy7bVkx5hmgg-9BfBNFKqaBwwIZk5GgxgIYsbYUuKNzVehLtxQ-03Ash8vyOSadt

Request Chain 228

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEB3j-7Pl29F7aTN6GtWBh3k&google_cver=1&google_push=ATf1kGPjZgsWuoeIKrhaBSHw4pB0yipn4g0Qe5Q4sLr6S1cfuHPZTJcWO7Ohg8FfPeFY6LxzUidmmYvTQcN2GTEWa7FCz6sc4c-isDFzHpYc7K9Ngf0FE34Bg_nk7SumkDh4Ytq7PY0UlqMaRm3AaPyIXuPw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPjZgsWuoeIKrhaBSHw4pB0yipn4g0Qe5Q4sLr6S1cfuHPZTJcWO7Ohg8FfPeFY6LxzUidmmYvTQcN2GTEWa7FCz6sc4c-isDFzHpYc7K9Ngf0FE34Bg_nk7SumkDh4Ytq7PY0UlqMaRm3AaPyIXuPw

Request Chain 229

https://match.360yield.com/match/ebda?google_gid=CAESEG07uQTMRTp8nqmDL0xoh4A&google_cver=1&google_push=ATf1kGMTkL8pRFoHTVMxf3TOGvEIHgmhJSP8jwze1lX19yAJwRrM8WBSEhndF_luqyC2tCeoNrJr3z_eKG6w-WZXZlJwVDvg24k6SsLYMDRnF-GKDvzvFPq22Ul1MAhniwDp2Xn_xvJXtTAOxmi-7XdcsFMe HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEG07uQTMRTp8nqmDL0xoh4A&google_cver=1&google_push=ATf1kGMTkL8pRFoHTVMxf3TOGvEIHgmhJSP8jwze1lX19yAJwRrM8WBSEhndF_luqyC2tCeoNrJr3z_eKG6w-WZXZlJwVDvg24k6SsLYMDRnF-GKDvzvFPq22Ul1MAhniwDp2Xn_xvJXtTAOxmi-7XdcsFMe HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RjsI9pBVTuycN5_w__fn3A&google_push=ATf1kGMTkL8pRFoHTVMxf3TOGvEIHgmhJSP8jwze1lX19yAJwRrM8WBSEhndF_luqyC2tCeoNrJr3z_eKG6w-WZXZlJwVDvg24k6SsLYMDRnF-GKDvzvFPq22Ul1MAhniwDp2Xn_xvJXtTAOxmi-7XdcsFMe

Request Chain 230

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEGLptObuDM1_D1Au3vpc3X4&google_cver=1&google_push=ATf1kGP6LX4zfqFKraMaFjq7IXLdnJ8iKLl-b4qn8gQm93EEHwAk3-Biid0oLXvJA9GSetKc54JilKOxNYhKOQ8dwAoKKFS5X_UVN4HqjbJfn8eFK-WUE1gytuoV-_G9r0tC8t0uZvIDsAGzhobfyeRD7ns HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGP6LX4zfqFKraMaFjq7IXLdnJ8iKLl-b4qn8gQm93EEHwAk3-Biid0oLXvJA9GSetKc54JilKOxNYhKOQ8dwAoKKFS5X_UVN4HqjbJfn8eFK-WUE1gytuoV-_G9r0tC8t0uZvIDsAGzhobfyeRD7ns&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1684257386131 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-5ed61863-a3c6-42ff-8fc7-ed50eda65dd4-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGP6LX4zfqFKraMaFjq7IXLdnJ8iKLl-b4qn8gQm93EEHwAk3-Biid0oLXvJA9GSetKc54JilKOxNYhKOQ8dwAoKKFS5X_UVN4HqjbJfn8eFK-WUE1gytuoV-_G9r0tC8t0uZvIDsAGzhobfyeRD7ns%26google_hm%3DA17WGGOjxkL_j8ftUO2mXdQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP6LX4zfqFKraMaFjq7IXLdnJ8iKLl-b4qn8gQm93EEHwAk3-Biid0oLXvJA9GSetKc54JilKOxNYhKOQ8dwAoKKFS5X_UVN4HqjbJfn8eFK-WUE1gytuoV-_G9r0tC8t0uZvIDsAGzhobfyeRD7ns&google_hm=A17WGGOjxkL_j8ftUO2mXdQ

Request Chain 241

https://hal900015.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f01e773a0a&subid=&uid=2490ef4f19e03415&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DolijQfIL6OLIiwRh_nvaHQ%26exch_seat%3D20035004448%26mt_aid%3D7576883515838003096%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D64076463-ba69-4101-9b2b-2e8be8e02a14%26mt_cid%3D64076463-ba69-4101-9b2b-2e8be8e02a14%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMmE7abpjZMykGLHWn88Pod-e8AjPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBKUCT9BUpf4nPnyFUla2HVA0fGMSKrU8Czq1gIMrYpnCV6zlJ-s5HEZ0u5AmL8eNzlMH_VRCLh6mbCkWwSntw2rJCNsrW1NvSmXEx7Qw933kAqOzpzhhAIcL63vX1EV2YWXZVt7Wfn4BOCZFrBtdgTAZlX7pe-sAHhOr5FuiKiGzuDokN0G_2_QtgDwzY2AKOvjrjCsghEW4VEcHIaVsx9ds45TNjEI5ueSLvi21Lgt_h7wLooP-jF5NKirxMiIej3aTfOROxAm6Jo6U6VeH_BX_7KQs9u8jGDM2Wfbe1tqHvNUAMN_uGqf3xZWaF3i1igFQwnoUEPC3CLHD_U8K3oEM3LcIVhRtg_iRAzqpy6-PDVuxuFaf6cqeVDs61qgepUrpCQXDn-6ABsmR95rZ0K-t1AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1pgNqGpEcniRQudacEivX7ajdbHg%2526client%253Dca-pub-4485239425924787%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=9481879136192&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900015.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f01e773a0a&subid=&uid=2490ef4f19e03415&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DolijQfIL6OLIiwRh_nvaHQ%26exch_seat%3D20035004448%26mt_aid%3D7576883515838003096%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D64076463-ba69-4101-9b2b-2e8be8e02a14%26mt_cid%3D64076463-ba69-4101-9b2b-2e8be8e02a14%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMmE7abpjZMykGLHWn88Pod-e8AjPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBKUCT9BUpf4nPnyFUla2HVA0fGMSKrU8Czq1gIMrYpnCV6zlJ-s5HEZ0u5AmL8eNzlMH_VRCLh6mbCkWwSntw2rJCNsrW1NvSmXEx7Qw933kAqOzpzhhAIcL63vX1EV2YWXZVt7Wfn4BOCZFrBtdgTAZlX7pe-sAHhOr5FuiKiGzuDokN0G_2_QtgDwzY2AKOvjrjCsghEW4VEcHIaVsx9ds45TNjEI5ueSLvi21Lgt_h7wLooP-jF5NKirxMiIej3aTfOROxAm6Jo6U6VeH_BX_7KQs9u8jGDM2Wfbe1tqHvNUAMN_uGqf3xZWaF3i1igFQwnoUEPC3CLHD_U8K3oEM3LcIVhRtg_iRAzqpy6-PDVuxuFaf6cqeVDs61qgepUrpCQXDn-6ABsmR95rZ0K-t1AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1pgNqGpEcniRQudacEivX7ajdbHg%2526client%253Dca-pub-4485239425924787%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=9481879136192&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 250

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2852188287937.5493 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6a79mr-v4CFcrGsgodeXcMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2852188287937.5493

Request Chain 252

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=71853600129290700951407012326015&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=71853600129290700951407012326015&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 267

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMI8Q6AlcfzsjJ59qnE4l48&google_cver=1&google_push=ATf1kGNLQJOlkmNsvBSRDyKl4wxGC2PjbqywRvVW2CqNY7Me7TeyRPROZeKpA0OQmP_Ut6iA5tiyPUHcEZZXYcy0ZVNGJx5dJRt6_Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ZAdkY7ppQQGbKy6L6OAqFA&google_push=ATf1kGNLQJOlkmNsvBSRDyKl4wxGC2PjbqywRvVW2CqNY7Me7TeyRPROZeKpA0OQmP_Ut6iA5tiyPUHcEZZXYcy0ZVNGJx5dJRt6_Q

Request Chain 268

https://um.simpli.fi/gp_match?google_gid=CAESECvOYRYoDcospa43LOqLPak&google_cver=1&google_push=ATf1kGOSdpUSKZlK8prakRnoeU9Hcv-kmt31uROGZJ_oA6dLSO52l8pw3xu3k7aGDRwd_ffOV55X7IPW_0F7Pbu6xFlMc0-MkYUr9w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=226AB91CBDB04BD3B2B4D09F19F40565&google_push=ATf1kGOSdpUSKZlK8prakRnoeU9Hcv-kmt31uROGZJ_oA6dLSO52l8pw3xu3k7aGDRwd_ffOV55X7IPW_0F7Pbu6xFlMc0-MkYUr9w

Request Chain 269

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECDpvHpKkkNhnlQHrj2GB5M&google_cver=1&google_push=ATf1kGOuXqwIZsO6axJ1AsVIN74XaGwn30eAa5bocqovBoJTWBswPz5uoS9jPDXR_pxJcYgmUich96hXq1LOrOpQHZWf8cPpW_C4fQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOuXqwIZsO6axJ1AsVIN74XaGwn30eAa5bocqovBoJTWBswPz5uoS9jPDXR_pxJcYgmUich96hXq1LOrOpQHZWf8cPpW_C4fQ&google_hm=eS1RUF9jN04xRTJwRmVwV1BGLjBSejgwYTY5aHJ1UllTMn5B

Request Chain 270

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBR99zpIR4xZZBX1o7IuW2U&google_cver=1&google_push=ATf1kGOi5RLSE0x7F010Y2YQoz-EeFPlVtj2rv4G37JTn9lFKOKDWknNxtU_Hh1eyzEDc2tGLiZBEaZrh_MB40uZy92dtk9IQ2yDtw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMzODY0ODYzNjc0MzE4NDA0OQ&google_push=ATf1kGOi5RLSE0x7F010Y2YQoz-EeFPlVtj2rv4G37JTn9lFKOKDWknNxtU_Hh1eyzEDc2tGLiZBEaZrh_MB40uZy92dtk9IQ2yDtw

Request Chain 271

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELxSOlEQQ9PmrwNdbYdPTEk&google_cver=1&google_push=ATf1kGMYe57BPFTAX6fOg1JHnFYaNHjjQpcNGeolKY43XU_7D2Q4waUzD1oBzHqvGiCoBf4QxIHDrAs_n-CUABRPKvrYfO_wjeEiVw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhRSkQwU1EtMjYtOTVYVg==&google_push=ATf1kGMYe57BPFTAX6fOg1JHnFYaNHjjQpcNGeolKY43XU_7D2Q4waUzD1oBzHqvGiCoBf4QxIHDrAs_n-CUABRPKvrYfO_wjeEiVw

Request Chain 272

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELTgTSeVhs8PZTH2bITMPj4&google_cver=1&google_push=ATf1kGO3c7eB_z-BGXqTMla7w4p8AsYyxQPcHmJM3obv-3OM6uCuBn7z5dFVbENlyZORqjmZ_OC2s91tqh-N6b7OWl3R4disifOsqsk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4e06aa41-109c-4ece-b057-ada93514e051&%%GOOGLE_PUSH_PAIR%%

303 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html Show response
www.bg3.co/a/ 52 KB
15 KB 1603ms
840ms Document
text/html 84.17.37.44
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-37-44.cdn77.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9de814503035b3381542de909a698f962813dfbf86e22ae580d70e744886199b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=900
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 16 May 2023 17:16:23 GMT
ETag: "cf72-D1jb/96YyxaIG865eamRUZnlgXc"
Expires: Tue, 16 May 2023 17:31:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 138ms
64ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edcfddd81e044f1f01beb69b5224a8a3f9913a456a06c4025b97458c40c3b677

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 16 May 2023 17:16:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72834
x-xss-protection: 0
server: sffe
etag: "c158f1ffbc9a288c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 17:16:23 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 134ms
60ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b4ddda16364d41b44d0e83b2b9f60d1e810d96f9e9078c1a5fae8e16e497b88

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 16 May 2023 17:16:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9669
x-xss-protection: 0
server: sffe
etag: "94af10a30687371b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 17:16:23 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
8 KB 111ms
56ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7e79e05f378e7ee1eaf703981ac7f5ac32c4c410b2084c2e270a26d88b52ff1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 16 May 2023 17:16:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7579
x-xss-protection: 0
server: sffe
etag: "1949638f3ef2fc93"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 17:16:23 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
39 KB

89ms
31ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13823
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39829
last-modified: Tue, 25 Apr 2023 05:37:58 GMT
server: cloudflare
etag: "64476736-9b95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLq6r0MmPFUCWv5J8dNmmjcJ%2Bg0qIjSqViNhlnHidgCqio6OD4gEZjoE8jM0ouIhkwjK4DPCaEwAQLSqwa94r%2B8t72hhvINdpUnzYNOoozzSfOki%2BTQnS1bRdvP7wTBx3c6ZLb0%2Bxyyl9u9HIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c8544ab6a911c28-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 36 KB
10 KB 269ms
42ms Script
application/javascript 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 5bc07768431d2ec9c8b0b65600665b425cc63c3d647f8d244e6c05368171a280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-country: DE
date: Tue, 16 May 2023 17:16:23 GMT
content-encoding: br
last-modified: Tue, 16 May 2023 07:00:22 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-cf-geodata: DE
content-length: 9883
expires: Tue, 16 May 2023 18:16:23 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 625 KB
133 KB 164ms
43ms Script
application/javascript 2a02:26f0:480:f::213:7ede
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ede Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e2ea3c887c50e622ba0352874317044fdf4c0d6e0b4a2e02d9df0ee3bd31634e

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-country: DE
date: Tue, 16 May 2023 17:16:23 GMT
content-encoding: br
last-modified: Fri, 12 May 2023 14:25:52 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467849_34831774_241834378_77_1178_35_0";dur=1
x-cf-geodata: DE
content-length: 135986
expires: Tue, 16 May 2023 18:16:23 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 270 KB
44 KB 79ms
23ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2dc541f8bbcb6b17aac7e505f71e865c061ca911deb6f33084dde3f5b6e20629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: rNw_WpIemyVdx1DMWVb1aCGEyHHNlvkZ
content-encoding: gzip
via: 1.1 varnish
date: Tue, 16 May 2023 17:16:23 GMT
x-amz-request-id: EHCET8860PVWSGC3
age: 24007
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 44449
x-amz-id-2: VczI4mwNw3sKZQ80GyuxtGuXBKw0OqXyBdgW1CXsAtGNfg9poUCJSqr+1jOP6WCo9ZJ7JJRHm2o=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 16 May 2023 10:16:09 GMT
server: AmazonS3
x-timer: S1684257384.761139,VS0,VE0
etag: "12bcad096d5d254792c48cd7397ef563"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 70
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 77 KB
16 KB 1294ms
260ms Script
text/javascript 3.114.156.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.156.25 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-156-25.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b883d528b46381bbd6c86551cdafd8a1bcdf5d90d237780e81675779e58dd908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 impl.20230516-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ 765 KB
159 KB 23ms
23ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230516-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f2a1a7c932feaa7ca699c5f9cf6a9fad8d1bd6762fa9e72326d7ef5492d6026d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: HBiD8V3oaF1R1kYpK1Tp93McZOTkeejT
content-encoding: br
via: 1.1 varnish
date: Tue, 16 May 2023 17:16:23 GMT
x-amz-request-id: 566NX4CB1R1DNWVW
age: 26179
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 162787
x-amz-id-2: QK8106IR5RSRjrEbTuTIGPyHlm8uPSbQe4nUTEuijjgu1jooVdvMSHsx+/yo4iBSabAYvVyF5EY=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 16 May 2023 10:00:05 GMT
server: AmazonS3-br
x-timer: S1684257384.825401,VS0,VE0
etag: "4da65079cfcde4c4559762980e68753e"
vary: Accept-Encoding
content-type: application/javascript
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 68145

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 83ms
23ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 06:03:53 GMT
content-encoding: gzip
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 40350
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 4Cilkv-dBblGWC2LNIwoCo2gmCshKQz0RngO0L1C83KLOwCqFwMhaQ==

GET 932e2b2b85afd1369ae0bc74f925acf0.jpg
static.bg3.co/imgs/202106/ 0
0

GET b54c983599afbf7a6e653cbce32242aa.jpg
static.bg3.co/imgs/202105/ 0
0

GET f244792c170815bb9f3b69f4d536c54c.jpg
static.bg3.co/imgs/202305/ 0
0

GET 4f9ec8b4a7f9eda692b58f07bfe7d962.jpg
static.bg3.co/imgs/202106/ 0
0

GET 4ddd9c04605f26e5f524d543c0991953.jpg
static.bg3.co/imgs/202106/ 0
0

GET 7301ad13c8af184fac1dd10d67f568fd.jpg
static.bg3.co/imgs/202105/ 0
0

GET 7bb0c75f31c3060fb2a6683528bf2f99.jpg
static.bg3.co/imgs/202209/ 0
0

GET 51049fef11c918dffb4ad07ff332f89d.jpg
static.bg3.co/imgs/202112/ 0
0

GET 650a32997bdc271974559123dd17626c.jpg
static.bg3.co/imgs/202109/ 0
0

GET 768dedbbcaf1287515b441c23ab486cb.jpg
static.bg3.co/imgs/202106/ 0
0

GET 09fe6f7ba69f09ab62dcbc31c9e5b5e1.jpg
static.bg3.co/imgs/202105/ 0
0

GET 74e8e40586ddfe846b8691cf0c1165fa.jpg
static.bg3.co/imgs/202105/ 0
0

GET abc4cf13a1d11c77e165626dbd3c57a3.jpg
static.bg3.co/imgs/202106/ 0
0

GET 7a343194ccaa526e5fe05cec5d36e8fd.jpg
static.bg3.co/imgs/202105/ 0
0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012304262219000/v0/ 8 KB
3 KB 73ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc5d5c8cc50cf0377951ada6a7602f54ea87fc0014898d6f80d1be2b7273ef2b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 20:01:38 GMT
age: 594885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2993
x-xss-protection: 0
server: sffe
etag: "80572a9372124496"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 20:01:38 GMT

GET
H3 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012304262219000/v0/ 82 KB
23 KB 78ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4189eed67d24cf577ee7521b01980c1c76874f2ca7830c761b383215656230b3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 20:01:40 GMT
age: 594883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23125
x-xss-protection: 0
server: sffe
etag: "a783e6619a690963"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 20:01:40 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 3 KB
824 B 117ms
61ms Fetch
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25e6714659af0c54d76700b623a6931eed20bea903b8875d935e9e2a83c4e68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 476
x-xss-protection: 0

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012304262219000/v0/ 12 KB
4 KB 72ms
27ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ea369b57f0c666e908689cd3d672a6636958094d2d1bf6620cb2de468ffdcd2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 20:01:40 GMT
age: 594883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3935
x-xss-protection: 0
server: sffe
etag: "ef1a1904dcb0cee5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 20:01:40 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 111ms
36ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230516-10-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:23 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 275417
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 85 KB
21 KB 378ms
370ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=17%3A16%3A23.942&lti=deflated&data=%7B%22id%22%3A744%2C%22ii%22%3A%22%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1684232137031%2C%22vi%22%3A1684257383939%2C%22cv%22%3A%2220230516-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html%22%2C%22vpi%22%3A%22%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2862%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A676%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230516-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a8ae6eff24f4f911444b398168295813fffc10fe5090b3e9063d7e0cc3657abe

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 341
date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230047-FRA
server: nginx
x-timer: S1684257384.968705,VS0,VE341
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.bg3.co
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/palmate-bg3co/log/3/ 0
244 B 98ms
29ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230516-10-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.bg3.co
pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 25ms
24ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684257383946&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&c8=%E8%B6%85%E9%AB%98%E5%AF%86%E5%BA%A6%E4%B8%89%E7%B6%AD%E5%8B%95%E6%85%8B%E5%85%A8%E6%81%AF%E6%8A%95%E5%BD%B1%E5%AF%A6%E7%8F%BE%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&c9=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:23 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: gHFuEJDbHgIDimQJDzcAP3iUy1bV57mhLv5BwjXk_OQ1tviUhxD58Q==
x-cache: Miss from cloudfront

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 96ms
26ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1684257384.dop214.fr8.t,1684257384.cds002.fr8.hn,1684257384.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 84ms
48ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e98"
vary: Accept-Encoding
x-hw: 1684257384.dop214.fr8.t,1684257384.cds002.fr8.hn,1684257384.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29880

GET
H3 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012304262219000/v0/ 40 KB
10 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd1e988c31d1963cd1d2813571485232a6687e960466a86ca4cd3d8eef72ab8f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 20:01:40 GMT
age: 594884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10285
x-xss-protection: 0
server: sffe
etag: "2320e5b2e82da2b8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 20:01:40 GMT

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012304262219000/v0/ 214 KB
57 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4da2872473cf32bbc42de664d1b0aece2263bff56a204f67dcfc9333518a7db8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 20:02:16 GMT
age: 594848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57955
x-xss-protection: 0
server: sffe
etag: "77f449b73afe6f4d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 20:02:16 GMT

GET
H2 200 pb.42753.1674819540207.js Show response
cdn.adpushup.com/prebid/ 349 KB
94 KB 159ms
47ms Script
application/javascript 2a02:26f0:480:f::213:7ede
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ede Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 28d37801802871b7c6943726da07f06110bc3b1400e050b8b86c82deefc635a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-country: DE
date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: br
last-modified: Fri, 27 Jan 2023 11:39:13 GMT
server: nginx/1.18.0
etag: W/"63d3b7e1-5744c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=7, ak_p; desc="467849_34831774_241834603_691_1203_37_0";dur=1
content-length: 95255
expires: Wed, 15 May 2024 17:16:24 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
561 B 117ms
37ms Script
application/javascript 2a02:26f0:480:f::213:7ede
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ede Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-country: DE
date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467849_34831774_241834605_13_831_37_0";dur=1
content-length: 211
expires: Wed, 15 May 2024 17:16:24 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 122ms
43ms Script
application/javascript 2a02:26f0:480:f::213:7ede
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ede Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-country: DE
date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="467849_34831774_241834604_567_1322_37_0";dur=1
content-length: 18371
expires: Tue, 16 May 2023 18:16:24 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 160ms
85ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f686df786dc730b606bf95a5706d2fef1229a8a004d421c827c21e00b22df876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25447
x-xss-protection: 0
server: cafe
etag: 985 / 19493 / m202305100101 / config-hash: 5187434767507266711
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:16:24 GMT

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
365 B 98ms
29ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
server: nginx/1.18.0 (Ubuntu)
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 27 KB
11 KB 111ms
53ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97c8109515389da9a88d7e2fa2fc9471dd7e18352174bfeb88bf5135ca9b1ddc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-py5Z4GH7yztU39cOcLisFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-py5Z4GH7yztU39cOcLisFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012304262219000/v0/ 110 KB
31 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d126806fb8446a0c0a359295c6706b4e82c2de595c5dab9505b82b2e76f2e33e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 15 May 2023 19:10:27 GMT
age: 79557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32107
x-xss-protection: 0
server: sffe
etag: "a4272cdf93e6e0f7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 May 2024 19:10:27 GMT

GET
H2 200 integrator.json Show response
adservice.google.com/adsid/ 86 B
479 B 80ms
29ms Fetch
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83
x-xss-protection: 0

GET
H2 200 nameframe.html
d-9171021731224332733.ampproject.net/2304262219000/ 0
0 114ms
30ms Other
text/html 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-9171021731224332733.ampproject.net/2304262219000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
866 B 37ms
36ms Image
image/jpeg 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1684257384153
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-country: DE
date: Tue, 16 May 2023 17:16:24 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Tue, 16 May 2023 18:16:24 GMT

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012304262219000/v0/analytics-vendors/ 2 KB
812 B 24ms
23ms Fetch
application/json 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 20:01:34 GMT
age: 594890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 782
x-xss-protection: 0
server: sffe
etag: "c331f834e77c69a1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 20:01:34 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 5 KB
2 KB 99ms
33ms Fetch
application/json 2606:4700:e4::ac40:a01f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:a01f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a05b4715b24ccaa8ce73e4e65b7294852eb28ce89f148341edf670882f52c20f

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only, master-only
age: 81920
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: same-origin, same-origin
last-modified: Mon, 15 May 2023 18:31:04 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8CwqUs3gwKiilngcQat0CzCpuQipGVGXa7EF4lmNxy6x79ZlsEVw3qSB2jWj51It%2BHVOGkCwqqd3i1j8D8HvWRIP5EjhEdd5y4Pb6bUtUV0wkz1G29mr6EjDFO4G9F3MTlTNZDQIbXalNxj3rlXhiegtlGhuVzDYw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230423b
cf-ray: 7c8544abaafe920b-FRA

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012304262219000/v0/analytics-vendors/ 2 KB
931 B 24ms
24ms Fetch
application/json 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 20:01:37 GMT
age: 594887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 901
x-xss-protection: 0
server: sffe
etag: "753be08e58acf9ea"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 20:01:37 GMT

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 613 B
716 B 90ms
33ms Fetch
application/json 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29cc5de7fd369d7e63e38cae1c883c52af46b8e6fb1b886d9bd861e5561f2533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 98ms
23ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 23 May 2023 17:16:24 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
631 B 32ms
31ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1514
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnUhVM8IihYEY7Tl1sVnSsa7ZrAEy%2F4od1l9XimZTlixyD0wbsmwNQvyyGH6IDBALIubnWHbiySWNdYzU%2BWP0MxKjwV2DzMPxpP%2BwyAXXfD7mgu4T3a70OXYpYqMVCwEp1LjdADP46KSgNW3Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7c8544abcb181c28-FRA

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 476ms
117ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Hagerstown, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 06e7b92d925ff43065e6cffde5cafff52a52d8c6d68b0e726c20c40e41931489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 464ms
115ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Hagerstown, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 06e7b92d925ff43065e6cffde5cafff52a52d8c6d68b0e726c20c40e41931489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 513 B
1 KB 403ms
184ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.2860080945985184&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Hagerstown, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 2b7f11f6fe02925277f4a8140b880da74d24172ff6f1336c94f0701936eaa5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
x-width: 336
x-height: 280
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-adtype: html
connection: close
content-length: 513

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 513 B
1 KB 393ms
173ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.7217620486352532&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Hagerstown, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 2b7f11f6fe02925277f4a8140b880da74d24172ff6f1336c94f0701936eaa5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
x-width: 336
x-height: 280
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-adtype: html
connection: close
content-length: 513

GET
H2 200 floating-unit.20230516-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 24ms
24ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230516-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af7ccc2cd0931ff87d0881066a14a8750790e243cc03050221a221da604b7afd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: L_lQRsiLqJ1w7bij3MJ7Zx4VYF2ot5Se
content-encoding: gzip
via: 1.1 varnish
date: Tue, 16 May 2023 17:16:24 GMT
x-amz-request-id: 6AW4MGWQGRJGTTMX
age: 17988
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2474
x-amz-id-2: tAPagOQrUBEEbOwWlrr5KRCKfblwJ1AtzL9h6iVyBTPcJVc7fbaaSUYw5ikrxmFNQPd7puXJ8T8=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 16 May 2023 12:16:35 GMT
server: AmazonS3
x-timer: S1684257384.362425,VS0,VE0
etag: "0fd48aa748b37187dae73c7f5e015c5e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 4038

GET
H2 200 taboola-vignette-new-scanning.20230516-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 23ms
22ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230516-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc0ac3b0bd466f61b04070831ea0a00921dbb2a87c94d96219a51843a57f5b00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: D_3dN_mOrxWv0.w5WRqP.ZxnB0YWIWTu
content-encoding: gzip
via: 1.1 varnish
date: Tue, 16 May 2023 17:16:24 GMT
x-amz-request-id: V8TEGGE93D1M2HSE
age: 17969
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7787
x-amz-id-2: fjywdwt7YWkjFth4moRQA99o0MCiCLPx+aCVitQrWC+A3NqbZNaRM2YQsfav5JRLSFNPlNlq/7A=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 16 May 2023 12:16:56 GMT
server: AmazonS3
x-timer: S1684257384.362577,VS0,VE0
etag: "9f192e8917f29c0353a51d6f46b02a38"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 2926

GET
H2 200 distance-from-article.20230516-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 23ms
22ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230516-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96c8f16ae01405cf99f011d8b5722bef4278e7dc5ce42a4c52b3365b0034b8bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: 69C6UgCYsEvH8n4ld1czy.lQF0JCsFTu
content-encoding: gzip
via: 1.1 varnish
date: Tue, 16 May 2023 17:16:24 GMT
x-amz-request-id: NSHSVD5BZQAVDXM0
age: 17999
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1135
x-amz-id-2: NxR2GHX4sT/9FA3vxCgD8kW+THjKHy6OVZmUE6eGXg6rvt26k5jO0pXcXQGf4Zj27YG6gKJtks8=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 16 May 2023 12:16:25 GMT
server: AmazonS3
x-timer: S1684257384.373341,VS0,VE0
etag: "513fafd6579371687ff750653f4b5850"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 37129

GET
H2 200 article-detection.20230516-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 26ms
26ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230516-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30d2525975c37b385fafe479cf683525e3e621b27f8eadd669383bf455d963d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: j6yHFLZvfAHJHbS.InK4FETaWQFeo26p
content-encoding: gzip
via: 1.1 varnish
date: Tue, 16 May 2023 17:16:24 GMT
x-amz-request-id: W3PMQHP4BP5Z8P18
age: 18005
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1236
x-amz-id-2: 0D+IwkALQSRxvMOkQkSue0QlkrsJuHESEVZ5J7O46Pbrxe6RbkrSFZfVPhTpm//533dwferd588=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 16 May 2023 12:16:19 GMT
server: AmazonS3
x-timer: S1684257384.374386,VS0,VE0
etag: "0f9efb0812032c0878b3b8b933aea31b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 47102

GET
H2 200 share-buttons-detection.20230516-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 1 KB
1 KB 23ms
23ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/share-buttons-detection.20230516-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5fcc2293e181cc141d168492323fb688d8ab66244ce84cb58d68e7f93909f62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: whexFyGhkuVKElMs_hoQE8aEbtaTgZpI
content-encoding: gzip
via: 1.1 varnish
date: Tue, 16 May 2023 17:16:24 GMT
x-amz-request-id: KSEF3YBAKVR0BH2V
age: 17980
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 680
x-amz-id-2: IHqtOQGF98/hNWwFpHT05iurNCuVRWtjLBW0eT+djxD4t8OhlDCFMblfXYQIv/iBh6EVUabyGYs=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 16 May 2023 12:16:44 GMT
server: AmazonS3
x-timer: S1684257384.373879,VS0,VE0
etag: "ad2d10c0273293e54deca501f5f4ab38"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 47069

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.0.1/ 111 KB
31 KB 46ms
22ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230516-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 634174
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 31023
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 09 May 2023 09:06:26 GMT
server: AmazonS3
x-timer: S1684257384.397965,VS0,VE0
etag: "f42b894e197d2128ee7d3b438e0ac56d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Vhm6dOEKajN0FRv5wq0rnJkAbon7mYzOuY27F6XguPOQ7eVWctdV0A==
x-cache-hits: 9175

GET
H2 200 feed-card-placeholder.20230516-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 25ms
24ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230516-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 397ec9dde5b801f07882d68e93df1166f4bf17daf3a05515b3ac6aa59c67dc81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: QYYZi4bkwIgk8GzrRYZAfZ5t6DtNZl4W
content-encoding: gzip
via: 1.1 varnish
date: Tue, 16 May 2023 17:16:24 GMT
x-amz-request-id: EG5CA5TYFS5V4SBP
age: 17994
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1263
x-amz-id-2: +H6VEqmhrjWExFANwQXhpnVlGSpqcaqI9rHCiZOZJiRgrT0LU0gdc9ZuvWKDi+ycw6uacObv5l8=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 16 May 2023 12:16:30 GMT
server: AmazonS3
x-timer: S1684257384.377455,VS0,VE0
etag: "cb66ab68d12b0a528083f07b862f39f5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 34789

GET
H2 200 userx.20230516-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 23ms
22ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230516-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21d9104d9dd9854f2ad9fc33688bd85aeb5d1a920bdb55b370ec2884b11a4bfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: 24oRVTTFDgE4yYkNJxU94JcHx35AzIEa
content-encoding: gzip
via: 1.1 varnish
date: Tue, 16 May 2023 17:16:24 GMT
x-amz-request-id: 50BXY396JKZ8QEV4
age: 17965
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: PmHN8FJqBny7LGvIQusbzGrPjlvAWGS21j21GyXOd4G7CepP0aSwEcfqI/cXv1aL2Xo5sp7pv1E=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 16 May 2023 12:16:59 GMT
server: AmazonS3
x-timer: S1684257384.380295,VS0,VE0
etag: "146a5b5a83213e01e29abeac7a59ac93"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 9082

GET
H2 200 explore-more.20230516-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 28 KB
8 KB 23ms
22ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230516-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f37c4164205282d110432267fba293eeb3eafb71f66966d698c0c4b50875fae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: IgWkZcaxZn4sEMBwW2EjVtlNH7imIaN6
content-encoding: gzip
via: 1.1 varnish
date: Tue, 16 May 2023 17:16:24 GMT
x-amz-request-id: P9030ER8VWR2JDCF
age: 17995
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8146
x-amz-id-2: WUe1E4uUQyUCyVwp3T0prSwMii1EV2zAJQvSvkUL9RCwkFmgwGruZ8rb8gsKOJ+uRNN3281dYF8=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 16 May 2023 12:16:29 GMT
server: AmazonS3
x-timer: S1684257384.389458,VS0,VE0
etag: "3c7c6d3bc0d79a5216d3c04faf15f936"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 17525

GET
H2 204 supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 33ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=03d93d7ca06fa73b7f2fc2c31a69780c&sd=v2_5fc1a3e7b59b7ba05a3fbbda3fadf80b_d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7_1684257383_1684257383_CNawjgYQ2YJdGIPMwKyCMSABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7&pi=/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&wi=7134948044725914182&pt=text&vi=1684257383939&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=17%3A16%3A24.350&id=9104&llvl=2&cv=20230516-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 32ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=03d93d7ca06fa73b7f2fc2c31a69780c&sd=v2_5fc1a3e7b59b7ba05a3fbbda3fadf80b_d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7_1684257383_1684257383_CNawjgYQ2YJdGIPMwKyCMSABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7&pi=/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&wi=7134948044725914182&pt=text&vi=1684257383939&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1684257384350%7D&tim=17%3A16%3A24.350&id=8637&llvl=2&cv=20230516-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 32ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=03d93d7ca06fa73b7f2fc2c31a69780c&sd=v2_5fc1a3e7b59b7ba05a3fbbda3fadf80b_d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7_1684257383_1684257383_CNawjgYQ2YJdGIPMwKyCMSABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7&pi=/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&wi=7134948044725914182&pt=text&vi=1684257383939&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1684257384358%7D&tim=17%3A16%3A24.358&id=5980&llvl=2&cv=20230516-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 31ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=03d93d7ca06fa73b7f2fc2c31a69780c&sd=v2_5fc1a3e7b59b7ba05a3fbbda3fadf80b_d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7_1684257383_1684257383_CNawjgYQ2YJdGIPMwKyCMSABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7&pi=/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&wi=7134948044725914182&pt=text&vi=1684257383939&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A16%3A24.377&id=8667&llvl=2&cv=20230516-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 30ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A16%3A24.379&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=6512&cv=20230516-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28537

GET
H2 204 debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 30ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A16%3A24.380&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=618&cv=20230516-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28537

GET
H2 204 debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 29ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A16%3A24.381&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=282&cv=20230516-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28452

GET
H2 204 debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 29ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A16%3A24.387&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-y-em-delta&llvl=2&id=4773&cv=20230516-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28452

GET
H2 204 debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 29ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A16%3A24.423&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=8050&cv=20230516-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28538

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 22ms
22ms Image
image/svg+xml 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Tue, 16 May 2023 17:16:24 GMT
x-amz-request-id: TVRHNHYBPQ9HMG0X
age: 97
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: uFbaSJk9yktyAUFgMlgPkVbCzqgaR0HXe4qprVaC8AF1ppw4MYEqjVCkDKZnUzIdcOL0Pli8bIw=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1684257384.442647,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 4
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 146

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/ 403 KB
125 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98a3ab26574717a95d200c12658c4dbbb28109a057cc52f8a100e6da2b645963

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22723
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127561
x-xss-protection: 0
server: cafe
etag: 1000764176958695900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 15 May 2024 10:57:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 114 B
102 B 109ms
63ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f45619358bd0a3adcc3194ccbdd56ed12ac78950c862d6840d21b43a231f89e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
x-xss-protection: 0
expires: Tue, 16 May 2023 17:16:24 GMT

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 22 KB
7 KB 344ms
343ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=17%3A16%3A24.466&route=AM:AM:V&lti=deflated&data=%7B%22id%22%3A797%2C%22ii%22%3A%22%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_5fc1a3e7b59b7ba05a3fbbda3fadf80b_d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7_1684257383_1684257383_CNawjgYQ2YJdGIPMwKyCMSABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABo_5unsoL-6_KlAXAA%22%2C%22ui%22%3A%22d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7%22%2C%22uifp%22%3A%22d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7%22%2C%22lbt%22%3A1684232137031%2C%22vi%22%3A1684257383939%2C%22cv%22%3A%2220230516-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html%22%2C%22vpi%22%3A%22%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3955%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A676%2C%22mw%22%3A760%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230516-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 840d0e3f52757382e023f000da91b421b579b112605773271b146a389f9e80fb

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 321
date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230047-FRA
server: nginx
x-timer: S1684257384.478781,VS0,VE321
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.bg3.co
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
243 B 30ms
30ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=deflated&bulkSize=8
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230516-10-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.bg3.co
pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 23589aa8734190689addca7b4c819d57.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_480%2Cw_640%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 48 KB
49 KB 27ms
26ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_480%2Cw_640%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23589aa8734190689addca7b4c819d57.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cc196a648a7bbe641da14c89b52ad8f4505760a33038c46f3b560abaa9e39c83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_480%2Cw_640%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23589aa8734190689addca7b4c819d57.png
age: 1571742
edge-cache-tag: 455938264173648567332879028325840923886,380557120827242204309196295110066286773,29ecf9b93bbf306179626feeda1fab70
cache-tag: 455938264173648567332879028325840923886,380557120827242204309196295110066286773,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 165
req-referer: https://www.mynet.com/
content-length: 49580
x-request-id: 79aaac76259e064f00642b74adec7405
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000171-IAD, cache-iad-kcgs7200158-IAD, cache-lga21929-LGA, cache-iad-kcgs7200162-IAD, cache-fra-eddf8230047-FRA
last-modified: Fri, 28 Apr 2023 11:30:19 GMT
server: nginx
x-timer: S1684257384.488798,VS0,VE3
etag: "21203248586a0cd85e40060481af80f4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 10, 1

GET
H2 200 23589aa8734190689addca7b4c819d57.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 48 KB
49 KB 24ms
24ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23589aa8734190689addca7b4c819d57.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b33b08a2efb33dad20161113885b6aa3c8af5f0b53cacbedce943d1bab917493

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23589aa8734190689addca7b4c819d57.png
age: 1572629
edge-cache-tag: 455938264173648567332879028325840923886,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 455938264173648567332879028325840923886,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 268
req-referer: https://www.stuttgarter-nachrichten.de/
content-length: 49486
x-request-id: 9c77de1b4336dd4add2d275498db2b3f
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000121-IAD, cache-iad-kjyo7100035-IAD, cache-chi-kigq8000095-CHI, cache-iad-kcgs7200164-IAD, cache-fra-eddf8230047-FRA
last-modified: Fri, 28 Apr 2023 11:30:19 GMT
server: nginx
x-timer: S1684257384.490412,VS0,VE2
etag: "f3fada0ac422e6dec5e35d0f34a7a07b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 4, 1

GET
H2 200 14f8218bb6b8c529f000931e18958918.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
18 KB 35ms
34ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/14f8218bb6b8c529f000931e18958918.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 17db98a74b702f6434a67bd6d0942126bab80bf188c1b19cf6201488272bf201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/14f8218bb6b8c529f000931e18958918.png
age: 463677
edge-cache-tag: 291280148494828175110807559553689845312,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 291280148494828175110807559553689845312,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 492
req-referer: https://www.hoerzu.de/
content-length: 17988
x-request-id: b63f534adfea0b8e333a2b4ca9b23fc6
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000080-IAD, cache-iad-kiad7000055-IAD, cache-lax10630-LGB, cache-iad-kcgs7200117-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 10 May 2023 17:47:24 GMT
server: nginx
x-timer: S1684257384.496316,VS0,VE3
etag: "e09ff7f1ea6fef86004f30bfbd8b1d4f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 7a3b2e19271f008ff798b3dd34c23da6.jpg
images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_500,y_684/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 20 KB
20 KB 36ms
36ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_500,y_684/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a3b2e19271f008ff798b3dd34c23da6.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d3468ff931e1dd7058b27751a2a4259e682bb47c286dd8bc2a50b0b1c5610d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_500,y_684/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a3b2e19271f008ff798b3dd34c23da6.jpg
age: 1842622
edge-cache-tag: 314533110676396410041523281552808143268,511461906300855410165680774322735563897,29ecf9b93bbf306179626feeda1fab70
cache-tag: 314533110676396410041523281552808143268,511461906300855410165680774322735563897,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 40
expiration: expiry-date="Thu, 04 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.muehlacker-tagblatt.de/
content-length: 20060
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100105-IAD, cache-iad-kjyo7100152-IAD, cache-lax10634-LGB, cache-iad-kcgs7200021-IAD, cache-fra-eddf8230047-FRA
last-modified: Mon, 03 Apr 2023 07:56:10 GMT
server: nginx
x-timer: S1684257384.496307,VS0,VE9
etag: "be2f467fe5b2a1561a20475be4941ac8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 6, 1

GET
H2 200 935ceaef813d3b4ec01293d109f9a332.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 31 KB
32 KB 33ms
32ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/935ceaef813d3b4ec01293d109f9a332.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 78a460a3376735d8cbe263cc6509a40c72248005e9df53c8ce85fb4f56262151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/935ceaef813d3b4ec01293d109f9a332.png
age: 977391
edge-cache-tag: 358050488703395774759004428204568023971,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 358050488703395774759004428204568023971,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 205
req-referer: https://www.tippsundtricks.co/
content-length: 31884
x-request-id: 733c9aac83dda617da413514b471eb90
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100053-IAD, cache-iad-kjyo7100104-IAD, cache-chi-kigq8000024-CHI, cache-iad-kjyo7100020-IAD, cache-fra-eddf8230047-FRA
last-modified: Fri, 05 May 2023 09:46:28 GMT
server: nginx
x-timer: S1684257384.496308,VS0,VE2
etag: "28ba8ea60c0288ed208ed874a411f599"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 1, 1

GET
H2 200 be5675bc70a33117997171a5c1579469.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
8 KB 27ms
27ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be5675bc70a33117997171a5c1579469.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a1cc5a2318480c808131b34a6ad3a3e59fa310d566e6ebcbff9caae3d74c76c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be5675bc70a33117997171a5c1579469.jpg
age: 3325455
edge-cache-tag: 515846733442971816162728196670575999361,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 515846733442971816162728196670575999361,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 153
expiration: expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://alwafd.news/%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1-%D9%88%D8%AA%D9%82%D8%A7%D8%B1%D9%8A%D8%B1/2313481-%D9%81%D9%8A-%D8%B0%D9%83%D8%B1%D9%89-%D8%B8%D9%87%D9%88%D8%B1%D9%87%D8%A7-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%81%D8%A7%D8%B5%D9%8A%D9%84-%D8%AA%D8%AC%D9%84%D9%8A-%D8%A7%D9%84%D8%B9%D8%B0%D8%B1%D8%A7%D8%A1-%D8%A8%D9%83%D9%86%D9%8A%D8%B3%D8%A9-%D8%A7%D9%84%D8%B2%D9%8A%D8%AA%D9%88%D9%86
content-length: 6558
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200179-IAD, cache-iad-kcgs7200072-IAD, cache-lga21957-LGA, cache-iad-kcgs7200107-IAD, cache-fra-eddf8230047-FRA
last-modified: Tue, 14 Mar 2023 09:14:15 GMT
server: nginx
x-timer: S1684257384.496480,VS0,VE0
etag: "856514b4781fb83ec69c18113b1f501d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 54, 2

GET
H2 200 a80b4ea945ab4f57e6816e2df3ba3fff.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 41ms
40ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a80b4ea945ab4f57e6816e2df3ba3fff.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: daca7696ea6cc5e556e1c47bd620c34e6221f2c398590dc7e68f150ac8a5a721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 4
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a80b4ea945ab4f57e6816e2df3ba3fff.jpeg
age: 1647201
edge-cache-tag: 363337434800570638424779723788365909826,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 363337434800570638424779723788365909826,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 126
expiration: expiry-date="Sat, 29 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.express.de/
content-length: 17074
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200074-IAD, cache-iad-kiad7000060-IAD, cache-lga21929-LGA, cache-iad-kjyo7100066-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 29 Mar 2023 10:56:39 GMT
server: nginx
x-timer: S1684257385.528826,VS0,VE4
etag: "a8dc01e038145e1276b87ef65d01b65d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 37, 1

GET
H2 200 23589aa8734190689addca7b4c819d57.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 57 KB
58 KB 32ms
31ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23589aa8734190689addca7b4c819d57.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a99fe4385a78555b94825a844e5f0baa23b8866b8f23748d083458af170a4d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23589aa8734190689addca7b4c819d57.png
age: 1572857
edge-cache-tag: 455938264173648567332879028325840923886,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 455938264173648567332879028325840923886,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 182
req-referer: https://www.t-online.de/
content-length: 58494
x-request-id: ea589193727625bc8dcad2de7b1cf328
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100025-IAD, cache-iad-kjyo7100138-IAD, cache-lax10646-LGB, cache-iad-kcgs7200096-IAD, cache-fra-eddf8230047-FRA
last-modified: Fri, 28 Apr 2023 11:30:19 GMT
server: nginx
x-timer: S1684257385.528981,VS0,VE3
etag: "be7674f05ab61c3cf3b2b0194c6dd4ab"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 35, 1

GET
H2 200 935ceaef813d3b4ec01293d109f9a332.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 34 KB
35 KB 28ms
27ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/935ceaef813d3b4ec01293d109f9a332.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 582c7d0717b16e7a0669db150d00d6ab070be4d55cfbb481cc208534f1952408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/935ceaef813d3b4ec01293d109f9a332.png
age: 977392
edge-cache-tag: 358050488703395774759004428204568023971,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 358050488703395774759004428204568023971,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 361
expiration: expiry-date="Sat, 06 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.t-online.de/
content-length: 34732
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200086-IAD, cache-iad-kiad7000121-IAD, cache-lga21950-LGA, cache-iad-kiad7000083-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 05 Apr 2023 14:55:19 GMT
server: nginx
x-timer: S1684257385.529742,VS0,VE0
etag: "50f4608d6c8b5b80ef20c3cb6be3b9f7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 9

GET
H2 200 14f8218bb6b8c529f000931e18958918.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 33ms
31ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/14f8218bb6b8c529f000931e18958918.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 03d3a294c50a1f2fdf7ed0612bca409ac3b2dad39b00a3031e7df44208f404e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/14f8218bb6b8c529f000931e18958918.png
age: 268036
edge-cache-tag: 291280148494828175110807559553689845312,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 291280148494828175110807559553689845312,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 515
req-referer: https://www.ksta.de/
content-length: 15618
x-request-id: 9d6d30886cf1e72a60161036bead086a
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000128-IAD, cache-iad-kiad7000021-IAD, cache-chi-kigq8000056-CHI, cache-iad-kiad7000074-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 10 May 2023 17:47:24 GMT
server: nginx
x-timer: S1684257385.536788,VS0,VE1
etag: "657b247dbb1c88370b4e0639110d01cf"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 7a3b2e19271f008ff798b3dd34c23da6.jpg
images.taboola.com/taboola/image/fetch/h_272,w_380,c_fill,g_xy_center,x_500,y_684/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 32ms
32ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_272,w_380,c_fill,g_xy_center,x_500,y_684/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a3b2e19271f008ff798b3dd34c23da6.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4475d7a13448e963dc689e623cfd2b77073b204540d8e526fdfaa850d3eca546

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_272,w_380,c_fill,g_xy_center,x_500,y_684/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a3b2e19271f008ff798b3dd34c23da6.jpg
age: 2856654
edge-cache-tag: 314533110676396410041523281552808143268,518549695222699979293096222846087282119,29ecf9b93bbf306179626feeda1fab70
cache-tag: 314533110676396410041523281552808143268,518549695222699979293096222846087282119,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 84
expiration: expiry-date="Thu, 04 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tippsundtricks.co/
content-length: 17220
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200064-IAD, cache-iad-kjyo7100126-IAD, cache-chi-kigq8000153-CHI, cache-iad-kjyo7100170-IAD, cache-fra-eddf8230047-FRA
last-modified: Mon, 03 Apr 2023 09:24:44 GMT
server: nginx
x-timer: S1684257385.537137,VS0,VE1
etag: "831ae1151bda88dc13a42c491a70ef44"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 7, 1

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
158 B 82ms
30ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%B6%85%E9%AB%98%E5%AF%86%E5%BA%A6%E4%B8%89%E7%B6%AD%E5%8B%95%E6%85%8B%E5%85%A8%E6%81%AF%E6%8A%95%E5%BD%B1%E5%AF%A6%E7%8F%BE%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.8431437745786639&gjid=0.4223437847538367&_r=1&a=2443&z=0.8688166614963742&gtm=45De000

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
242 B 67ms
29ms Ping
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=2443&cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&dr=&dt=%E8%B6%85%E9%AB%98%E5%AF%86%E5%BA%A6%E4%B8%89%E7%B6%AD%E5%8B%95%E6%85%8B%E5%85%A8%E6%81%AF%E6%8A%95%E5%BD%B1%E5%AF%A6%E7%8F%BE%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1684257384&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 96ms
32ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&aip=1&sid=1684257384&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
634 B 155ms
45ms Script
application/javascript 2600:9000:21ca:3400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ca:3400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 16:56:55 GMT
via: 1.1 a9b2260e7964d946bfaccecd2e947938.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB2-C1
age: 1169
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: c6Yn3coQc_6bNPfiViP2SIxGgbCrhjWvV1i8pfyjUyMhXIUHhrvKEQ==

GET
H2 200 next-up-widget.20230516-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 24ms
23ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230516-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8bb95ed112bd76a68ccc68b28c086e336abef975ba54edc387fe6342932a4eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: 7vswiWB_WxRb3D4bHmTOi0EcqWMWjVsh
content-encoding: gzip
via: 1.1 varnish
date: Tue, 16 May 2023 17:16:24 GMT
x-amz-request-id: AZVSPNJRC4YNVDEW
age: 17986
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4624
x-amz-id-2: cruKfLsxrZ1uB3ptR3MKTjUyZgld/pl6z/pBogLHocW1H6iUkbINHYNTYGrBZUtt7Vtt9oqsYAk=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 16 May 2023 12:16:39 GMT
server: AmazonS3
x-timer: S1684257385.579536,VS0,VE0
etag: "14df49d33002f953164a521e919125f7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 3902

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 31ms
31ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=03d93d7ca06fa73b7f2fc2c31a69780c&sd=v2_5fc1a3e7b59b7ba05a3fbbda3fadf80b_d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7_1684257383_1684257383_CNawjgYQ2YJdGIPMwKyCMSABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7&pi=/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&wi=7134948044725914182&pt=text&vi=1684257383939&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A897%7D%22%2C%22eventTime%22%3A1684257384565%7D&tim=17%3A16%3A24.565&id=3785&llvl=2&cv=20230516-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 29ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A16%3A24.696&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=4435&cv=20230516-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 34139

GET
H2 200 spa-detector.20230516-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 30ms
29ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230516-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14fda435949e45f4ed095c05c3282246646da906adcf1e19f576961add688e34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: PQOldNYN24NoEv9ADkXyG4kY3QR_BOTo
content-encoding: gzip
via: 1.1 varnish
date: Tue, 16 May 2023 17:16:24 GMT
x-amz-request-id: 5ZBVW9GNYG26V834
age: 17978
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 810
x-amz-id-2: iHwgOCD/6LTOGdOhzqiXqpWaktu6JD53eGTSWTDGDTMSAS3XyC9MOHBlNlsYDCO6fY4igq7XuAk=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 16 May 2023 12:16:47 GMT
server: AmazonS3
x-timer: S1684257385.726838,VS0,VE0
etag: "6a315ea5172dff85fb4b906c2604eb13"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 18002

GET
H2 204 supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 43ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=03d93d7ca06fa73b7f2fc2c31a69780c&sd=v2_5fc1a3e7b59b7ba05a3fbbda3fadf80b_d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7_1684257383_1684257383_CNawjgYQ2YJdGIPMwKyCMSABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7&pi=/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&wi=7134948044725914182&pt=text&vi=1684257383939&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A16%3A24.698&id=6072&llvl=2&cv=20230516-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 44ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=03d93d7ca06fa73b7f2fc2c31a69780c&sd=v2_5fc1a3e7b59b7ba05a3fbbda3fadf80b_d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7_1684257383_1684257383_CNawjgYQ2YJdGIPMwKyCMSABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7&pi=/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&wi=7134948044725914182&pt=text&vi=1684257383939&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1684257384703%7D&tim=17%3A16%3A24.703&id=1872&llvl=2&cv=20230516-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 44ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=03d93d7ca06fa73b7f2fc2c31a69780c&sd=v2_5fc1a3e7b59b7ba05a3fbbda3fadf80b_d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7_1684257383_1684257383_CNawjgYQ2YJdGIPMwKyCMSABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7&pi=/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&wi=7134948044725914182&pt=text&vi=1684257383939&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%2C%20%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A16%3A24.705&id=3893&llvl=2&cv=20230516-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 44ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=03d93d7ca06fa73b7f2fc2c31a69780c&sd=v2_5fc1a3e7b59b7ba05a3fbbda3fadf80b_d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7_1684257383_1684257383_CNawjgYQ2YJdGIPMwKyCMSABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7&pi=/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&wi=7134948044725914182&pt=text&vi=1684257383939&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1684257384707%7D&tim=17%3A16%3A24.707&id=7621&llvl=2&cv=20230516-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3206 603 B
534 B 205ms
147ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2888225665894605628&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2772&oid=2&is_amp=5&amp_v=2304262219000&d_imp=1&c=985002443&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&ga_hid=2443&dt=1684257384322&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&bdt=651&dtd=18&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 17:16:24 GMT
expires: Tue, 16 May 2023 17:16:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
243 B 33ms
30ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230516-10-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.bg3.co
pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame AB85 92 KB
32 KB 164ms
114ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f41269640af5d6fbb9bf9f85552769b6debfe339e57fd36548dc0fe1a6fefec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32333
x-xss-protection: 0
server: cafe
etag: 17596835250949367974
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:16:24 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 0DBE 92 KB
32 KB 201ms
163ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef16f1586965fa2149e5dfc64cf91e9dfbab2c3b3229748f6aa631fa14bd374a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32336
x-xss-protection: 0
server: cafe
etag: 18261564264298388211
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:16:24 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 8A6E 714 B
806 B 33ms
32ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 9859
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7c8544aeee25bbbb-FRA
content-encoding: br
content-type: text/html
date: Tue, 16 May 2023 17:16:24 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpA1LiMPKfs%2FVSBxylebG39dUbcydma4ejE4qo8T0Xko68cDLzdc%2FPESMzAw9712vmNgjJ7%2B7STio6fFGUa9mhTkLs8274Kl7f5OiHpJNer2MJiapqhD0UeVDP1lbLoMR9Y4FLdkcyvI9o0HFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 338ms
113ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Hagerstown, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame EF36 714 B
775 B 37ms
36ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 9859
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7c8544aeee29bbbb-FRA
content-encoding: br
content-type: text/html
date: Tue, 16 May 2023 17:16:24 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJjZ2SyNTZP5Ud%2F%2FC%2F5Ike8h53NbhW1auTgpeTGE2dESgl44k9txgTmtrkyHYmqX34pcNmrXZu1d1s0elaZUOJze%2BVkI7wgBc95%2BsPSo25XlTLlZm9Z4hQa3Smjeqkq3LSOlDp6fC38yytg0qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 pixel;r=920552405;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8...
pixel.quantserve.com/ 35 B
372 B 36ms
24ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=920552405;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1558323708-1684257384537;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1684257384800;tzo=0;ogl=;ses=823300b0-8e71-44c4-93c5-981d898ee8ae;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
243 B 31ms
30ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230516-10-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.bg3.co
pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 23589aa8734190689addca7b4c819d57.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
7 KB 25ms
24ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23589aa8734190689addca7b4c819d57.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 06182a6d98bd52d3b3c1f5f7ebaebe7fa08cbc8f9011ccc8a5570a1371a0f8d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23589aa8734190689addca7b4c819d57.png
age: 1571542
edge-cache-tag: 455938264173648567332879028325840923886,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 455938264173648567332879028325840923886,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 362
req-referer: https://verliebtinkoeln.com/
content-length: 6822
x-request-id: db52dff3a5d1ec8b90d1df87a83cf3c8
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100105-IAD, cache-iad-kcgs7200148-IAD, cache-lga21977-LGA, cache-iad-kcgs7200090-IAD, cache-fra-eddf8230047-FRA
last-modified: Fri, 28 Apr 2023 11:30:19 GMT
server: nginx
x-timer: S1684257385.824113,VS0,VE2
etag: "080e331bef736ed135cd9c507c7a2027"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 935ceaef813d3b4ec01293d109f9a332.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 24ms
23ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/935ceaef813d3b4ec01293d109f9a332.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 58e921ecca2bdb00f0ff63d3a3a0caf66ac3c9231bb6cf2df610cc3b90ea7968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/935ceaef813d3b4ec01293d109f9a332.png
age: 971168
edge-cache-tag: 358050488703395774759004428204568023971,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 358050488703395774759004428204568023971,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 105
expiration: expiry-date="Sun, 07 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://rezepte24.eu/
content-length: 9046
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200067-IAD, cache-iad-kcgs7200070-IAD, cache-chi-klot8100027-CHI, cache-iad-kiad7000098-IAD, cache-fra-eddf8230047-FRA
last-modified: Thu, 06 Apr 2023 08:57:24 GMT
server: nginx
x-timer: S1684257385.824091,VS0,VE2
etag: "d5899e44dcdd854d1878fc156b34d486"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 29, 1

GET
H2 200 14f8218bb6b8c529f000931e18958918.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
7 KB 26ms
25ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/14f8218bb6b8c529f000931e18958918.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ae0e68fbddf7ead208c533b8e9f5a9c8a17c598a28f822f49621bb3d794f53b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/14f8218bb6b8c529f000931e18958918.png
age: 372406
edge-cache-tag: 291280148494828175110807559553689845312,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 291280148494828175110807559553689845312,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1964
req-referer: https://www.news.de/
content-length: 6680
x-request-id: cd6e291a07e54a5f4dce64da3fe7d938
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100073-IAD, cache-iad-kiad7000104-IAD, cache-lax10645-LGB, cache-iad-kiad7000107-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 10 May 2023 17:47:24 GMT
server: nginx
x-timer: S1684257385.824406,VS0,VE3
etag: "2eb027a3ff9cb2b4e2fabe65efd88fa8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8A6E 75 KB
25 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39c2f3729fb311603225cc131f877d94bb9cb41cd20c6eced49dfa302fa276f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25447
x-xss-protection: 0
server: cafe
etag: 748 / 19493 / m202305100101 / config-hash: 5187434767507266711
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:16:24 GMT

GET
H2 204 debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 29ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A16%3A24.866&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-c-delta&llvl=2&id=2262&cv=20230516-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 32003

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EF36 75 KB
25 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eefb7af22940a6215c12ef68187194d8d1c3b83d8e4390ebe751a7e903d105c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25446
x-xss-protection: 0
server: cafe
etag: 66 / 19493 / m202305100101 / config-hash: 5187434767507266711
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:16:25 GMT

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
243 B 31ms
30ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=deflated&bulkSize=7
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230516-10-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.bg3.co
pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 30ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=a1640a531c2950a628dcf1ea3ba22eb6&sd=v2_5fc1a3e7b59b7ba05a3fbbda3fadf80b_d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7_1684257383_1684257384_CNawjgYQ2YJdGIPMwKyCMSABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7&pi=/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&wi=7134948044725914182&pt=text&vi=1684257383939&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1684257384972%7D&tim=17%3A16%3A24.972&id=5892&llvl=2&cv=20230516-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 16 May 2023 17:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 6fc65851214248cee59c706e4f7f6fb1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
25 KB 25ms
24ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6fc65851214248cee59c706e4f7f6fb1.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 05258c39978dd8586d0042f4554249d8e09ad5471f208bfea30d9576e5c9d4dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6fc65851214248cee59c706e4f7f6fb1.jpg
age: 805462
edge-cache-tag: 574187193005030671828544270027090492539,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 574187193005030671828544270027090492539,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 163
req-referer: https://www.tichyseinblick.de/
content-length: 24606
x-request-id: 882673bc7b5c1ebfefcc76ed8229003c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200088-IAD, cache-iad-kjyo7100031-IAD, cache-chi-kigq8000095-CHI, cache-iad-kcgs7200162-IAD, cache-fra-eddf8230047-FRA
last-modified: Sun, 07 May 2023 09:30:26 GMT
server: nginx
x-timer: S1684257385.989757,VS0,VE1
etag: "d2d16ab3c9069e1d160892d3fc09929e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 1

GET
H2 200 c476372373f96496b4b64bfdd8bd8b39.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
23 KB 37ms
36ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c476372373f96496b4b64bfdd8bd8b39.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e803f6424f465e820213565c9d77d60a6def5a25fbf53bdd208b36deb29a5208

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c476372373f96496b4b64bfdd8bd8b39.png
age: 4162687
edge-cache-tag: 509693818671300098285660883237707322132,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 509693818671300098285660883237707322132,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 86
expiration: expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tips-and-tricks.co/
content-length: 22438
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200121-IAD, cache-iad-kjyo7100092-IAD, cache-lga21938-LGA, cache-iad-kcgs7200104-IAD, cache-fra-eddf8230047-FRA
last-modified: Tue, 14 Mar 2023 12:18:49 GMT
server: nginx
x-timer: S1684257385.990236,VS0,VE9
etag: "0cc134f235830df792f738723f2dac19"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 2, 1

GET
H2 200 b9263ac2202d8a79a3d5cf9de5d6c740.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
20 KB 25ms
25ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b9263ac2202d8a79a3d5cf9de5d6c740.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 200d33d2598533273ad38df926d391a2833d7549e56be88ee6d0d33645d49d2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b9263ac2202d8a79a3d5cf9de5d6c740.png
age: 1804959
edge-cache-tag: 292095609080246274966100232542281434230,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 292095609080246274966100232542281434230,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 234
expiration: expiry-date="Fri, 12 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tippsundtricks.co/
content-length: 19360
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200055-IAD, cache-iad-kjyo7100161-IAD, cache-lga21983-LGA, cache-iad-kiad7000144-IAD, cache-fra-eddf8230047-FRA
last-modified: Tue, 11 Apr 2023 13:17:13 GMT
server: nginx
x-timer: S1684257385.990186,VS0,VE2
etag: "aa91a6a909c92ae762a52d80af895abf"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 179, 1

GET
H2 200 df20a18419f62dae14f70b6640cb423e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 36ms
36ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df20a18419f62dae14f70b6640cb423e.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a1028ca52dc5aac3fe3a4f15aa403998ac3a8f23769fbce764de7cdcd7104374

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df20a18419f62dae14f70b6640cb423e.jpg
age: 2711967
edge-cache-tag: 379589349664562024446084229840292935464,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 379589349664562024446084229840292935464,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 149
req-referer: https://www.mz.de/
content-length: 14314
x-request-id: ff903222b9c3d07216646f85398f9573
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000118-IAD, cache-iad-kcgs7200031-IAD, cache-chi-klot8100137-CHI, cache-iad-kcgs7200125-IAD, cache-fra-eddf8230047-FRA
last-modified: Mon, 10 Apr 2023 12:14:48 GMT
server: nginx
x-timer: S1684257385.990170,VS0,VE9
etag: "6fb66cc56dbc810ce98074c6a7e185e9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 23, 1

GET
H2 200 3fd0b5b57c38d06ca8a830cde8f7efbe.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 28ms
27ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3fd0b5b57c38d06ca8a830cde8f7efbe.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3fbe81bffbb5621aa6bc2b97f3351f5f6f842ca1f0aadbfc22947a317ed8be69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 4
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3fd0b5b57c38d06ca8a830cde8f7efbe.jpg
age: 2439137
edge-cache-tag: 519408828716197423436860183341893143019,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 519408828716197423436860183341893143019,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 188
req-referer: https://www.tichyseinblick.de/
content-length: 16658
x-request-id: d61b01c7b04c455a36133b5dedfcbac2
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200069-IAD, cache-iad-kcgs7200072-IAD, cache-chi-klot8100054-CHI, cache-iad-kiad7000068-IAD, cache-fra-eddf8230047-FRA
last-modified: Tue, 18 Apr 2023 11:00:11 GMT
server: nginx
x-timer: S1684257385.990402,VS0,VE4
etag: "4663eeada4b3dcd9b56e23c85fb43704"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 1, 1

GET
H2 200 366af68bbceee0add6b0192114dd5e6c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 26ms
26ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/366af68bbceee0add6b0192114dd5e6c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a2c9ba950f3184435be714dea929bb7542d1858e7028ab6c7a7612868cdcbdb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Tue, 16 May 2023 17:16:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/366af68bbceee0add6b0192114dd5e6c.png
age: 109267
edge-cache-tag: 490709002591389464426746765126743380880,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 490709002591389464426746765126743380880,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 109
req-referer: https://www.tippsundtricks.co/
content-length: 11680
x-request-id: bb185da9d7f6be7ee165913daf8028dc
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100052-IAD, cache-iad-kiad7000046-IAD, cache-lga21958-LGA, cache-iad-kcgs7200158-IAD, cache-fra-eddf8230047-FRA
last-modified: Mon, 15 May 2023 10:55:18 GMT
server: nginx
x-timer: S1684257385.991448,VS0,VE3
etag: "3e4d867f262d2e6a282921cfad866cb9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 1

GET
H2 200 0c39a4b0b8af99230b5772a87ad79168.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 25ms
25ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0c39a4b0b8af99230b5772a87ad79168.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 338c8e2cdd2856d2d58756a176af8d0adbf640ba74be1e92d041aa678d776365

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 16 May 2023 17:16:25 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0c39a4b0b8af99230b5772a87ad79168.jpg
age: 3638210
edge-cache-tag: 384046819964366238620002347513433637666,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
cache-tag: 384046819964366238620002347513433637666,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 119
expiration: expiry-date="Sun, 09 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.conselhosetruques.com/varios/as-27-fotos-de-praia-mais-engracadas-algumas-foram-longe-demais/16/
content-length: 5356
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100109-IAD, cache-iad-kjyo7100115-IAD, cache-chi-klot8100048-CHI, cache-iad-kiad7000129-IAD, cache-fra-eddf8230047-FRA
last-modified: Thu, 09 Mar 2023 01:13:57 GMT
server: nginx
x-timer: S1684257385.016165,VS0,VE1
etag: "7a941b2dd3073544475d8061159a1934"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 1

GET
H2 200 bc27832314af9e4df8c45098ba9e9025.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 28 KB
29 KB 28ms
28ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bc27832314af9e4df8c45098ba9e9025.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: de78a4298cb3113ec91c5b2c7033fc5835aead27c4d45ac2c9229e7f752cec78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 16 May 2023 17:16:25 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bc27832314af9e4df8c45098ba9e9025.png
age: 961252
edge-cache-tag: 344856940960187005824791040121322856500,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 344856940960187005824791040121322856500,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 252
req-referer: https://www.ksta.de/
content-length: 28466
x-request-id: d18945822aa3f4f940cc54a118c5ad6d
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000082-IAD, cache-iad-kiad7000024-IAD, cache-lax10644-LGB, cache-iad-kjyo7100118-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 03 May 2023 15:24:54 GMT
server: nginx
x-timer: S1684257385.020018,VS0,VE2
etag: "793ba6b5edbea90804525d5dfeff58d7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2, 4, 1

GET
H2 200 ccf2a1503fe7a3eaaaf5bbd08e7a4273.png
images.taboola.com/taboola/image/fetch/h_512,w_920,c_fill,g_xy_center,x_302,y_189/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 30ms
29ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_512,w_920,c_fill,g_xy_center,x_302,y_189/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ccf2a1503fe7a3eaaaf5bbd08e7a4273.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: afa978bd18dd51eb7e1260a0f84c62e90b8514b862849b43684ded51f685722a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 16 May 2023 17:16:25 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_512,w_920,c_fill,g_xy_center,x_302,y_189/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ccf2a1503fe7a3eaaaf5bbd08e7a4273.png
age: 1153787
edge-cache-tag: 301923793154458707178964587051644648718,327841602374557735909118045271372357351,29ecf9b93bbf306179626feeda1fab70
cache-tag: 301923793154458707178964587051644648718,327841602374557735909118045271372357351,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 152
req-referer: https://www.promiflash.de/
content-length: 15574
x-request-id: a42eda336e74f70582ed59538c58e1a6
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100053-IAD, cache-iad-kiad7000123-IAD, cache-lax10648-LGB, cache-iad-kiad7000154-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 03 May 2023 07:51:16 GMT
server: nginx
x-timer: S1684257385.020399,VS0,VE2
etag: "40f973ab8855865a07cd6861ff0b4884"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 1

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 9B88 439 B
391 B 53ms
32ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&cmcv=&pix=undefined&cb=1684257384997&uv=3280&tms=1684257384997&abt=nonrv_vA!rv0lcr_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=df01f046-4ec0-4768-95dd-9885b803723b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b3ffa0e09037b86407301e253869c5bb5c5b219b9d1817dbba6277c6d6c35a67

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Tue, 16 May 2023 17:16:25 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230047-FRA
x-timer: S1684257385.032168,VS0,VE9

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 8324 422 B
507 B 70ms
31ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: ddb209c3edc4250d9eafb81298cb15973d5cad02a1813d1d2d1d0231d3f7a911

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Tue, 16 May 2023 17:16:25 GMT
machineid: 3406
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
811 B 206ms
200ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1684257385002&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1518&pt=-915156341&tz=0&viewable=true&ddast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!rv0lcr_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 241c9596cfc0849237f9e45d2d92ae3488ec2a0783a12a698285815a250b4d90

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1427
x-cache: MISS
x-served-by: cache-fra-eddf8230047-FRA
pragma: no-cache
server: nginx
x-timer: S1684257385.021074,VS0,VE178
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 41ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&cmcv=&pix=31589837&cb=1684257384997&uv=3280&tms=1684257384997&abt=nonrv_vA!rv0lcr_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1684257382063.5!ts:1684257384997&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-length: 0
server: nginx

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/ Frame AB85 356 KB
120 KB 101ms
99ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

424717e5c41c3a66ecd5f448167cf7398b26f4e933673f5aa769ef36a071d332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122580
x-xss-protection: 0
server: cafe
etag: 15550792564004274170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:16:25 GMT

GET
H2 206 tk1bkvwtk2gfsokuuzba.mp4
cdn.taboola.com/libtrc/static/video/v1633601580/ 51 KB
52 KB 30ms
30ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1633601580/tk1bkvwtk2gfsokuuzba.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23610ad540989f99bfbcc4f84e1fa509ccefc8de5fcc6c13f8ba1430968015ea

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: z5NgZG76FbRc7FhL39liAzOBznWjDwJY
date: Tue, 16 May 2023 17:16:25 GMT
via: 1.1 varnish
x-amz-request-id: NZQDVG6HXM2WKVW3
age: 29
x-cache: HIT
Content-Range: bytes 0-52690/52691
x-amz-replication-status: COMPLETED
Content-Length: 52691
x-amz-id-2: Vu7EokFwJpkRfxcBGkwf0XQI8upDj/Lm9dECTUrFq3ep62bXv/vqlQ+6CH07omC1BYuRT8/P6Xs=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Thu, 07 Oct 2021 10:13:04 GMT
server: AmazonS3
x-timer: S1684257385.043246,VS0,VE1
etag: "29364ad715564b4d70e4417c48a167db"
content-type: video/mp4;codecs=avc1
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 206 tk1bkvwtk2gfsokuuzba.mp4
cdn.taboola.com/libtrc/static/video/v1633601580/ 51 KB
52 KB 24ms
24ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1633601580/tk1bkvwtk2gfsokuuzba.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23610ad540989f99bfbcc4f84e1fa509ccefc8de5fcc6c13f8ba1430968015ea

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: z5NgZG76FbRc7FhL39liAzOBznWjDwJY
date: Tue, 16 May 2023 17:16:25 GMT
via: 1.1 varnish
x-amz-request-id: NZQDVG6HXM2WKVW3
age: 29
x-cache: HIT
Content-Range: bytes 0-52690/52691
x-amz-replication-status: COMPLETED
Content-Length: 52691
x-amz-id-2: Vu7EokFwJpkRfxcBGkwf0XQI8upDj/Lm9dECTUrFq3ep62bXv/vqlQ+6CH07omC1BYuRT8/P6Xs=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Thu, 07 Oct 2021 10:13:04 GMT
server: AmazonS3
x-timer: S1684257385.042979,VS0,VE1
etag: "29364ad715564b4d70e4417c48a167db"
content-type: video/mp4;codecs=avc1
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/ Frame 8A6E 403 KB
125 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98a3ab26574717a95d200c12658c4dbbb28109a057cc52f8a100e6da2b645963

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22724
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127561
x-xss-protection: 0
server: cafe
etag: 1000764176958695900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 15 May 2024 10:57:41 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/ Frame 0DBE 356 KB
120 KB 147ms
147ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

affc8cc6d8afbb82678c524ba1f436623449af90156b7d841358ac45237f07d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122580
x-xss-protection: 0
server: cafe
etag: 16624752485789458336
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:16:25 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9B88 70 B
265 B 162ms
48ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&cmcv=&pix=undefined&cb=1684257384997&uv=3280&tms=1684257384997&abt=nonrv_vA!rv0lcr_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=df01f046-4ec0-4768-95dd-9885b803723b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 16 May 2023 17:16:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 9B88 43 B
426 B 164ms
48ms Image
image/gif 2a05:d018:d29:3605:a767:7d1a:aeec:38d9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&cmcv=&pix=undefined&cb=1684257384997&uv=3280&tms=1684257384997&abt=nonrv_vA!rv0lcr_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=df01f046-4ec0-4768-95dd-9885b803723b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:a767:7d1a:aeec:38d9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 9B88 0
125 B 87ms
26ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8324 70 B
264 B 150ms
49ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 16 May 2023 17:16:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 8324 43 B
425 B 152ms
49ms Image
image/gif 2a05:d018:d29:3605:a767:7d1a:aeec:38d9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:a767:7d1a:aeec:38d9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 8324 43 B
146 B 142ms
24ms Image
image/gif 3.68.255.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.255.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-255-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/ Frame EF36 403 KB
125 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98a3ab26574717a95d200c12658c4dbbb28109a057cc52f8a100e6da2b645963

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22724
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127561
x-xss-protection: 0
server: cafe
etag: 1000764176958695900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 15 May 2024 10:57:41 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8A6E 107 B
531 B 122ms
32ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8A6E 107 B
196 B 32ms
31ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8A6E 492 B
264 B 104ms
103ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=832394140906904&correlator=4418393910637255&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1684257385151&lmt=1644386353&dlt=1684257384815&idt=305&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=iev7es3kf4wk&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=631325371.1684257385&ga_sid=1684257385&ga_hid=1846294744&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7f67bc2a8e2af64616fd642f35c30d0ada7be38a12eb127d6b04b05f1c488d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8A6E 15 KB
11 KB 79ms
78ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305100101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b52329bb07a8df5a3a6f0f51a6530ecd2161169ccdf55ee3246a8ada3fe7cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11244
x-xss-protection: 0

GET
H2 200 container.html Show response
4334f59a068941c2f77119db5b7ccaa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 92B2 6 KB
3 KB 149ms
63ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4334f59a068941c2f77119db5b7ccaa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 17:16:25 GMT
expires: Wed, 15 May 2024 17:16:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame EF36 107 B
165 B 97ms
41ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame EF36 107 B
165 B 32ms
31ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EF36 491 B
265 B 100ms
91ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1140371982664674&correlator=466023242920942&eid=31072878%2C31073384%2C31073865%2C31074406%2C31074646%2C21065725%2C31061690&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1684257385182&lmt=1644386353&dlt=1684257384959&idt=207&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=b6bf1iyxdyf&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=93184048.1684257385&ga_sid=1684257385&ga_hid=1915479487&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efccc3fb4e48450e0f6237b8a476ab09a186c6323767d1c050078f3fd51d92e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EF36 15 KB
11 KB 98ms
89ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305100101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a214d4a7be78317b05f185acf4e5e792735b2134ca0dd3f0cd32294f411360ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11245
x-xss-protection: 0

GET
H2 200 container.html Show response
a50a90721f36d032dd27e734b0933e86.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 410D 6 KB
3 KB 175ms
79ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a50a90721f36d032dd27e734b0933e86.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 17:16:25 GMT
expires: Wed, 15 May 2024 17:16:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/32_8_0/infra/ 889 KB
147 KB 73ms
23ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_8_0/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 09a68992ad29d201e9df1c7257e25528219c03bc00a5dde8a5b3cb05a022dfd4

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-mtime: 1684239762
date: Tue, 16 May 2023 17:16:25 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: SNCA6FVRM0JZRC1G
age: 17496
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1684239763
x-amz-meta-mode: 33188
content-length: 149975
x-amz-id-2: mTeAaqzborysOmKfAtTD8qOs4wNoMbM6bzHuYYRnGPbKOXp9+oAm+Om29u1tFe17htAsFNJ8mVo=
x-served-by: cache-fra-eddf8230112-FRA
last-modified: Tue, 16 May 2023 12:22:44 GMT
server: AmazonS3-br
x-timer: S1684257385.273540,VS0,VE0
etag: "60ccdbe8a6cbccc003e38ee4081baab1"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 11501

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_8_0/assets/css/ 60 KB
8 KB 23ms
23ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_8_0/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-mtime: 1684239781
date: Tue, 16 May 2023 17:16:25 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: B1ZDC6GXYYWK0QVS
age: 17501
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1684239781
x-amz-meta-mode: 33188
content-length: 7877
x-amz-id-2: wBa/i7d48xPadZAnLIU4KfraG1680XTHy2p+qQ7yf2b6p1A5j+rMA347vLL6KrTM+u+2E+dO/kQ=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 16 May 2023 12:23:02 GMT
server: AmazonS3-br
x-timer: S1684257385.225785,VS0,VE0
etag: "92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 16330

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8A6E 17 KB
7 KB 179ms
102ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 May 2023 17:16:25 GMT

GET
H/1.1 200
OK im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
700 B 216ms
43ms Script
text/javascript 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 17:16:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Content-Type: text/javascript
Cache-Control: public, max-age=3600, s-maxage=10800
Connection: keep-alive
Content-Length: 445

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 340ms
256ms Script
text/plain 108.138.7.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY4NDI1NzM4NF8xNjg0MjU3Mzg1XzVjYjU0MTg0NjM0MQ%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2023 17:16:25 GMT
Via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: K3zGEarL3De2YAA2TjninAkmKsPvIFJscJNn_WGbRuNL7GqWF65lAg==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame AB85 379 B
601 B 166ms
78ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

372a7e5a494bdf56176588ae85cd16f38bfef7e160ff10758b7ef1c3e5ac1768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame AB85 107 B
165 B 47ms
46ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bg3.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame AB85 107 B
122 B 45ms
45ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F5A8 28 KB
13 KB 532ms
532ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134191&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385006&bpp=19&bdt=711&idt=233&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=2&ga_vid=954611832.1684257385&ga_sid=1684257385&ga_hid=1808754396&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=980&biw=1600&bih=1200&isw=336&ish=280&ifk=3748379907&scr_x=0&scr_y=0&eid=42532186%2C44759926%2C44759875%2C44759842%2C42532090%2C44773810%2C31074469%2C31074545%2C44785292%2C44788442%2C44792089&oid=2&pvsid=2716245047709924&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w9r6tz6uww5o&fsb=1&dtd=265

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42926767780af92f987a5dede53281f3580d54a4d9812665464077da5cae9e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13236
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 17:16:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AB85 15 KB
11 KB 75ms
74ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

830749d45a9f069bc015740000ff0fc46664b1833fcca8ef76bbea379fd2abd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11303
x-xss-protection: 0

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 414ms
140ms Fetch
application/json 2600:1f18:24e6:b902:a2e8:aff4:6806:b125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:a2e8:aff4:6806:b125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2EvY2hhby1nYW8tbWktZHUtc2FuLXdlaS1kb25nLXRhaS1xdWFuLXhpLXRvdS15aW5nLXNoaS14aWFuLmh0bWw=.json Show response
cdn.adpushup.com/42753/ 555 B
875 B 250ms
250ms XHR
text/html 2a02:26f0:480:f::213:7ede
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvY2hhby1nYW8tbWktZHUtc2FuLXdlaS1kb25nLXRhaS1xdWFuLXhpLXRvdS15aW5nLXNoaS14aWFuLmh0bWw=.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ede Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-country: DE
date: Tue, 16 May 2023 17:16:25 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=6, origin; dur=90, ak_p; desc="467849_34831774_241835104_9542_770_35_0";dur=1
content-length: 555
expires: Tue, 16 May 2023 18:16:25 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EF36 17 KB
6 KB 141ms
125ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 May 2023 17:16:25 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 0DBE 379 B
314 B 124ms
89ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f359e1533a27f96fd3e27ff156192b47cc5e25015a73374afad352e2b92b360d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0DBE 107 B
165 B 41ms
40ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bg3.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0DBE 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 303B 34 KB
14 KB 479ms
478ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385042&bpp=10&bdt=764&idt=256&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=1&ga_vid=354115225.1684257385&ga_sid=1684257385&ga_hid=500215803&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=605266209&scr_x=0&scr_y=0&eid=42532089%2C44759927%2C44759876%2C42532185%2C44773810%2C44759837%2C31071756%2C44788442%2C44792088&oid=2&pvsid=146831319684748&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ikzvglq8cotc&fsb=1&dtd=278

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b75cab6aecc9ff9cd6e5855b00a6638cdf9e0268b5f6fb26d1052b5295ee6c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13827
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 17:16:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0DBE 15 KB
11 KB 103ms
103ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5054c46e789a1550ee50977f343b757b1fd419dc2a648771ea7f4464664fdd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11353
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AB85 17 KB
6 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 May 2023 17:16:25 GMT

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 23ms
23ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_8_0/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 4433926
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1684257385.467172,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits: 20896

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.1.8/ 436 KB
83 KB 23ms
23ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.8/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_8_0/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 494747d7ec60d95b26eca76338de89444b60dbe33e2aa3ee7a8ed53dd36022ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-mtime: 1683622864
date: Tue, 16 May 2023 17:16:25 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: KQ9SQXKNBRPJ2W7W
age: 634449
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1683622879
x-amz-meta-mode: 33188
content-length: 84209
x-amz-id-2: lXX05OzzyjXzMGZ/1vCY4D7rW14TUA4AuVj/vw+uZxRyuC1rLMtgYz7V99pwbRXOldQ85LYslNc=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 09 May 2023 09:01:20 GMT
server: AmazonS3-br
x-timer: S1684257385.480025,VS0,VE0
etag: "5b7fa2993f4635dad5e1ba884ca41236"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 62336

GET
H2 200 sync Show response
am-match.taboola.com/ Frame C543 422 B
507 B 33ms
31ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_8_0/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: ddb209c3edc4250d9eafb81298cb15973d5cad02a1813d1d2d1d0231d3f7a911

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Tue, 16 May 2023 17:16:25 GMT
machineid: 3407
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 33ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&cmcv=&pix=31579697&cb=1684257385471&uv=3280&tms=1684257385471&su=3&abt=nonrv_vA!rv0lcr_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-length: 0
server: nginx

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0DBE 17 KB
6 KB 52ms
48ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 May 2023 17:16:25 GMT

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 56ms
51ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Tue, 16 May 2023 17:16:25 GMT
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: FRA60-P1
age: 1267145
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1684257386.537466,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: npduzmsBCTInKS4xiVDpNaDedmMD0lXz2htxNJCf5T4Pqvm9JpF6qQ==
x-cache-hits: 47434

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
304 B 64ms
63ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=20
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230516-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 18
pragma: no-cache
date: Tue, 16 May 2023 17:16:25 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230047-FRA
server: nginx
x-timer: S1684257386.531582,VS0,VE18
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.bg3.co
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6442 13 KB
5 KB 25ms
23ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 16:53:56 GMT
expires: Wed, 15 May 2024 16:53:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 02FF 783 B
1 KB 88ms
33ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a93f8d2cef31cb1ab04b2c44fb26024a5086df302e8bf759fa78364243610db1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D_8hg8Q7bRl9NDSpKg2xBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-D_8hg8Q7bRl9NDSpKg2xBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 17:16:25 GMT
expires: Tue, 16 May 2023 17:16:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 77AE 13 KB
5 KB 29ms
28ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 16:53:56 GMT
expires: Wed, 15 May 2024 16:53:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CD96 783 B
743 B 86ms
34ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7924937b6bace3bbe8cc3f86a8c2eead5d099e7daf1217f6a55d94aa938e09f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5m-kWLE5pZBAJVjx5so7XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-5m-kWLE5pZBAJVjx5so7XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 17:16:25 GMT
expires: Tue, 16 May 2023 17:16:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 42ms
42ms Script
application/javascript 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
Content-Encoding: gzip
Date: Tue, 16 May 2023 17:16:25 GMT
Last-Modified: Fri, 21 Apr 2023 06:05:08 GMT
ETag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=10800
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2434

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D49D 13 KB
5 KB 27ms
26ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 16:53:56 GMT
expires: Wed, 15 May 2024 16:53:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 66AD 783 B
739 B 85ms
37ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c2545f535e503a9a86bf4179158dcaafdf9a113cd0be96e31b00cf6c103063c6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T3q5b5Ad5TaVwZC_aimmiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-T3q5b5Ad5TaVwZC_aimmiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 17:16:25 GMT
expires: Tue, 16 May 2023 17:16:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame C543 70 B
264 B 51ms
50ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 16 May 2023 17:16:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7
pr-bh.ybp.yahoo.com/sync/taboola/ Frame C543 43 B
425 B 50ms
49ms Image
image/gif 2a05:d018:d29:3605:a767:7d1a:aeec:38d9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:a767:7d1a:aeec:38d9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame C543 43 B
145 B 23ms
22ms Image
image/gif 3.68.255.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.255.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-255-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
81 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ade195282356d0dc75a7bd84c5739eaa3ef60e8024cc3f99d8daa0ab871a818

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82428
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 May 2023 17:16:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8A23 13 KB
5 KB 24ms
23ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 16:53:56 GMT
expires: Wed, 15 May 2024 16:53:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4F69 783 B
739 B 35ms
34ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6b74f251529a8bfc864e9780cc40e410fcb9ddece366d69f8d5dfb21ed0edec1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LNjn3Tzy7SxDSIzxyT8EuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-LNjn3Tzy7SxDSIzxyT8EuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 17:16:25 GMT
expires: Tue, 16 May 2023 17:16:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
180 B 323ms
261ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H0JS0B3Z5PWP0T2WMBERAT2W
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Tue, 16 May 2023 17:16:25 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 6442 37 KB
14 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 16:53:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 16:53:57 GMT

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 77AE 37 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 16:53:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 16:53:57 GMT

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame D49D 37 KB
14 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 16:53:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 16:53:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 02FF 0
0 59ms
57ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305100101&jk=832394140906904&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CD96 0
0 59ms
58ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305100101&jk=1140371982664674&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 66AD 0
0 58ms
58ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=2716245047709924&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
709 B 22ms
22ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Tue, 16 May 2023 17:16:25 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 10210
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1684257386.738284,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 4603

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4F69 0
0 57ms
56ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=146831319684748&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A23 37 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 16:53:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 16:53:57 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 104ms
52ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je35a0&_p=2443&cid=2094769593.1684257386&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684257385&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&dt=%E8%B6%85%E9%AB%98%E5%AF%86%E5%BA%A6%E4%B8%89%E7%B6%AD%E5%8B%95%E6%85%8B%E5%85%A8%E6%81%AF%E6%8A%95%E5%BD%B1%E5%AF%A6%E7%8F%BE%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 5317 495 B
665 B 824ms
269ms Document
text/html 54.65.183.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.183.34 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-183-34.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Tue, 16 May 2023 17:16:26 GMT
etag: "64639d9f-1ef"
last-modified: Tue, 16 May 2023 15:13:35 GMT
server: nginx

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame F5A8 2 KB
2 KB 127ms
54ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWpFME1EaGpNVGt0WTJSalppMWxNekJoTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NzY4ODM1MTU4MzgwMDMwOTYvNjYyMjMyOC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1NDVxV3Y5QUhBOVR0Z3RjeTh0bnlVUS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTc2ODgzNTE1ODM4MDAzMDk2L3pyaC8wLzQ0NC84MC85OTkvMzIyLzIwMDE6MWI2MDoyOjovMC4wMDAvMTY4NDI1NzM4NS8xNjg0MjY5OTg1LzQvcHViLTQ0ODUyMzk0MjU5MjQ3ODcv/GyInknaP1fhyiLApkUXbujdRcOk&nodeid=4171&group=zrh&auctionid=7576883515838003096&pbs_auctionid=7576883515838003096&shardkey=7576883515838003096&sid=4562306&cid=6622328&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.161&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMmE7abpjZMykGLHWn88Pod-e8AjPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBKUCT9BUpf4nPnyFUla2HVA0fGMSKrU8Czq1gIMrYpnCV6zlJ-s5HEZ0u5AmL8eNzlMH_VRCLh6mbCkWwSntw2rJCNsrW1NvSmXEx7Qw933kAqOzpzhhAIcL63vX1EV2YWXZVt7Wfn4BOCZFrBtdgTAZlX7pe-sAHhOr5FuiKiGzuDokN0G_2_QtgDwzY2AKOvjrjCsghEW4VEcHIaVsx9ds45TNjEI5ueSLvi21Lgt_h7wLooP-jF5NKirxMiIej3aTfOROxAm6Jo6U6VeH_BX_7KQs9u8jGDM2Wfbe1tqHvNUAMN_uGqf3xZWaF3i1igFQwnoUEPC3CLHD_U8K3oEM3LcIVhRtg_iRAzqpy6-PDVuxuFaf6cqeVDs61qgepUrpCQXDn-6ABsmR95rZ0K-t1AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1pgNqGpEcniRQudacEivX7ajdbHg%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134191&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385006&bpp=19&bdt=711&idt=233&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=2&ga_vid=954611832.1684257385&ga_sid=1684257385&ga_hid=1808754396&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=980&biw=1600&bih=1200&isw=336&ish=280&ifk=3748379907&scr_x=0&scr_y=0&eid=42532186%2C44759926%2C44759875%2C44759842%2C42532090%2C44773810%2C31074469%2C31074545%2C44785292%2C44788442%2C44792089&oid=2&pvsid=2716245047709924&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w9r6tz6uww5o&fsb=1&dtd=265
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.387.2 /
Resource Hash: 49741afaf16d7f6e6544e4761fe70e3f05e71ab901270f80beab9ed0755e9ec6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 17:16:25 GMT
x-mm-nodeid: 4171
Content-Encoding: gzip
x-mm-bid-request-time: 1684257385
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Tue, 16 May 2023 17:16:25 GMT
Server: MMBD/3.387.2
x-mm-latency: 23 (1)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: cdg-router-x82, zrh-bidder-x77
x-mm-lag: 0
Expires: Tue, 16 May 2023 17:16:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame F5A8 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134191&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385006&bpp=19&bdt=711&idt=233&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=2&ga_vid=954611832.1684257385&ga_sid=1684257385&ga_hid=1808754396&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=980&biw=1600&bih=1200&isw=336&ish=280&ifk=3748379907&scr_x=0&scr_y=0&eid=42532186%2C44759926%2C44759875%2C44759842%2C42532090%2C44773810%2C31074469%2C31074545%2C44785292%2C44788442%2C44792089&oid=2&pvsid=2716245047709924&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w9r6tz6uww5o&fsb=1&dtd=265

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 16:53:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 16:53:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame F5A8 19 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

243b5023074477a6410ea68994d4c5c4090300de8967dee3b15a0c0482962899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 5156626137554315251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F5A8 0
0 37ms
34ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxU_ryOdtUPkpFqNyRp1ZvbNavYRmtDyH9OnJyxHEikmhUEqHRcQLZnc1c0FbWvrrRbEtZ1lkWekIQRI5Rx0mt73UMCQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134191&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385006&bpp=19&bdt=711&idt=233&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=2&ga_vid=954611832.1684257385&ga_sid=1684257385&ga_hid=1808754396&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=980&biw=1600&bih=1200&isw=336&ish=280&ifk=3748379907&scr_x=0&scr_y=0&eid=42532186%2C44759926%2C44759875%2C44759842%2C42532090%2C44773810%2C31074469%2C31074545%2C44785292%2C44788442%2C44792089&oid=2&pvsid=2716245047709924&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w9r6tz6uww5o&fsb=1&dtd=265
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5A8 170 KB
53 KB 176ms
104ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 17:16:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 77EC 0
0 69ms
68ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CX8mYabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnAJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA4fyd9VCV0t2_PnVxJxQNC6w0le5Cph9nk1titcpNsZewpPCtI0n4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=HmA-4jdlUts&uach_m=[UACH]&cid=CAQSKQBygQiD03YxOZ6D1P-KLR3ITsH--p1c0jhkhu70d90gtpkWIDAo7hVoGAE

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385042&bpp=10&bdt=764&idt=256&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=1&ga_vid=354115225.1684257385&ga_sid=1684257385&ga_hid=500215803&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=605266209&scr_x=0&scr_y=0&eid=42532089%2C44759927%2C44759876%2C42532185%2C44773810%2C44759837%2C31071756%2C44788442%2C44792088&oid=2&pvsid=146831319684748&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ikzvglq8cotc&fsb=1&dtd=278
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 16 May 2023 17:16:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 77EC 0
0 98ms
33ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k43cfwtph4k0thxnqe3xdesgq8wpnvmzxy2p6j3vbzxdfvbpy0q0cq8kmz693w657ancz6n9db50m0q38k4rf0ah45drd660e9qttxynnah6jtm3hqktqv2k2rt3gmd9td0v3myqpww3ef5jpejjf58kb0rj5p4xmmwjw7sa5kt0s9xq1qvzx5r0meze2xph0syy394qwy03cts7dzw6vd0ra5wtga9d0x8p05cq1qr9wwxq227wjx3esq8jm9w9j29x3x4w7zebh577je5cyrsqmbwde46hxhnzfd66py354pmvr2dccfpd0w1yh723p2zgdf3pfzk49zw4g43d1nvq9yrmaqjare8sx45x8deegm5ef5vtb1j8y086700g8emch4gx1qa7a9q&b=ZGO6aQAGlS0Gdgc2AAEFSSBUeRG0BOtfhCQ3pw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 16 May 2023 17:16:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 097F 2 KB
3 KB 115ms
46ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g7t60f9z5s4s4zywvt6yvx249c2n536pgrzxdbrmzmc1mjwva1e4sd40n1xxaw4hgs54ztf461xvtrqgjt451apr6faybb7nna8xr2rjsk4k21hpysdbmpchcaqdtg7zxchc75whjatzymjaep2j5zywb6sfrneqj7cdf4adrxhgc7889kg2zkdcnztvepv2t4a48nzw5baebdbjkmm5sqrmx3yhcn4t47kf0g4xvh43enhrxg9y58fa9wvmhk06000tpz6vz70kh8hs9h0cwevk4wbd30r8pmpdb8b6zy9zc5wcnrt48yzx8p1pzrzq6tpry15m1q9beh7z2hnr55c5t080br01xxyadf1g7sxcyheg5asezx341afryrhsccp875vjgqq08bkft86hfmkc9yr59wc6y8229hsf8p3x0hphgaphpy4ebwk8h8abh4m65eg46y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%26client%3Dca-pub-4485239425924787%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385042&bpp=10&bdt=764&idt=256&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=1&ga_vid=354115225.1684257385&ga_sid=1684257385&ga_hid=500215803&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=605266209&scr_x=0&scr_y=0&eid=42532089%2C44759927%2C44759876%2C42532185%2C44773810%2C44759837%2C31071756%2C44788442%2C44792088&oid=2&pvsid=146831319684748&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ikzvglq8cotc&fsb=1&dtd=278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

014281c43f118e8521197dc8d491524dbbf88f13767417deac744fe7cba6fbb1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c8544b65e986909-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 17:16:26 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 77EC 3 KB
1 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385042&bpp=10&bdt=764&idt=256&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=1&ga_vid=354115225.1684257385&ga_sid=1684257385&ga_hid=500215803&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=605266209&scr_x=0&scr_y=0&eid=42532089%2C44759927%2C44759876%2C42532185%2C44773810%2C44759837%2C31071756%2C44788442%2C44792088&oid=2&pvsid=146831319684748&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ikzvglq8cotc&fsb=1&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 16:53:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 16:53:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EE17 1 KB
643 B 26ms
23ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385042&bpp=10&bdt=764&idt=256&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=1&ga_vid=354115225.1684257385&ga_sid=1684257385&ga_hid=500215803&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=605266209&scr_x=0&scr_y=0&eid=42532089%2C44759927%2C44759876%2C42532185%2C44773810%2C44759837%2C31071756%2C44788442%2C44792088&oid=2&pvsid=146831319684748&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ikzvglq8cotc&fsb=1&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Wed, 17 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 77EC 19 KB
8 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385042&bpp=10&bdt=764&idt=256&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=1&ga_vid=354115225.1684257385&ga_sid=1684257385&ga_hid=500215803&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=605266209&scr_x=0&scr_y=0&eid=42532089%2C44759927%2C44759876%2C42532185%2C44773810%2C44759837%2C31071756%2C44788442%2C44792088&oid=2&pvsid=146831319684748&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ikzvglq8cotc&fsb=1&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

243b5023074477a6410ea68994d4c5c4090300de8967dee3b15a0c0482962899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 5156626137554315251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 77EC 0
0 40ms
35ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmkblj8VZ73W6VQrZgdTFtZnU95CsKbYqhHKrK9oO0aWuwAo2fmWlSInBd9Z1hVovLQR1D9qssBHu1HfO_B2ApajU3OQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385042&bpp=10&bdt=764&idt=256&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=1&ga_vid=354115225.1684257385&ga_sid=1684257385&ga_hid=500215803&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=605266209&scr_x=0&scr_y=0&eid=42532089%2C44759927%2C44759876%2C42532185%2C44773810%2C44759837%2C31071756%2C44788442%2C44792088&oid=2&pvsid=146831319684748&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ikzvglq8cotc&fsb=1&dtd=278
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 77EC 170 KB
53 KB 140ms
67ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385042&bpp=10&bdt=764&idt=256&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=1&ga_vid=354115225.1684257385&ga_sid=1684257385&ga_hid=500215803&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=605266209&scr_x=0&scr_y=0&eid=42532089%2C44759927%2C44759876%2C42532185%2C44773810%2C44759837%2C31071756%2C44788442%2C44792088&oid=2&pvsid=146831319684748&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ikzvglq8cotc&fsb=1&dtd=278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 17:16:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F5A8 0
0 70ms
69ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXUoQabpjZMykGLHWn88Pod-e8AjPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBKICT9BUpf4nPnyFUla2HVA0fGMSKrU8Czq1gIMrYpnCV6zlJ-s5HEZ0u5AmL8eNzlMH_VRCLh6mbCkWwSntw2rJCNsrW1NvSmXEx7Qw933kAqOzpzhhAIcL63vX1EV2YWXZVt7Wfn4BOCZFrBtdgTAZlX7pe-sAHhOr5FuiKiGzuDokN0G_2_QtgDwzY2AKOvjrjCsghEW4VEcHIaVsx9ds45TNjEI5ueSLvi21Lgt_h7wLooP-jF5NKirxMiIej3aTfOROxAm6Jo6U6VeH_BX_7KQs9u8jGDM2Wfbe1tqHvNUAMN_uGqf3xZWaF3i1igFQwnoUEPC3CLHD_U8KnIMtThu08hPgJ7A623oGO7KbB-e7lk5-VAre-8GbyIQGC9NVDoiABsmR95rZ0K-t1AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=x8NjH7hVv4U&uach_m=[UACH]&cid=CAQSKQBygQiDoYg_k1lGII6GflN4YsAc06oEBkWi1PE3KOqE9mmz_pvXy3bWGAE&tpd=AGWhJmv5z8JcpSdq5o3OvWGsfmuLuvP1krgYqh_yGKqGxTcxOCQMRUHK_-wASZZlqAIuKcWLGF3ELCrNu_epmHyFF2xmIrorQkzYZmruZWIGENOrWuy0WiPwKO5wpgxz6UI1w6sgM1NDSy0SfUpzMfcfiCRK5qboG9AjEK8yG1Xs84EawiSTyC4aOJwf_T-Pj_7bpnjl_ZEEMEbB7rStB0iwMXySm9AwJe55uktph0HzunNnMD-lgOp1xGuFIutVstcUnOcFy_JpuXeJnabu8S6hyAaTRDt2MGuAle3cF4zK7sYvPdSTXOqGCXh_m2OLtrB0QmFbO0PSkQdejtNsJ2Ik7dK_-jGitPVNddhIhMKlcyvyZL-uDsnhMMCk31q8sx4eZtpeuiKcq6nIR05zfEEnSaCrEH-Hxz_Ae1hX89XL-xynUymM-zJwRYRAbfz3xvXkoKwYvXwodcj4BHRr2fRXKb_WW8Fm97GWw1RCdW6lSkK5QjRbGpCzcJJLbYh2ADWQP2pDV1lavBRExHee0Wp-oqxPekLTDPvarttl_TesNnqB2TsFEYMOUCPsP2hZPFvGexOrF2qhoLOol_u3avdiuMKU0j3dwdtbN6MUVnwDj4IoyYb9yAtHwY1wYvu5tF8OM3_r-4_3Kkl4zupNhIfMOLKNEj77q1Ujd02AzGjKdLWJ-qX9IavMOTlpLQT6_lTOQ2GvDpEY2NkOpH6q5dZPvJwZHb2Kxf53FAoIVvCBCxv0VBuwpfr-3qm_Jc2TpSTT3nRKHPLtDWKXlsbvuinot_t7Oa2CSyyjYP75FqLe7tY1hwf8J0WLV9q5BGybGdN1V0eO9wOS0_RvWQ9YDmo9UtTxEyH_WaNIJb7Li3XkelYvjv-a8yAGDA1J52sfb0t76K2Ox-LCBav9cAzL4xNH_FMYJ64crZvsB4qvBJlz5Xtnc4BeplTX0Sox78lKq_pdIWoIFM-bkC0eJ355PX9wAP0xKVf6Uasq7CmAixg5bZhQKySust9DFAZfiwOqrLJcsaszVnjKOQzZWQsfatqVfoqkFmmTXOO81pd1i1jJZt-IR_GHa5Z1JwgpQDOty2bxvVCoGtChdkrW2qvhXd6uSYnc4q67IQ0L3m04GWr3-Jmy60fRNg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134191&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385006&bpp=19&bdt=711&idt=233&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=2&ga_vid=954611832.1684257385&ga_sid=1684257385&ga_hid=1808754396&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=980&biw=1600&bih=1200&isw=336&ish=280&ifk=3748379907&scr_x=0&scr_y=0&eid=42532186%2C44759926%2C44759875%2C44759842%2C42532090%2C44773810%2C31074469%2C31074545%2C44785292%2C44788442%2C44792089&oid=2&pvsid=2716245047709924&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w9r6tz6uww5o&fsb=1&dtd=265
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 16 May 2023 17:16:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6442 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cv6Mog
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 77AE 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZjKAzA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D49D 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GZsesg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame 77EC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4837d4255ffecab4ffacb6ef63d7199b0681e393e50a21c980c9d3b85b63f0c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame EE17 35 B
363 B 30ms
23ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDxinKoKV_GZneeFhM-eCmI&google_cver=1&google_push=ATf1kGPEOzE5SjM8cSGwnR0NAKvIpPtsTpAzXFqiDTVzcaymFEt614LNK0hm1RbUc5kaZqYh0_j92RUFL-gAhjT2oynRwZo2tfpUyq2HbNVMxjcZ3lEGmoeIfmzSm-ob9Qqa4AsgBu3tpATVBx_QnXymnJ9n

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385042&bpp=10&bdt=764&idt=256&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=1&ga_vid=354115225.1684257385&ga_sid=1684257385&ga_hid=500215803&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=605266209&scr_x=0&scr_y=0&eid=42532089%2C44759927%2C44759876%2C42532185%2C44773810%2C44759837%2C31071756%2C44788442%2C44792088&oid=2&pvsid=146831319684748&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ikzvglq8cotc&fsb=1&dtd=278

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EE17
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIkEpS1qpNr9Rb7H3hsixrw&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIkEpS1qpNr9Rb7H3hsixrw&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Q2dGWHNUSW0xUFlZaEk1&google_gid=CAESEIkEpS1qpNr9Rb7H3hsixrw&google_cver=1&google_push=ATf1kGN9WO3CiqngFo0vi63LYmQo9tDo4sIt5-f8ix6EE3U...

170 B
232 B

33ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Q2dGWHNUSW0xUFlZaEk1&google_gid=CAESEIkEpS1qpNr9Rb7H3hsixrw&google_cver=1&google_push=ATf1kGN9WO3CiqngFo0vi63LYmQo9tDo4sIt5-f8ix6EE3ULWrmXC0871C-tQuTrVbZ67itSVRkJ1NNyZd_EmwXG8QnFilLtHBZ39Dq_pgILLOAoe_NQPAjGS5KktpkaV1liPUguIKLp94vJgyJYdasW1V4m

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385042&bpp=10&bdt=764&idt=256&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=1&ga_vid=354115225.1684257385&ga_sid=1684257385&ga_hid=500215803&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=605266209&scr_x=0&scr_y=0&eid=42532089%2C44759927%2C44759876%2C42532185%2C44773810%2C44759837%2C31071756%2C44788442%2C44792088&oid=2&pvsid=146831319684748&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ikzvglq8cotc&fsb=1&dtd=278

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 May 2023 17:16:25 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0943143fd00beb9c6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Q2dGWHNUSW0xUFlZaEk1&google_gid=CAESEIkEpS1qpNr9Rb7H3hsixrw&google_cver=1&google_push=ATf1kGN9WO3CiqngFo0vi63LYmQo9tDo4sIt5-f8ix6EE3ULWrmXC0871C-tQuTrVbZ67itSVRkJ1NNyZd_EmwXG8QnFilLtHBZ39Dq_pgILLOAoe_NQPAjGS5KktpkaV1liPUguIKLp94vJgyJYdasW1V4m
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EE17
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKEt4dzl0Bfo6nLwoYPAR-g&google_cver=1&google_push=ATf1kGPHy3xIaoOHWqmyGeUHkvh_JW9J-0e4NPbWsWNZWzHlzQDvGo-NibJJn2R1_3Kg5Qn89E3t1lVvGA2sa7_ra7Gc...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKEt4dzl0Bfo6nLwoYPAR-g&google_cver=1&google_push=ATf1kGPHy3xIaoOHWqmyGeUHkvh_JW9J-0e4NPbWsWNZWzHlzQDvGo-NibJJn2R1_3Kg5Qn89E3t1lVvGA2sa7...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPHy3xIaoOHWqmyGeUHkvh_JW9J-0e4NPbWsWNZWzHlzQDvGo-NibJJn2R1_3Kg5Qn89E3t1lVvGA2sa7_ra7GcQbW2MhIEFnwI-sXHKVnGOP_GJO30eC0P0EJZQJZiWG...

170 B
329 B

34ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPHy3xIaoOHWqmyGeUHkvh_JW9J-0e4NPbWsWNZWzHlzQDvGo-NibJJn2R1_3Kg5Qn89E3t1lVvGA2sa7_ra7GcQbW2MhIEFnwI-sXHKVnGOP_GJO30eC0P0EJZQJZiWGaRKmorKurqa0fay5Y0-VD6&google_hm=TgaqQRCcTs6wV62pNRTgUQ==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385042&bpp=10&bdt=764&idt=256&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=1&ga_vid=354115225.1684257385&ga_sid=1684257385&ga_hid=500215803&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=605266209&scr_x=0&scr_y=0&eid=42532089%2C44759927%2C44759876%2C42532185%2C44773810%2C44759837%2C31071756%2C44788442%2C44792088&oid=2&pvsid=146831319684748&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ikzvglq8cotc&fsb=1&dtd=278

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPHy3xIaoOHWqmyGeUHkvh_JW9J-0e4NPbWsWNZWzHlzQDvGo-NibJJn2R1_3Kg5Qn89E3t1lVvGA2sa7_ra7GcQbW2MhIEFnwI-sXHKVnGOP_GJO30eC0P0EJZQJZiWGaRKmorKurqa0fay5Y0-VD6&google_hm=TgaqQRCcTs6wV62pNRTgUQ==
date: Tue, 16 May 2023 17:16:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EE17
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAJ7xBLCPDTh0kgf_cekk3g&google_cver=1&google_push=ATf1kGPcoccNMMa9FXzpainxlWcYulHV7JoxgXEjPWqMQDD6OQX0NWZaai2Q7WjI6ZpXiAuiqiryywJ5...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAJ7xBLCPDTh0kgf_cekk3g&google_cver=1&google_push=ATf1kGPcoccNMMa9FXzpainxlWcYulHV7JoxgXEjPWqMQDD6OQX0NWZaai2Q7WjI6ZpXiAuiqir...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMzODY0ODYzNjc0MzE4NDA0OQ&google_push=ATf1kGPcoccNMMa9FXzpainxlWcYulHV7JoxgXEjPWqMQDD6OQX0NWZaai2Q7WjI6ZpXiAuiqiryyw...

170 B
232 B

34ms
34ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMzODY0ODYzNjc0MzE4NDA0OQ&google_push=ATf1kGPcoccNMMa9FXzpainxlWcYulHV7JoxgXEjPWqMQDD6OQX0NWZaai2Q7WjI6ZpXiAuiqiryywJ5zt_gqF92Y2dyPy7bVkx5hmgg-9BfBNFKqaBwwIZk5GgxgIYsbYUuKNzVehLtxQ-03Ash8vyOSadt

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385042&bpp=10&bdt=764&idt=256&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=1&ga_vid=354115225.1684257385&ga_sid=1684257385&ga_hid=500215803&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=605266209&scr_x=0&scr_y=0&eid=42532089%2C44759927%2C44759876%2C42532185%2C44773810%2C44759837%2C31071756%2C44788442%2C44792088&oid=2&pvsid=146831319684748&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ikzvglq8cotc&fsb=1&dtd=278

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMzODY0ODYzNjc0MzE4NDA0OQ&google_push=ATf1kGPcoccNMMa9FXzpainxlWcYulHV7JoxgXEjPWqMQDD6OQX0NWZaai2Q7WjI6ZpXiAuiqiryywJ5zt_gqF92Y2dyPy7bVkx5hmgg-9BfBNFKqaBwwIZk5GgxgIYsbYUuKNzVehLtxQ-03Ash8vyOSadt
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EE17
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEB3j-7Pl29F7aTN6GtWBh3k&google_cver=1&google_push=ATf1kGPjZgsWuoeIKrhaBSHw4pB0yipn4g0Qe5Q4sLr6S1cfuHPZTJcWO7Ohg8FfPeFY6LxzUidmmYvTQcN2...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPjZgsWuoeIKrhaBSHw4pB0yipn4g0Qe5Q4sLr6S1cfuHPZTJcWO7Ohg8FfPeFY6LxzUidmmYvTQcN2GTEWa7FCz6sc4c-isDFzHpYc7K9Ngf0FE34B...

170 B
232 B

33ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPjZgsWuoeIKrhaBSHw4pB0yipn4g0Qe5Q4sLr6S1cfuHPZTJcWO7Ohg8FfPeFY6LxzUidmmYvTQcN2GTEWa7FCz6sc4c-isDFzHpYc7K9Ngf0FE34Bg_nk7SumkDh4Ytq7PY0UlqMaRm3AaPyIXuPw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385042&bpp=10&bdt=764&idt=256&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=1&ga_vid=354115225.1684257385&ga_sid=1684257385&ga_hid=500215803&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=605266209&scr_x=0&scr_y=0&eid=42532089%2C44759927%2C44759876%2C42532185%2C44773810%2C44759837%2C31071756%2C44788442%2C44792088&oid=2&pvsid=146831319684748&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ikzvglq8cotc&fsb=1&dtd=278

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPjZgsWuoeIKrhaBSHw4pB0yipn4g0Qe5Q4sLr6S1cfuHPZTJcWO7Ohg8FfPeFY6LxzUidmmYvTQcN2GTEWa7FCz6sc4c-isDFzHpYc7K9Ngf0FE34Bg_nk7SumkDh4Ytq7PY0UlqMaRm3AaPyIXuPw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE17
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEG07uQTMRTp8nqmDL0xoh4A&google_cver=1&google_push=ATf1kGMTkL8pRFoHTVMxf3TOGvEIHgmhJSP8jwze1lX19yAJwRrM8WBSEhndF_luqyC2tCeoNrJr3z_eKG6w-WZXZlJwVD...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEG07uQTMRTp8nqmDL0xoh4A&google_cver=1&google_push=ATf1kGMTkL8pRFoHTVMxf3TOGvEIHgmhJSP8jwze1lX19yAJwRrM8WBSEhndF_luqyC2tCeoNrJr3z_eKG6w-WZX...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RjsI9pBVTuycN5_w__fn3A&google_push=ATf1kGMTkL8pRFoHTVMxf3TOGvEIHgmhJSP8jwze1lX19yAJwRrM8WBSEhndF_luqyC2tCeoNrJr3z_eKG6w-WZ...

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RjsI9pBVTuycN5_w__fn3A&google_push=ATf1kGMTkL8pRFoHTVMxf3TOGvEIHgmhJSP8jwze1lX19yAJwRrM8WBSEhndF_luqyC2tCeoNrJr3z_eKG6w-WZXZlJwVDvg24k6SsLYMDRnF-GKDvzvFPq22Ul1MAhniwDp2Xn_xvJXtTAOxmi-7XdcsFMe

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RjsI9pBVTuycN5_w__fn3A&google_push=ATf1kGMTkL8pRFoHTVMxf3TOGvEIHgmhJSP8jwze1lX19yAJwRrM8WBSEhndF_luqyC2tCeoNrJr3z_eKG6w-WZXZlJwVDvg24k6SsLYMDRnF-GKDvzvFPq22Ul1MAhniwDp2Xn_xvJXtTAOxmi-7XdcsFMe
access-control-allow-origin: *
date: Tue, 16 May 2023 17:16:26 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE17
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEG...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGP6LX4zfqFKraMaFjq7IXLdnJ8iKLl-b4qn8gQm93EEHwAk3-Biid0oLXvJA9GSetKc54JilKOxNYhKOQ8dwAoKKFS5X_UVN4HqjbJfn8eFK-WUE1gytuoV-_G9r0t...
https://sync.targeting.unrulymedia.com/csync/RX-5ed61863-a3c6-42ff-8fc7-ed50eda65dd4-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGP6LX4zfqFKraMaFjq7I...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP6LX4zfqFKraMaFjq7IXLdnJ8iKLl-b4qn8gQm93EEHwAk3-Biid0oLXvJA9GSetKc54JilKOxNYhKOQ8dwAoKKFS5X_UVN4HqjbJfn8eFK-WUE1gytuoV-_G9r0tC8t0u...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP6LX4zfqFKraMaFjq7IXLdnJ8iKLl-b4qn8gQm93EEHwAk3-Biid0oLXvJA9GSetKc54JilKOxNYhKOQ8dwAoKKFS5X_UVN4HqjbJfn8eFK-WUE1gytuoV-_G9r0tC8t0uZvIDsAGzhobfyeRD7ns&google_hm=A17WGGOjxkL_j8ftUO2mXdQ

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP6LX4zfqFKraMaFjq7IXLdnJ8iKLl-b4qn8gQm93EEHwAk3-Biid0oLXvJA9GSetKc54JilKOxNYhKOQ8dwAoKKFS5X_UVN4HqjbJfn8eFK-WUE1gytuoV-_G9r0tC8t0uZvIDsAGzhobfyeRD7ns&google_hm=A17WGGOjxkL_j8ftUO2mXdQ
date: Tue, 16 May 2023 17:16:26 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX5ed61863a3c642ff8fc7ed50eda65dd4003
content-type: text/html

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EE17 0
139 B 98ms
30ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kh9jw1-RE4LkkB-c6MUzHkMoCff0vF0tZWORSrzIYiW5CaLmtD24YZlJ9YNfb2wdt9iH6r

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385042&bpp=10&bdt=764&idt=256&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=1&ga_vid=354115225.1684257385&ga_sid=1684257385&ga_hid=500215803&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=605266209&scr_x=0&scr_y=0&eid=42532089%2C44759927%2C44759876%2C42532185%2C44773810%2C44759837%2C31071756%2C44788442%2C44792088&oid=2&pvsid=146831319684748&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ikzvglq8cotc&fsb=1&dtd=278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK h78o6ojw9z7r Show response
hal9000.redintelligence.net/zone/ Frame F5A8 11 KB
4 KB 94ms
26ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/h78o6ojw9z7r?subid=&rnd=7576883515838003096&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DolijQfIL6OLIiwRh_nvaHQ%26exch_seat%3D20035004448%26mt_aid%3D7576883515838003096%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D64076463-ba69-4101-9b2b-2e8be8e02a14%26mt_cid%3D64076463-ba69-4101-9b2b-2e8be8e02a14%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMmE7abpjZMykGLHWn88Pod-e8AjPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBKUCT9BUpf4nPnyFUla2HVA0fGMSKrU8Czq1gIMrYpnCV6zlJ-s5HEZ0u5AmL8eNzlMH_VRCLh6mbCkWwSntw2rJCNsrW1NvSmXEx7Qw933kAqOzpzhhAIcL63vX1EV2YWXZVt7Wfn4BOCZFrBtdgTAZlX7pe-sAHhOr5FuiKiGzuDokN0G_2_QtgDwzY2AKOvjrjCsghEW4VEcHIaVsx9ds45TNjEI5ueSLvi21Lgt_h7wLooP-jF5NKirxMiIej3aTfOROxAm6Jo6U6VeH_BX_7KQs9u8jGDM2Wfbe1tqHvNUAMN_uGqf3xZWaF3i1igFQwnoUEPC3CLHD_U8K3oEM3LcIVhRtg_iRAzqpy6-PDVuxuFaf6cqeVDs61qgepUrpCQXDn-6ABsmR95rZ0K-t1AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1pgNqGpEcniRQudacEivX7ajdbHg%2526client%253Dca-pub-4485239425924787%2526adurl%253D%26redirect%3D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 4dfdaa977e7266306535c377a98cb161bce0a4fc9ba2dcf655d7464540865dab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 17:16:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3554
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame F5A8 49 B
329 B 102ms
40ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=7576883515838003096&node_id=4171&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWpFME1EaGpNVGt0WTJSalppMWxNekJoTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NzY4ODM1MTU4MzgwMDMwOTYvNjYyMjMyOC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1NDVxV3Y5QUhBOVR0Z3RjeTh0bnlVUS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTc2ODgzNTE1ODM4MDAzMDk2L3pyaC8wLzQ0NC84MC85OTkvMzIyLzIwMDE6MWI2MDoyOjovMC4wMDAvMTY4NDI1NzM4NS8xNjg0MjY5OTg1LzQvcHViLTQ0ODUyMzk0MjU5MjQ3ODcv/GyInknaP1fhyiLApkUXbujdRcOk&nodeid=4171&group=zrh&auctionid=7576883515838003096&pbs_auctionid=7576883515838003096&shardkey=7576883515838003096&sid=4562306&cid=6622328&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.161&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMmE7abpjZMykGLHWn88Pod-e8AjPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBKUCT9BUpf4nPnyFUla2HVA0fGMSKrU8Czq1gIMrYpnCV6zlJ-s5HEZ0u5AmL8eNzlMH_VRCLh6mbCkWwSntw2rJCNsrW1NvSmXEx7Qw933kAqOzpzhhAIcL63vX1EV2YWXZVt7Wfn4BOCZFrBtdgTAZlX7pe-sAHhOr5FuiKiGzuDokN0G_2_QtgDwzY2AKOvjrjCsghEW4VEcHIaVsx9ds45TNjEI5ueSLvi21Lgt_h7wLooP-jF5NKirxMiIej3aTfOROxAm6Jo6U6VeH_BX_7KQs9u8jGDM2Wfbe1tqHvNUAMN_uGqf3xZWaF3i1igFQwnoUEPC3CLHD_U8K3oEM3LcIVhRtg_iRAzqpy6-PDVuxuFaf6cqeVDs61qgepUrpCQXDn-6ABsmR95rZ0K-t1AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1pgNqGpEcniRQudacEivX7ajdbHg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.387.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 17:16:26 GMT
Server: MMBD/3.387.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x52, zrh-bidder-x77
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 16 May 2023 17:16:25 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame F5A8 43 B
416 B 115ms
40ms Image
image/gif 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=7576883515838003096&v3=651871&v4=4562306&v5=6622328&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWpFME1EaGpNVGt0WTJSalppMWxNekJoTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NzY4ODM1MTU4MzgwMDMwOTYvNjYyMjMyOC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1NDVxV3Y5QUhBOVR0Z3RjeTh0bnlVUS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTc2ODgzNTE1ODM4MDAzMDk2L3pyaC8wLzQ0NC84MC85OTkvMzIyLzIwMDE6MWI2MDoyOjovMC4wMDAvMTY4NDI1NzM4NS8xNjg0MjY5OTg1LzQvcHViLTQ0ODUyMzk0MjU5MjQ3ODcv/GyInknaP1fhyiLApkUXbujdRcOk&nodeid=4171&group=zrh&auctionid=7576883515838003096&pbs_auctionid=7576883515838003096&shardkey=7576883515838003096&sid=4562306&cid=6622328&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.161&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMmE7abpjZMykGLHWn88Pod-e8AjPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBKUCT9BUpf4nPnyFUla2HVA0fGMSKrU8Czq1gIMrYpnCV6zlJ-s5HEZ0u5AmL8eNzlMH_VRCLh6mbCkWwSntw2rJCNsrW1NvSmXEx7Qw933kAqOzpzhhAIcL63vX1EV2YWXZVt7Wfn4BOCZFrBtdgTAZlX7pe-sAHhOr5FuiKiGzuDokN0G_2_QtgDwzY2AKOvjrjCsghEW4VEcHIaVsx9ds45TNjEI5ueSLvi21Lgt_h7wLooP-jF5NKirxMiIej3aTfOROxAm6Jo6U6VeH_BX_7KQs9u8jGDM2Wfbe1tqHvNUAMN_uGqf3xZWaF3i1igFQwnoUEPC3CLHD_U8K3oEM3LcIVhRtg_iRAzqpy6-PDVuxuFaf6cqeVDs61qgepUrpCQXDn-6ABsmR95rZ0K-t1AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1pgNqGpEcniRQudacEivX7ajdbHg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 851 9bd98ae master cdg-pixel-x29 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 17:16:26 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x29 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 16 May 2023 17:16:25 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame F5A8 49 B
329 B 113ms
51ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=7576883515838003096&st=4562306&time=1684257385&nodeid=4171
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWpFME1EaGpNVGt0WTJSalppMWxNekJoTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NzY4ODM1MTU4MzgwMDMwOTYvNjYyMjMyOC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1NDVxV3Y5QUhBOVR0Z3RjeTh0bnlVUS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTc2ODgzNTE1ODM4MDAzMDk2L3pyaC8wLzQ0NC84MC85OTkvMzIyLzIwMDE6MWI2MDoyOjovMC4wMDAvMTY4NDI1NzM4NS8xNjg0MjY5OTg1LzQvcHViLTQ0ODUyMzk0MjU5MjQ3ODcv/GyInknaP1fhyiLApkUXbujdRcOk&nodeid=4171&group=zrh&auctionid=7576883515838003096&pbs_auctionid=7576883515838003096&shardkey=7576883515838003096&sid=4562306&cid=6622328&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.161&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMmE7abpjZMykGLHWn88Pod-e8AjPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBKUCT9BUpf4nPnyFUla2HVA0fGMSKrU8Czq1gIMrYpnCV6zlJ-s5HEZ0u5AmL8eNzlMH_VRCLh6mbCkWwSntw2rJCNsrW1NvSmXEx7Qw933kAqOzpzhhAIcL63vX1EV2YWXZVt7Wfn4BOCZFrBtdgTAZlX7pe-sAHhOr5FuiKiGzuDokN0G_2_QtgDwzY2AKOvjrjCsghEW4VEcHIaVsx9ds45TNjEI5ueSLvi21Lgt_h7wLooP-jF5NKirxMiIej3aTfOROxAm6Jo6U6VeH_BX_7KQs9u8jGDM2Wfbe1tqHvNUAMN_uGqf3xZWaF3i1igFQwnoUEPC3CLHD_U8K3oEM3LcIVhRtg_iRAzqpy6-PDVuxuFaf6cqeVDs61qgepUrpCQXDn-6ABsmR95rZ0K-t1AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1pgNqGpEcniRQudacEivX7ajdbHg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.387.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 17:16:26 GMT
Server: MMBD/3.387.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x90, zrh-bidder-x77
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 16 May 2023 17:16:25 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 097F 103 KB
13 KB 39ms
35ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g7t60f9z5s4s4zywvt6yvx249c2n536pgrzxdbrmzmc1mjwva1e4sd40n1xxaw4hgs54ztf461xvtrqgjt451apr6faybb7nna8xr2rjsk4k21hpysdbmpchcaqdtg7zxchc75whjatzymjaep2j5zywb6sfrneqj7cdf4adrxhgc7889kg2zkdcnztvepv2t4a48nzw5baebdbjkmm5sqrmx3yhcn4t47kf0g4xvh43enhrxg9y58fa9wvmhk06000tpz6vz70kh8hs9h0cwevk4wbd30r8pmpdb8b6zy9zc5wcnrt48yzx8p1pzrzq6tpry15m1q9beh7z2hnr55c5t080br01xxyadf1g7sxcyheg5asezx341afryrhsccp875vjgqq08bkft86hfmkc9yr59wc6y8229hsf8p3x0hphgaphpy4ebwk8h8abh4m65eg46y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g7t60f9z5s4s4zywvt6yvx249c2n536pgrzxdbrmzmc1mjwva1e4sd40n1xxaw4hgs54ztf461xvtrqgjt451apr6faybb7nna8xr2rjsk4k21hpysdbmpchcaqdtg7zxchc75whjatzymjaep2j5zywb6sfrneqj7cdf4adrxhgc7889kg2zkdcnztvepv2t4a48nzw5baebdbjkmm5sqrmx3yhcn4t47kf0g4xvh43enhrxg9y58fa9wvmhk06000tpz6vz70kh8hs9h0cwevk4wbd30r8pmpdb8b6zy9zc5wcnrt48yzx8p1pzrzq6tpry15m1q9beh7z2hnr55c5t080br01xxyadf1g7sxcyheg5asezx341afryrhsccp875vjgqq08bkft86hfmkc9yr59wc6y8229hsf8p3x0hphgaphpy4ebwk8h8abh4m65eg46y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%26client%3Dca-pub-4485239425924787%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 697030
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BkG5Ds6QlZ%2FPZm5Vn4WXaXh1b74mI5OaCUpetnT%2BlIpyifMTMV1Sv%2Bk2Df8fijG49EoHPCQ7vl1e53sonW1CkhPJp4RZoOEADlrR2CutDqFlzhCdFDaQlCMD0WPLkK4TL1KusdiMQg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7c8544b6df176909-FRA
expires: Tue, 16 May 2023 18:16:26 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 097F 25 KB
10 KB 48ms
34ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g7t60f9z5s4s4zywvt6yvx249c2n536pgrzxdbrmzmc1mjwva1e4sd40n1xxaw4hgs54ztf461xvtrqgjt451apr6faybb7nna8xr2rjsk4k21hpysdbmpchcaqdtg7zxchc75whjatzymjaep2j5zywb6sfrneqj7cdf4adrxhgc7889kg2zkdcnztvepv2t4a48nzw5baebdbjkmm5sqrmx3yhcn4t47kf0g4xvh43enhrxg9y58fa9wvmhk06000tpz6vz70kh8hs9h0cwevk4wbd30r8pmpdb8b6zy9zc5wcnrt48yzx8p1pzrzq6tpry15m1q9beh7z2hnr55c5t080br01xxyadf1g7sxcyheg5asezx341afryrhsccp875vjgqq08bkft86hfmkc9yr59wc6y8229hsf8p3x0hphgaphpy4ebwk8h8abh4m65eg46y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 12633
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGNjQAEDtmMfHcPdVb3%2FXC9TFXzDsIXb9jH2ag0XkdRxQh6eqk4pGshYtFVvLGemx%2BTvp86rKQfRncoXKMA4lTeYS6u0E0BQ1fGsVkXyGXcondIlvdDZZMLm9fj%2FT3tEyV5nsE4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7c8544b6ef2d6909-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 09 May 2023 13:46:06 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8A23 0
10 B 24ms
23ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GVk8Eg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 097F 3 KB
4 KB 87ms
31ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2520
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AD6f4leShfX9HLNlbYja75tVV5sHAB2HsLl79njnx%2FJUr1p0Q1bIdJIhK6xZDJ7KMcsXE1RJVsfMi%2Fj0z7STxlTW83BwFkfKULFsY2AUFfvAF8Xa%2BILMzF2DZXTsG6pDol6LJr5AR1FWHZIdZfmME3L"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7c8544b7bf121d9e-FRA
expires: Tue, 16 May 2023 17:33:44 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 6774 2 KB
1 KB 35ms
35ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 483608
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7c8544b769319b33-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 16 May 2023 17:16:26 GMT
expires: Mon, 08 May 2023 00:16:30 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGeQhd2zcould7tEKNfmHMMHQxVP%2BxNq4p7%2BE3y5uzycdwBJHO85vSVsav%2BV4sj0jbczLd7949F3jyDtBn9OmMXsePAyR9qvCKXVL5eW2Bvm45tmkjSeDPNC0jTcgE%2Fzf1g12LU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

request.php Show response
hal900015.redintelligence.net/ Frame F5A8
Redirect Chain

https://hal900015.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f01e773a0a&subid=&uid=2490ef4f19e03415&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900015.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f01e773a0a&subid=&uid=2490ef4f19e03415&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

131ms
80ms

Script
application/x-javascript

138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f01e773a0a&subid=&uid=2490ef4f19e03415&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DolijQfIL6OLIiwRh_nvaHQ%26exch_seat%3D20035004448%26mt_aid%3D7576883515838003096%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D64076463-ba69-4101-9b2b-2e8be8e02a14%26mt_cid%3D64076463-ba69-4101-9b2b-2e8be8e02a14%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMmE7abpjZMykGLHWn88Pod-e8AjPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBKUCT9BUpf4nPnyFUla2HVA0fGMSKrU8Czq1gIMrYpnCV6zlJ-s5HEZ0u5AmL8eNzlMH_VRCLh6mbCkWwSntw2rJCNsrW1NvSmXEx7Qw933kAqOzpzhhAIcL63vX1EV2YWXZVt7Wfn4BOCZFrBtdgTAZlX7pe-sAHhOr5FuiKiGzuDokN0G_2_QtgDwzY2AKOvjrjCsghEW4VEcHIaVsx9ds45TNjEI5ueSLvi21Lgt_h7wLooP-jF5NKirxMiIej3aTfOROxAm6Jo6U6VeH_BX_7KQs9u8jGDM2Wfbe1tqHvNUAMN_uGqf3xZWaF3i1igFQwnoUEPC3CLHD_U8K3oEM3LcIVhRtg_iRAzqpy6-PDVuxuFaf6cqeVDs61qgepUrpCQXDn-6ABsmR95rZ0K-t1AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1pgNqGpEcniRQudacEivX7ajdbHg%2526client%253Dca-pub-4485239425924787%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=9481879136192&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134191&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385006&bpp=19&bdt=711&idt=233&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=2&ga_vid=954611832.1684257385&ga_sid=1684257385&ga_hid=1808754396&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=980&biw=1600&bih=1200&isw=336&ish=280&ifk=3748379907&scr_x=0&scr_y=0&eid=42532186%2C44759926%2C44759875%2C44759842%2C42532090%2C44773810%2C31074469%2C31074545%2C44785292%2C44788442%2C44792089&oid=2&pvsid=2716245047709924&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w9r6tz6uww5o&fsb=1&dtd=265
Protocol: HTTP/1.1
Server: 138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 72de2eeb623f0df00070693f7886c436a48a811cc7d734794d9355c14ab30b6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2023 17:16:26 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 71853600129290700951407012326015
Connection: close
Content-Length: 1330
Expires: Tue, 16 May 2023 18:16:26 +0200

Redirect headers

Pragma: no-cache
Date: Tue, 16 May 2023 17:16:26 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f01e773a0a&subid=&uid=2490ef4f19e03415&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DolijQfIL6OLIiwRh_nvaHQ%26exch_seat%3D20035004448%26mt_aid%3D7576883515838003096%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D64076463-ba69-4101-9b2b-2e8be8e02a14%26mt_cid%3D64076463-ba69-4101-9b2b-2e8be8e02a14%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMmE7abpjZMykGLHWn88Pod-e8AjPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBKUCT9BUpf4nPnyFUla2HVA0fGMSKrU8Czq1gIMrYpnCV6zlJ-s5HEZ0u5AmL8eNzlMH_VRCLh6mbCkWwSntw2rJCNsrW1NvSmXEx7Qw933kAqOzpzhhAIcL63vX1EV2YWXZVt7Wfn4BOCZFrBtdgTAZlX7pe-sAHhOr5FuiKiGzuDokN0G_2_QtgDwzY2AKOvjrjCsghEW4VEcHIaVsx9ds45TNjEI5ueSLvi21Lgt_h7wLooP-jF5NKirxMiIej3aTfOROxAm6Jo6U6VeH_BX_7KQs9u8jGDM2Wfbe1tqHvNUAMN_uGqf3xZWaF3i1igFQwnoUEPC3CLHD_U8K3oEM3LcIVhRtg_iRAzqpy6-PDVuxuFaf6cqeVDs61qgepUrpCQXDn-6ABsmR95rZ0K-t1AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1pgNqGpEcniRQudacEivX7ajdbHg%2526client%253Dca-pub-4485239425924787%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=9481879136192&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 16 May 2023 18:16:26 +0200

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 72ms
46ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c8544b7e97b36de-FRA
content-length: 24
content-type: text/plain
date: Tue, 16 May 2023 17:16:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OBTlZC7FS25u50owzs2oRs6IQ4njBzIjQjw2dcS0f11bzAGBLrXNvgggu1iUwvcMSutpNlFmAFPl3bMJwqPXlxzJjhmQatVq6bRW%2FfSIXmlIXFG8SHqVMsq0icHS4161HyD2vw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-n6pb

POST
H3 200 rs Show response
ad4m.at/ Frame 097F 2 KB
2 KB 56ms
55ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f3cf483fc07869c41688150ee74b16e63de80fc0729e814a4eb3d2b72564999

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgVQDFgWPbvkJO29mOHgS%2Behyn7WlA2dO4vP67et%2FBq5Dfg2nFy3ERyqXA1OWDLJNHf33FXLlgYOP5%2BqK3Y0ciH0nku9kalqliJKT1V77ckPYoyhZSp9xWMBstjxqleHG8EPllE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7c8544b839dd36de-FRA
x-backend-server: aa-reachservice-group-europe-west1-n6pb
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame D6D5 11 KB
5 KB 55ms
55ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=a336912798cc01dda4d59d7d266c4608%2F17945804830575939436&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684257386298&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1htrbccs2vkzkv1gp20ds44a1kke3qvch84z0zmg6sq50823r2bws8jydb702shj7fkxb09zctepw2kfyd7k0aba3rdy378ywh78memaxn2z04ng8p89ntbth8j1snkt6rk4wwmdzvqg7p1167bcmxq27rwjm84xnzdtgd7han9yywhejkqz7xs7z6fgq8q6dwych5jggqhdtdj6djbqjsv37wrmj3f5bzn3nwtk6zw6rtxfkhkewmqkbmz64mz18vqc6vaw5mhb5bw0nh1hq03jq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee5123250d87ce8da615daeab97babb379eca71f75db52d416bbecc9da184154

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g7t60f9z5s4s4zywvt6yvx249c2n536pgrzxdbrmzmc1mjwva1e4sd40n1xxaw4hgs54ztf461xvtrqgjt451apr6faybb7nna8xr2rjsk4k21hpysdbmpchcaqdtg7zxchc75whjatzymjaep2j5zywb6sfrneqj7cdf4adrxhgc7889kg2zkdcnztvepv2t4a48nzw5baebdbjkmm5sqrmx3yhcn4t47kf0g4xvh43enhrxg9y58fa9wvmhk06000tpz6vz70kh8hs9h0cwevk4wbd30r8pmpdb8b6zy9zc5wcnrt48yzx8p1pzrzq6tpry15m1q9beh7z2hnr55c5t080br01xxyadf1g7sxcyheg5asezx341afryrhsccp875vjgqq08bkft86hfmkc9yr59wc6y8229hsf8p3x0hphgaphpy4ebwk8h8abh4m65eg46y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%26client%3Dca-pub-4485239425924787%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c8544b88ade9b33-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 17:16:26 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 22ms
22ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230516-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Tue, 16 May 2023 17:16:26 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 2221
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1684257386.358921,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 4
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 9615

GET
H2 200 / Show response
pips.taboola.com/ 4 B
119 B 38ms
36ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230112-FRA
date: Tue, 16 May 2023 17:16:26 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame 0AC3 0
365 B 208ms
113ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=71853600129290700951407012326015&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f01e773a0a&subid=&uid=2490ef4f19e03415&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DolijQfIL6OLIiwRh_nvaHQ%26exch_seat%3D20035004448%26mt_aid%3D7576883515838003096%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D64076463-ba69-4101-9b2b-2e8be8e02a14%26mt_cid%3D64076463-ba69-4101-9b2b-2e8be8e02a14%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMmE7abpjZMykGLHWn88Pod-e8AjPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBKUCT9BUpf4nPnyFUla2HVA0fGMSKrU8Czq1gIMrYpnCV6zlJ-s5HEZ0u5AmL8eNzlMH_VRCLh6mbCkWwSntw2rJCNsrW1NvSmXEx7Qw933kAqOzpzhhAIcL63vX1EV2YWXZVt7Wfn4BOCZFrBtdgTAZlX7pe-sAHhOr5FuiKiGzuDokN0G_2_QtgDwzY2AKOvjrjCsghEW4VEcHIaVsx9ds45TNjEI5ueSLvi21Lgt_h7wLooP-jF5NKirxMiIej3aTfOROxAm6Jo6U6VeH_BX_7KQs9u8jGDM2Wfbe1tqHvNUAMN_uGqf3xZWaF3i1igFQwnoUEPC3CLHD_U8K3oEM3LcIVhRtg_iRAzqpy6-PDVuxuFaf6cqeVDs61qgepUrpCQXDn-6ABsmR95rZ0K-t1AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1pgNqGpEcniRQudacEivX7ajdbHg%2526client%253Dca-pub-4485239425924787%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=9481879136192&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Content-Type: application/javascript; charset=utf-8
Date: Tue, 16 May 2023 17:16:26 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: D972DA19:D66E_91EFC182:01BB_6463BA6A_BCCB259:6DD8

GET
H2 200 / Show response
adv.office-partner.de/ Frame 1241 930 B
931 B 93ms
26ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f01e773a0a&subid=&uid=2490ef4f19e03415&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DolijQfIL6OLIiwRh_nvaHQ%26exch_seat%3D20035004448%26mt_aid%3D7576883515838003096%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D64076463-ba69-4101-9b2b-2e8be8e02a14%26mt_cid%3D64076463-ba69-4101-9b2b-2e8be8e02a14%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMmE7abpjZMykGLHWn88Pod-e8AjPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBKUCT9BUpf4nPnyFUla2HVA0fGMSKrU8Czq1gIMrYpnCV6zlJ-s5HEZ0u5AmL8eNzlMH_VRCLh6mbCkWwSntw2rJCNsrW1NvSmXEx7Qw933kAqOzpzhhAIcL63vX1EV2YWXZVt7Wfn4BOCZFrBtdgTAZlX7pe-sAHhOr5FuiKiGzuDokN0G_2_QtgDwzY2AKOvjrjCsghEW4VEcHIaVsx9ds45TNjEI5ueSLvi21Lgt_h7wLooP-jF5NKirxMiIej3aTfOROxAm6Jo6U6VeH_BX_7KQs9u8jGDM2Wfbe1tqHvNUAMN_uGqf3xZWaF3i1igFQwnoUEPC3CLHD_U8K3oEM3LcIVhRtg_iRAzqpy6-PDVuxuFaf6cqeVDs61qgepUrpCQXDn-6ABsmR95rZ0K-t1AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1pgNqGpEcniRQudacEivX7ajdbHg%2526client%253Dca-pub-4485239425924787%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=9481879136192&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Tue, 16 May 2023 17:16:26 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Tue, 23 May 2023 17:16:26 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame F5A8 2 KB
2 KB 188ms
96ms Script
text/html 18.132.62.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=71853600129290700951407012326015&nw=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.62.161 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-62-161.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 7ffac7b0592929e10a8c3aeb6505c5eb76c8af4208c633d8caf5d67fd91c6791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
last-modified: Tue, 16 May 2023 17:16:26 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 16 May 2023 17:17:26 GMT

GET
H2

200

activityi;dc_pre=CP6a79mr-v4CFcrGsgodeXcMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2852188287937.5493 Show response
5994599.fls.doubleclick.net/ Frame A598
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2852188287937.5493?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6a79mr-v4CFcrGsgodeXcMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2852188287937.5493?

392 B
325 B

72ms
70ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6a79mr-v4CFcrGsgodeXcMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2852188287937.5493?

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

f61d4dc8cf6647192f67443f205fd9796ee118f64fa96a0af8db97710173f5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 17:16:26 GMT
expires: Tue, 16 May 2023 17:16:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 17:16:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6a79mr-v4CFcrGsgodeXcMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2852188287937.5493?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900015.redintelligence.net/ Frame 0A75 7 KB
2 KB 84ms
31ms Document
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request_content.php?s=71853600129290700951407012326015&a=25ca20a0
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f01e773a0a&subid=&uid=2490ef4f19e03415&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DolijQfIL6OLIiwRh_nvaHQ%26exch_seat%3D20035004448%26mt_aid%3D7576883515838003096%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D64076463-ba69-4101-9b2b-2e8be8e02a14%26mt_cid%3D64076463-ba69-4101-9b2b-2e8be8e02a14%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMmE7abpjZMykGLHWn88Pod-e8AjPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBKUCT9BUpf4nPnyFUla2HVA0fGMSKrU8Czq1gIMrYpnCV6zlJ-s5HEZ0u5AmL8eNzlMH_VRCLh6mbCkWwSntw2rJCNsrW1NvSmXEx7Qw933kAqOzpzhhAIcL63vX1EV2YWXZVt7Wfn4BOCZFrBtdgTAZlX7pe-sAHhOr5FuiKiGzuDokN0G_2_QtgDwzY2AKOvjrjCsghEW4VEcHIaVsx9ds45TNjEI5ueSLvi21Lgt_h7wLooP-jF5NKirxMiIej3aTfOROxAm6Jo6U6VeH_BX_7KQs9u8jGDM2Wfbe1tqHvNUAMN_uGqf3xZWaF3i1igFQwnoUEPC3CLHD_U8K3oEM3LcIVhRtg_iRAzqpy6-PDVuxuFaf6cqeVDs61qgepUrpCQXDn-6ABsmR95rZ0K-t1AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1pgNqGpEcniRQudacEivX7ajdbHg%2526client%253Dca-pub-4485239425924787%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=9481879136192&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9161fc62c323acfec7166b5ca070e05d606d47fd56388fcd44f6e7d1dc6539f1

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2109
Content-Type: text/html; charset=utf-8
Date: Tue, 16 May 2023 17:16:26 GMT
Expires: Tue, 16 May 2023 18:16:26 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame F5A8
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=71853600129290700951407012326015&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=71853600129290700951407012326015&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
381 B

170ms
88ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=71853600129290700951407012326015&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 17:16:26 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: D972DA19:D79A_91EFC182:01BB_6463BA6A_BCFC384:E32F
X-IPLB-Instance: 40028
Content-Type: image/gif
Keep-Alive: timeout=20
Content-Length: 43
Proxy-Host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=71853600129290700951407012326015&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Tue, 16 May 2023 17:16:26 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame F5A8 43 B
703 B 178ms
90ms Image
image/gif 104.96.147.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=71853600129290700951407012326015&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.96.147.178 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-147-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2023 17:16:26 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame D6D5 103 KB
13 KB 38ms
38ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=a336912798cc01dda4d59d7d266c4608%2F17945804830575939436&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684257386298&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1htrbccs2vkzkv1gp20ds44a1kke3qvch84z0zmg6sq50823r2bws8jydb702shj7fkxb09zctepw2kfyd7k0aba3rdy378ywh78memaxn2z04ng8p89ntbth8j1snkt6rk4wwmdzvqg7p1167bcmxq27rwjm84xnzdtgd7han9yywhejkqz7xs7z6fgq8q6dwych5jggqhdtdj6djbqjsv37wrmj3f5bzn3nwtk6zw6rtxfkhkewmqkbmz64mz18vqc6vaw5mhb5bw0nh1hq03jq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=a336912798cc01dda4d59d7d266c4608%2F17945804830575939436&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684257386298&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1htrbccs2vkzkv1gp20ds44a1kke3qvch84z0zmg6sq50823r2bws8jydb702shj7fkxb09zctepw2kfyd7k0aba3rdy378ywh78memaxn2z04ng8p89ntbth8j1snkt6rk4wwmdzvqg7p1167bcmxq27rwjm84xnzdtgd7han9yywhejkqz7xs7z6fgq8q6dwych5jggqhdtdj6djbqjsv37wrmj3f5bzn3nwtk6zw6rtxfkhkewmqkbmz64mz18vqc6vaw5mhb5bw0nh1hq03jq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 697030
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Q5TT4s6K7K3AiRUnQZtyN0cJoppG5nKFZB4ekHIoNkBZQENoY1K5p8aV3yNRo1uoyW49pOJWYQD%2BdaGECbPARA1m6l1jkhrp6%2Fy9viJZrwwNaOit98%2BkFsBs310pll%2B4MmzvsUHkEE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7c8544b8fb489b33-FRA
expires: Tue, 16 May 2023 18:16:26 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame D6D5 5 KB
5 KB 41ms
33ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=a336912798cc01dda4d59d7d266c4608%2F17945804830575939436&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684257386298&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1htrbccs2vkzkv1gp20ds44a1kke3qvch84z0zmg6sq50823r2bws8jydb702shj7fkxb09zctepw2kfyd7k0aba3rdy378ywh78memaxn2z04ng8p89ntbth8j1snkt6rk4wwmdzvqg7p1167bcmxq27rwjm84xnzdtgd7han9yywhejkqz7xs7z6fgq8q6dwych5jggqhdtdj6djbqjsv37wrmj3f5bzn3nwtk6zw6rtxfkhkewmqkbmz64mz18vqc6vaw5mhb5bw0nh1hq03jq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 414409
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Izli5KAhG%2FDj074ht3U9T58r9ih7YwotGP73b5mNp5%2F%2FpzqGtkHTMgObS97%2FELLOCQXvOpo%2F0m3i9UsXoBSIUMlKjGOGHdUoabui49FY9jN3umJ0h0yBZiAkItsy6poGGgCnUWU2G90b%2BZtg"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c8544b9097d6909-FRA
expires: Wed, 17 May 2023 17:16:26 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame D6D5 54 KB
55 KB 45ms
42ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=a336912798cc01dda4d59d7d266c4608%2F17945804830575939436&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684257386298&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1htrbccs2vkzkv1gp20ds44a1kke3qvch84z0zmg6sq50823r2bws8jydb702shj7fkxb09zctepw2kfyd7k0aba3rdy378ywh78memaxn2z04ng8p89ntbth8j1snkt6rk4wwmdzvqg7p1167bcmxq27rwjm84xnzdtgd7han9yywhejkqz7xs7z6fgq8q6dwych5jggqhdtdj6djbqjsv37wrmj3f5bzn3nwtk6zw6rtxfkhkewmqkbmz64mz18vqc6vaw5mhb5bw0nh1hq03jq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504945
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55786
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzuBmXAhOFSHcSXJH0jNe1QuT0LvbYQ06eT7KquR3JWKNLDFsVMwrYaC4A4RQvFVjv7c7jgwXR6FehfYlPR9%2BsT5GSMJ%2FkHMg%2FlemehIUAIBuM8FxkI0Pdz0XcDOAmPHo6oBdOaNsOX3FoVl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c8544b939b76909-FRA
expires: Wed, 17 May 2023 17:16:26 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame D6D5 2 KB
3 KB 58ms
56ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=a336912798cc01dda4d59d7d266c4608%2F17945804830575939436&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684257386298&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1htrbccs2vkzkv1gp20ds44a1kke3qvch84z0zmg6sq50823r2bws8jydb702shj7fkxb09zctepw2kfyd7k0aba3rdy378ywh78memaxn2z04ng8p89ntbth8j1snkt6rk4wwmdzvqg7p1167bcmxq27rwjm84xnzdtgd7han9yywhejkqz7xs7z6fgq8q6dwych5jggqhdtdj6djbqjsv37wrmj3f5bzn3nwtk6zw6rtxfkhkewmqkbmz64mz18vqc6vaw5mhb5bw0nh1hq03jq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2271522
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HL4pizeV3bCOTNKEdFBQD0Rh0cyth7mGVs9oyKwqbTyHX%2BqFjqlv4Gh2LWJBeBScBPP%2FzIeQ%2B6%2FwNIIy9r1yEQowOQQEE03RmXUw0%2BK7hA9dPcPWLK1ayOSQrev0FD2Q1CmGjARsea2BZvIp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c8544b939be6909-FRA
expires: Wed, 17 May 2023 17:16:26 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame D6D5 339 KB
340 KB 66ms
63ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=a336912798cc01dda4d59d7d266c4608%2F17945804830575939436&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684257386298&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1htrbccs2vkzkv1gp20ds44a1kke3qvch84z0zmg6sq50823r2bws8jydb702shj7fkxb09zctepw2kfyd7k0aba3rdy378ywh78memaxn2z04ng8p89ntbth8j1snkt6rk4wwmdzvqg7p1167bcmxq27rwjm84xnzdtgd7han9yywhejkqz7xs7z6fgq8q6dwych5jggqhdtdj6djbqjsv37wrmj3f5bzn3nwtk6zw6rtxfkhkewmqkbmz64mz18vqc6vaw5mhb5bw0nh1hq03jq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1894746
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnw9Ps1LE0rC0uOMRRkVzqGawhtz%2BtB02MKqSnIkkYoINuxG4x%2BlOJG7ex2J5GdOnID7QA696XTzP%2FR9HOGQlUDGLpM4K8guWuAH6jmz%2Bg%2BQJ%2FJ8lp3FzokcbDqMVFYLZS4Md27Nijk9RYVw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c8544b939c16909-FRA
expires: Wed, 17 May 2023 17:16:26 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame D6D5 43 B
704 B 186ms
119ms Image
image/gif 104.96.147.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=a336912798cc01dda4d59d7d266c4608%2F17945804830575939436&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684257386298&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1htrbccs2vkzkv1gp20ds44a1kke3qvch84z0zmg6sq50823r2bws8jydb702shj7fkxb09zctepw2kfyd7k0aba3rdy378ywh78memaxn2z04ng8p89ntbth8j1snkt6rk4wwmdzvqg7p1167bcmxq27rwjm84xnzdtgd7han9yywhejkqz7xs7z6fgq8q6dwych5jggqhdtdj6djbqjsv37wrmj3f5bzn3nwtk6zw6rtxfkhkewmqkbmz64mz18vqc6vaw5mhb5bw0nh1hq03jq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.96.147.178 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-147-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2023 17:16:26 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame D6D5 36 KB
36 KB 65ms
63ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=a336912798cc01dda4d59d7d266c4608%2F17945804830575939436&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684257386298&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1htrbccs2vkzkv1gp20ds44a1kke3qvch84z0zmg6sq50823r2bws8jydb702shj7fkxb09zctepw2kfyd7k0aba3rdy378ywh78memaxn2z04ng8p89ntbth8j1snkt6rk4wwmdzvqg7p1167bcmxq27rwjm84xnzdtgd7han9yywhejkqz7xs7z6fgq8q6dwych5jggqhdtdj6djbqjsv37wrmj3f5bzn3nwtk6zw6rtxfkhkewmqkbmz64mz18vqc6vaw5mhb5bw0nh1hq03jq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1986247
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzHbQxeixkamHcAgVGMAEcru34AC11AXrybpj%2FyCKixHXWJxIO3k1r%2BX%2Fk2D3gfeut28f8qf6F0xCyCYidViTLC2HkLblB4R7lNqFOaoCQWmRC4RPuqRwAgARR4%2FRhSCfHWfgLqGekYjyiBk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c8544b939c46909-FRA
expires: Wed, 17 May 2023 17:16:26 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame D6D5 38 KB
38 KB 35ms
33ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=a336912798cc01dda4d59d7d266c4608%2F17945804830575939436&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684257386298&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1htrbccs2vkzkv1gp20ds44a1kke3qvch84z0zmg6sq50823r2bws8jydb702shj7fkxb09zctepw2kfyd7k0aba3rdy378ywh78memaxn2z04ng8p89ntbth8j1snkt6rk4wwmdzvqg7p1167bcmxq27rwjm84xnzdtgd7han9yywhejkqz7xs7z6fgq8q6dwych5jggqhdtdj6djbqjsv37wrmj3f5bzn3nwtk6zw6rtxfkhkewmqkbmz64mz18vqc6vaw5mhb5bw0nh1hq03jq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2401763
cf-polished: degrade=85, origSize=133780, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38661
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYt0dDVdjBMkEueFKTnhHVpzqC%2B2rDuy3SDWX9mgPaTnV%2BK9Frcln0BK5ALzd3HdlKyXidooyXkMW8HwcnbX%2FS0tX7SUYdivlLBxQApgODtzljWMbLdb4TdsbHX%2FpAZvUscTSPOz5XCW91vu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c8544b939c56909-FRA
expires: Wed, 17 May 2023 17:16:26 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame D6D5 43 B
704 B 185ms
118ms Image
image/gif 104.96.147.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.96.147.178 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-147-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2023 17:16:26 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DC60 1 KB
643 B 24ms
22ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Wed, 17 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F5A8 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23659cb829956f8f0ef79dbb2489c6799420af205d6d9a19d22d31a394165b59

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 328ms
102ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=d14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 16 May 2023 17:16:26 GMT
cache-control: no-store
server: nginx

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame DC60 0
104 B 184ms
73ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEObM3DjYgq4x99bZmdQQs0E&google_cver=1&google_push=ATf1kGN0hxtWTG1ja9ESvQqIcaIndi3oo-9jB6SKP1KnADCl6YYCPHLAKnqqnP7wKMaRXAld8dfcl84MsH96I15Uzm4UBkEKyJGWdw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134191&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385006&bpp=19&bdt=711&idt=233&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=2&ga_vid=954611832.1684257385&ga_sid=1684257385&ga_hid=1808754396&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=980&biw=1600&bih=1200&isw=336&ish=280&ifk=3748379907&scr_x=0&scr_y=0&eid=42532186%2C44759926%2C44759875%2C44759842%2C42532090%2C44773810%2C31074469%2C31074545%2C44785292%2C44788442%2C44792089&oid=2&pvsid=2716245047709924&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w9r6tz6uww5o&fsb=1&dtd=265
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC60
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMI8Q6AlcfzsjJ59qnE4l48&google_cver=1&google_push=ATf1kGNLQJOlkmNsvBSRDyKl4wxGC2PjbqywRvVW2CqNY7Me7TeyRPROZeKpA0OQmP_Ut6iA5tiyPUHcEZZXYcy0...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ZAdkY7ppQQGbKy6L6OAqFA&google_push=ATf1kGNLQJOlkmNsvBSRDyKl4wxGC2PjbqywRvVW2CqNY7Me7TeyRPROZeKpA0OQmP_Ut6iA5tiyPUHcEZZXYcy0ZVNGJx5d...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ZAdkY7ppQQGbKy6L6OAqFA&google_push=ATf1kGNLQJOlkmNsvBSRDyKl4wxGC2PjbqywRvVW2CqNY7Me7TeyRPROZeKpA0OQmP_Ut6iA5tiyPUHcEZZXYcy0ZVNGJx5dJRt6_Q

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 16 May 2023 17:16:26 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x31 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ZAdkY7ppQQGbKy6L6OAqFA&google_push=ATf1kGNLQJOlkmNsvBSRDyKl4wxGC2PjbqywRvVW2CqNY7Me7TeyRPROZeKpA0OQmP_Ut6iA5tiyPUHcEZZXYcy0ZVNGJx5dJRt6_Q
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 16 May 2023 17:16:25 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC60
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECvOYRYoDcospa43LOqLPak&google_cver=1&google_push=ATf1kGOSdpUSKZlK8prakRnoeU9Hcv-kmt31uROGZJ_oA6dLSO52l8pw3xu3k7aGDRwd_ffOV55X7IPW_0F7Pbu6xFlMc0-MkYUr9w
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=226AB91CBDB04BD3B2B4D09F19F40565&google_push=ATf1kGOSdpUSKZlK8prakRnoeU9Hcv-kmt31uROGZJ_oA6dLSO52l8pw3xu3k7aGDRwd_ffOV55X7IPW_0F7Pbu...

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=226AB91CBDB04BD3B2B4D09F19F40565&google_push=ATf1kGOSdpUSKZlK8prakRnoeU9Hcv-kmt31uROGZJ_oA6dLSO52l8pw3xu3k7aGDRwd_ffOV55X7IPW_0F7Pbu6xFlMc0-MkYUr9w

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 16 May 2023 17:16:26 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=226AB91CBDB04BD3B2B4D09F19F40565&google_push=ATf1kGOSdpUSKZlK8prakRnoeU9Hcv-kmt31uROGZJ_oA6dLSO52l8pw3xu3k7aGDRwd_ffOV55X7IPW_0F7Pbu6xFlMc0-MkYUr9w
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 15 May 2023 17:16:26 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC60
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECDpvHpKkkNhnlQHrj2GB5M&google_cver=1&google_push=ATf1kGOuXqwIZsO6axJ1AsVIN74XaGwn30eAa5bocqovBoJTWBswPz5uoS9jPDXR_pxJcYgmUich96hXq1LOrOpQHZWf8cP...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOuXqwIZsO6axJ1AsVIN74XaGwn30eAa5bocqovBoJTWBswPz5uoS9jPDXR_pxJcYgmUich96hXq1LOrOpQHZWf8cPpW_C4fQ&google_hm=eS1RUF9jN04xRTJwRmVw...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOuXqwIZsO6axJ1AsVIN74XaGwn30eAa5bocqovBoJTWBswPz5uoS9jPDXR_pxJcYgmUich96hXq1LOrOpQHZWf8cPpW_C4fQ&google_hm=eS1RUF9jN04xRTJwRmVwV1BGLjBSejgwYTY5aHJ1UllTMn5B

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 16 May 2023 17:16:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOuXqwIZsO6axJ1AsVIN74XaGwn30eAa5bocqovBoJTWBswPz5uoS9jPDXR_pxJcYgmUich96hXq1LOrOpQHZWf8cPpW_C4fQ&google_hm=eS1RUF9jN04xRTJwRmVwV1BGLjBSejgwYTY5aHJ1UllTMn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC60
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBR99zpIR4xZZBX1o7IuW2U&google_cver=1&google_push=ATf1kGOi5RLSE0x7F010Y2YQoz-EeFPlVtj2rv4G37JTn9lFKOKDWknNxtU_Hh1eyzEDc2tGLiZBEaZr...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMzODY0ODYzNjc0MzE4NDA0OQ&google_push=ATf1kGOi5RLSE0x7F010Y2YQoz-EeFPlVtj2rv4G37JTn9lFKOKDWknNxtU_Hh1eyzEDc2tGLiZBEa...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMzODY0ODYzNjc0MzE4NDA0OQ&google_push=ATf1kGOi5RLSE0x7F010Y2YQoz-EeFPlVtj2rv4G37JTn9lFKOKDWknNxtU_Hh1eyzEDc2tGLiZBEaZrh_MB40uZy92dtk9IQ2yDtw

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMzODY0ODYzNjc0MzE4NDA0OQ&google_push=ATf1kGOi5RLSE0x7F010Y2YQoz-EeFPlVtj2rv4G37JTn9lFKOKDWknNxtU_Hh1eyzEDc2tGLiZBEaZrh_MB40uZy92dtk9IQ2yDtw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC60
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELxSOlEQQ9PmrwNdbYdPTEk&google_cver=1&google_push=ATf1kGMYe57BPFTAX6fOg1JHnFYaNHjjQpcNGeolKY43XU_7D2Q4waUzD1oBzHqvGiCoBf4QxIH...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhRSkQwU1EtMjYtOTVYVg==&google_push=ATf1kGMYe57BPFTAX6fOg1JHnFYaNHjjQpcNGeolKY43XU_7D2Q4waUzD1oBzHqvGiCoBf4QxIHDrAs_n-CUABRPKvrYfO_wjeEiVw

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhRSkQwU1EtMjYtOTVYVg==&google_push=ATf1kGMYe57BPFTAX6fOg1JHnFYaNHjjQpcNGeolKY43XU_7D2Q4waUzD1oBzHqvGiCoBf4QxIHDrAs_n-CUABRPKvrYfO_wjeEiVw

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhRSkQwU1EtMjYtOTVYVg==&google_push=ATf1kGMYe57BPFTAX6fOg1JHnFYaNHjjQpcNGeolKY43XU_7D2Q4waUzD1oBzHqvGiCoBf4QxIHDrAs_n-CUABRPKvrYfO_wjeEiVw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC60
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELTgTSeVh...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4e06aa41-109c-4ece-b057-ada93514e051&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4e06aa41-109c-4ece-b057-ada93514e051&%%GOOGLE_PUSH_PAIR%%

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4e06aa41-109c-4ece-b057-ada93514e051&%%GOOGLE_PUSH_PAIR%%
date: Tue, 16 May 2023 17:16:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DC60 0
12 B 31ms
30ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JnDZS1AwKlAqz7KMWh8KxyOYBE4JFfy5X1yqsOSd3aRFi3lf2ZiiVlZrm9oEPFPf6NtjpU-A

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 link.html Show response
track.webgains.com/ Frame D6D5 2 KB
2 KB 92ms
85ms Script
text/html 18.132.62.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h4b7rwatnf5fndv7zevdq7scpd5hgzh70hsv4bmntgnqfj2gb9a484997wc7kxskv1hqmahpej2c6rkqq22bfmzbpe727vh8spn939z5rjbrmjc8tajavgf5s5885h9matsrvgcnsnxzfnzn6819jjdjgbzq9vd09xsppfvr8qnrqxcckstzrhfbw958rp337tdtcg55s3xjyrdkmxsmpf1kf8hkcqxj71jqp5qqvbvywf30w3r51meqbpf27zbwhcda%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1htrbccs2vkzkv1gp20ds44a1kke3qvch84z0zmg6sq50823r2bws8jydb702shj7fkxb09zctepw2kfyd7k0aba3rdy378ywh78memaxn2z04ng8p89ntbth8j1snkt6rk4wwmdzvqg7p1167bcmxq27rwjm84xnzdtgd7han9yywhejkqz7xs7z6fgq8q6dwych5jggqhdtdj6djbqjsv37wrmj3f5bzn3nwtk6zw6rtxfkhkewmqkbmz64mz18vqc6vaw5mhb5bw0nh1hq03jq0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%252526client%25253Dca-pub-4485239425924787%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=a336912798cc01dda4d59d7d266c4608%2F17945804830575939436&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684257386298&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1htrbccs2vkzkv1gp20ds44a1kke3qvch84z0zmg6sq50823r2bws8jydb702shj7fkxb09zctepw2kfyd7k0aba3rdy378ywh78memaxn2z04ng8p89ntbth8j1snkt6rk4wwmdzvqg7p1167bcmxq27rwjm84xnzdtgd7han9yywhejkqz7xs7z6fgq8q6dwych5jggqhdtdj6djbqjsv37wrmj3f5bzn3nwtk6zw6rtxfkhkewmqkbmz64mz18vqc6vaw5mhb5bw0nh1hq03jq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.62.161 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-62-161.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 4449730fd2b313759f72b2392ecf31ff04c2139e4f19331596a7b988bbf1babb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
last-modified: Tue, 16 May 2023 17:16:26 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 16 May 2023 17:17:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A75 5 KB
1 KB 88ms
32ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=71853600129290700951407012326015&a=25ca20a0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30ece5ac4e330eb0d7d2f0ff3096f914def5a156abfd9f6f0352d03bcf40311b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 May 2023 17:16:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 May 2023 15:33:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 May 2023 17:16:26 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 0A75 16 KB
16 KB 82ms
27ms Image
image/png 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=71853600129290700951407012326015&a=25ca20a0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 1dbea8d7c15e0f055e0db468c53da8ef1094b42d92a245d5a13fe7036130b972

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 17:16:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16231
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 0A75 16 KB
16 KB 80ms
26ms Image
image/png 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=71853600129290700951407012326015&a=25ca20a0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 348282529428066e4b83b9a3adcd8d1a17d51f0b7e60073f7d71bd66ff9c85fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 17:16:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16513
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 0A75 17 KB
17 KB 87ms
29ms Image
image/png 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=71853600129290700951407012326015&a=25ca20a0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 3b1628364ad1116ce8d30123ad0a4e4cecdf10d6161f8c44ee8bf21cfbb335b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 17:16:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16839
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 1241 109 KB
42 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8af1695b15b1e8ea576187f0d6f6aa25f14d09aab0e5fed3411c79d9fc11f1cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:16:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42736
x-xss-protection: 0
last-modified: Tue, 16 May 2023 16:37:59 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 May 2023 17:16:26 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame D6D5 85 KB
31 KB 96ms
27ms Script
text/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h4b7rwatnf5fndv7zevdq7scpd5hgzh70hsv4bmntgnqfj2gb9a484997wc7kxskv1hqmahpej2c6rkqq22bfmzbpe727vh8spn939z5rjbrmjc8tajavgf5s5885h9matsrvgcnsnxzfnzn6819jjdjgbzq9vd09xsppfvr8qnrqxcckstzrhfbw958rp337tdtcg55s3xjyrdkmxsmpf1kf8hkcqxj71jqp5qqvbvywf30w3r51meqbpf27zbwhcda%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1htrbccs2vkzkv1gp20ds44a1kke3qvch84z0zmg6sq50823r2bws8jydb702shj7fkxb09zctepw2kfyd7k0aba3rdy378ywh78memaxn2z04ng8p89ntbth8j1snkt6rk4wwmdzvqg7p1167bcmxq27rwjm84xnzdtgd7han9yywhejkqz7xs7z6fgq8q6dwych5jggqhdtdj6djbqjsv37wrmj3f5bzn3nwtk6zw6rtxfkhkewmqkbmz64mz18vqc6vaw5mhb5bw0nh1hq03jq0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%252526client%25253Dca-pub-4485239425924787%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 23:37:10 GMT
content-encoding: gzip
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 63557
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: f-b34UwH4i-yVIICBHlHWljDdSwVL_RDSAhvBRBkSI6fkJ3btSh1AQ==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame D6D5 15 KB
15 KB 84ms
25ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1684257686&Signature=T6ugXtRuy3N8ExdwLMGEfCUYKI9DMvkDAovetFoxvHT6ii6J~1paRpdfAf2I9EoffUFtGkg5Ct6Aely~yfSf39PymKCrGnn-DJTy3PmLnq0SAio~sbUenMFw3DcKT928yxIHsNGxDT5hyLLfDFNUlm5dIBHW4KQpN2wGnXcJFDXRA6AWWYT7oNrtxHKxPVt-5-v~p8IxHtGFP-dvoWM7Santv8GBotRjntQ~Me1-Sq3-iqyLo0wswwlBL74ad~c-ucd9HMI2FrGVEKpbWF-Nc4tX57LiVtVfAFlUuZ4uEww5798HIpv3ISQrv93igvetNZps~vmp1dVgB4pkgIo8YA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=a336912798cc01dda4d59d7d266c4608%2F17945804830575939436&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684257386298&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1htrbccs2vkzkv1gp20ds44a1kke3qvch84z0zmg6sq50823r2bws8jydb702shj7fkxb09zctepw2kfyd7k0aba3rdy378ywh78memaxn2z04ng8p89ntbth8j1snkt6rk4wwmdzvqg7p1167bcmxq27rwjm84xnzdtgd7han9yywhejkqz7xs7z6fgq8q6dwych5jggqhdtdj6djbqjsv37wrmj3f5bzn3nwtk6zw6rtxfkhkewmqkbmz64mz18vqc6vaw5mhb5bw0nh1hq03jq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 16 May 2023 02:04:09 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 54738
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: F81iQ5R0hwV07wmocTlWTXAspHYPhQy-z-2nxvNPoRmm2w24YRyVqw==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8A6E 0
0 62ms
61ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305100101&jk=832394140906904&bg=!fn2lfSnNAAYldGN0BXQ7ADkAdvg8WnOZ1VWLtqYX1iZ7NunNtgutP_s0uD9t-PqDM5H5w0Dg5PvETs0Nf1heELLOKprSHMowIrsCAAABXVIAAAAKaAEHmQKyHxz1kP1I2thOhRU_3dFDcxq4jvkma5IJbtg_VxZ2YoiLHhKo2tbONyE9bMk68NnFLxA7EYeGYSZi7gUctiktzGVcaHGKClQg2wQpHQP0PnH7zLO07dpfLkI0TPn7O3m1nqmSweNxSoNNpH8LZk0L0QK65tk33NsH4O7pIw5er9ZSPm8WdF-x9YSPkseklKSnWO1kTVI5nZMvMdWUXewzo-Zvl2uYfL83KAGmyE5Q3qt5c-dgM-oB5LrApX7taB3pXoBToU8K-UGW9km2ril7bXWgSy7iFNssfRWaw-m9W_ou7G3SEOhnrpiOhoNfs9WTawQvaFxROnvJhKmF19kTULlkp9G8qzA9YcowfwJRMgktdpb461c3njRin-v27YdF_pJC0X2LzY_bC7av8JNPvzYt-8tCxTyRxiXc0qxDvjyHSu7oK4vGqPu4ndFUgqcJEYN3Ozn-91EA_DeW6Ox44W0ogS4EMI6X9p8-6jGs7LWGPHgYnRB-g3xulbz3SSjrqX7i2wP7ZJLG_IAmQ0FraDNCnSnvkKkJi1gif3PnsA9rpK1jVooinw-YIATI2exKZ46z7PXsOQXJKvalTwpGBYpIVPkWEAMrAzwxI3To_wHtrWT833_mL_OnR2zRgYp8V8T5qEe9QT6hSMCd-3U2TIihh1y1sDrG0B6JBa6KbamQs-ZI1flkFbGRT2Q0pkQnDGUQEr1j3hn_gd4IpFFxctrhxPpdYGKl-ltLcx-uo5bT-nUY7Jsh80mH8VhmN32Fr0Z6ZbEOr1Pj2vObMphaqh5M4CBNYmYZeZLTLCEK54g5-AK8NxfGNOAJa1iCdefHp52tEc0zM4XgFJ_b_gz8i6S7EZtKpdfcReUvOX0Evxwouz4uPVwPOJsLoei6A6MQoW0fAhEax0TGeBYMhHt655Kb
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
hal900015.redintelligence.net/ Frame 0A75 0
150 B 82ms
27ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/viewability?s=71853600129290700951407012326015&a=5e73d82d&vb=m
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=71853600129290700951407012326015&a=25ca20a0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/request_content.php?s=71853600129290700951407012326015&a=25ca20a0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 17:16:26 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EF36 0
0 63ms
62ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305100101&jk=1140371982664674&bg=!hoWlhdHNAAYldGN0BXQ7ADkAdvg8Wn-i6zTwNNKrEmhMNxQeD6gmfAPSC3gPJDCCi8ir5gBM58L6U7n_1CXdUGXMNx24EBWMZKkCAAABXVIAAAAEaAEHCgCGGdEQlg19wWA5ZoUtK1C9ShkvrIVzTNo4IWB5dbc2G92djA-WkvnI50VmLIXAITo2-vdvs1f6TSkYv0P2UFG0O0kPTwSIS9fRYotnkOwreXoYqIo35OP6R30-fiyT63nWN2lRPlq_8LRR7RCu6hHW7u43zf2RKqzDsp9vFcHW96NLQ-6c6SGZAreQKJTE_EXrdu0yHHlXUP8cVpgC532bIPATd5NYPMM1gtQS7TnYpJN0VeegbqpDw-T7PcFtyU38cBjQCqOSPQ9dYR0qQVRDurDpIoUwHmDDKnT9l8U1bR3BPVAASojG2YLMAg4Ne7aCCzozmgW6GYVT9JU2-nl7oJrBC9x1ftGZ3UOvCTXXhimDyksrjAVkxu2j1aTVWbLeYpeQ0N2RmKhasKeOIGA-6LoDLOSjAS1UgM0DTyAQ2ZYHJawcV1heJ4VNdZcE89Z-rRFnjiOMuLW1zuYQt7H0tMSIYgy75G7VFscIyCKuZTF2tWqzykFRy5rPBNyH5P9jJPFYVq_USmylKPmPZozNMCDK6veH4j1Zgh0-OgK98AV2HDuWkFf5Zt-DjWOt4d3XFPYpTgO9iFmKI5yHRWr9QqIhXTXB94luhcF9R4U9MPbS2Rqpn3vZA2E9lSP1YeADP2XO_QuJ1cXqyoPeVNYzULcVZ7pqQ_dZLJhl0qGPSagQaqzprpvCf1jWWmVlzY_xn_4hW_GKJCg38CYBUjy0EhLHc04i-_aufc2Xpsfil3jTa5ePPRUw9uhAcJPCUFRc6NiVdTndTBoXfC0vFDadXO0Q6-_W1FVJ5Rmsi83o72HXz_X_fcX1dAz9XGnJqTXP2TSWSSAMy-nReKEpuaXtzRpPCtJOknbS303t0RyChIeo1JJtMKkasAheia3wUbgQ7DUFDIJ9RgDjXq7kUWO9hrczdx6_E2wevWA_f-gpD31sY6oEW0HumR1BafKGWkhwf0U9n5xrF22nzCE4JalPeyq94Yx-nIbv0pthSrRa2YmT8k2PNeB3ujgC7I4Phwv2IuvUqzoxR81Gsw89Y48Ebzo2o1ZntDmyLx8Qe-UBA2RpRAJPWt-aLkMbEm2awTyNl49FCmuxgS9PE43jVz4PNw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AB85 0
0 63ms
63ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=2716245047709924&bg=!4uGl4bXNAAYldGN0BXQ7ADkAdvg8WhvQtivxzz3q0fWI4R6zNM_PiMaIlyeqWq-9rBni3YDYJ-N6F0pZ2O5ViJKlkgX6wFUp1yICAAABU1IAAAAEaAEHmQKvRkz5BMpF70LebcOveyeG0H5lv48k9tpabbDCiMV70aAF6J9OQMuvQbLhXhov-kklmEkvkwOv3Pwh4GuThcFmnHWOXJwcjAsh-b-lSf4gUjhXHkvu33sUalczTV6CDop3a5Dc3RVoGGlFJQ_kexxu3IvH14mmE7CSZCgd54RrniCJNPJh_RNzk9acdR9MHcRnGpIXyF2sdABPa93idgIgG7R4bXF2dSjFxdyA7W5Lg8Tts3xV2l-MX85ajt_vFmBpynSUnRgeRCf7whBFKOUA_BS-eJflcyYH0oJANT16VzqP1MIN_c8n-StEYbAQqhhzDZJ_FMMnIysWJqWxzS1rrLG-GCq0hNJfVfOYABdAPhfA4VI4OjGluS_p_Cc23r8bc7rJYU2HMGB61Fah8m3PeWKCePH12RCNfc50tMvuebwd_qjvI464IJmNCSyjtVlE7pkuivu3N_LdvRtraUHpgtvXiakv613zZSdD6v732OjsDvvsUo6uVd64dpL4XQoERL6_Gj3-5DCgXNsRtyIFR0jgznUGgPiS5wvkBSCH9_ZgyFt792kVk1YOUboFS2AoqcfqyznUHlWWI8XmKdyV2L4LMj3V-dPkovIudQgJABzIIfu_jtH-usZ9lK0BXo8YNhKx9pg9U2J53U7cW9Qk3CH8Q2SZVuCTQQEzrCyfUztIPRy_zMXzVbhtNIKgDasL4G8Wi34SeZYIKTcY8b72Js6YDB2dAQ5GWMxcgHQFi1uUKjjk0z7vAZMo58wosSF57R9PYoyZKG0xP7cjs2y3EoSl9wcSXD3si4GzCb1TFOePWjz-s4rYnwQXtweF59eP-uRK4ednEf02YZYxz1b82fJLqgeKPEXUVQQJViA0x1X_hUcWrFVkjFB6v0CaUNqX2mcQrmSw9QKOsTOM9Drp
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame F5A8 85 KB
31 KB 106ms
48ms Script
text/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=71853600129290700951407012326015&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 23:37:10 GMT
content-encoding: gzip
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 63557
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: Cs2zVr0EkNDjNgl8eGKtXuGH8QN2YLYCCFchtkK3QC6sHDJr2o2tdA==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame F5A8 3 KB
3 KB 73ms
26ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1684257686&Signature=Z-e3w5vHofcQmqQUlEHDsCq0~z-tVsxtr0gOTFrDKNnxytuuSiywI9XzpyGIi2ylcCiK3WQw5CzBP-PKjggbLPLJ3V6IwPjZjJDveehelTsoceWa1zOvhyBBZivp647Mkx8N~OL6VGSb4rfpYK6mTBLJw0q-6jQTN93bh469b7YxpaPzpYa7ox6EX6~MkBWmYF~WCcluQ0-ZOQY9AenKxXvhLLdnYH2Mkhs0caxG6mOp2v0nTBpyUlr7oBGTlvhz13t3-vJSWw3hYfN47KRVwDZ8yqU6w4Mh21~fesZXUeqpldx6VQUYlOWvs2K8XoN-GX2AS3qEX~s7t8iJ~aiXSg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134191&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684257385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684257385006&bpp=19&bdt=711&idt=233&shv=r20230510&mjsv=m202305110101&ptt=5&saldr=sa&correlator=4390755397547&frm=23&ife=1&pv=2&ga_vid=954611832.1684257385&ga_sid=1684257385&ga_hid=1808754396&ga_fc=0&ga_cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=980&biw=1600&bih=1200&isw=336&ish=280&ifk=3748379907&scr_x=0&scr_y=0&eid=42532186%2C44759926%2C44759875%2C44759842%2C42532090%2C44773810%2C31074469%2C31074545%2C44785292%2C44788442%2C44792089&oid=2&pvsid=2716245047709924&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w9r6tz6uww5o&fsb=1&dtd=265
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 15 May 2023 21:01:00 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 72927
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: qkG-6Upur_2oa6CTR-Lz_ZAnE_dBWnrfj8rf_oiAkajZgVaFefWXjw==

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 0A75 13 KB
13 KB 77ms
22ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900015.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 03:23:58 GMT
x-content-type-options: nosniff
age: 395548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 03:23:58 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 0A75 13 KB
13 KB 163ms
108ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900015.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 17:12:56 GMT
x-content-type-options: nosniff
age: 432210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 May 2024 17:12:56 GMT

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 5317 0
268 B 271ms
270ms Script
text/plain 54.65.183.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.183.34 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-183-34.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H3 200 dc_pre=CP6a79mr-v4CFcrGsgodeXcMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2852188287937.5493
adservice.google.com/ddm/fls/z/ Frame A598 42 B
63 B 59ms
58ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CP6a79mr-v4CFcrGsgodeXcMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2852188287937.5493

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6a79mr-v4CFcrGsgodeXcMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2852188287937.5493?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0DBE 0
0 62ms
60ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=146831319684748&bg=!WFulWw_NAAYldGN0BXQ7ADkAdvg8WuGhhg2NPNwfjD0aV0jucedcomhm-hKwjZNR5OV2fLZ8B5Przh1zZvzAvaPCUCP_I4rtrPUCAAABClIAAAADaAEHCgDaqP3dXZZeHxGBRuSk3FdTIC5BRYq4HxxipRzwc4t1C4EQ1SDB9yMZWNn8XIq7FNbkBdwQhLZIRHUYXzaR2amUpXWievZmAZHwrJSfuGTgUqEcuqbYmKanKlmFNFcdRpGimclKgTc7DApusuUsfwpA2yTHgrruFHISgf2n029wGWgiqDranTE4xD7N3ulUDpaqNuhKGfYO7O3hv8m1F6BUHNUEdIJQMdVK1CI7MBa-gii-lJzIslB96SBw0lCpBvd1FcKV4ywCY-RgrUlxx6uaP_ZYAOm6YtSIkaeZAqsbPhdbxIbUP0UOzW3sJB5TOSwzdj_0T_glN_LFSawSl-8nMaHJv8TfRP2iqh_qny6BptoaDf6xVTXg2BWuuANVWcltGJFJX7OtJyi5IFFIFL1QzieaNDNw84B2xpLVT6srG5R0-HPmvZ7FchzrxdznmdexAnqQ5QQXTZFv6zRFgWJEKZiU48hBv4vKJYU9bLjehQuLIMRrq5bz0NcTUuOTSGynet9nyb6WUhpXnZykw4-k3Zpk-CtoLFq2zL3CLeVchz5YwTBCjER4tj3SMw6d1vrvzmV40vtcg7OWIVy5u26yBbhy5aJ_hk-Bw-g8AdD2klcDiqotpOoWGSvlCZiWbrVk3gvR5VUwitXtDREElqek2hoLkqtkJXO9dDMQYDAa48VU6nTYKCqLXSLruUUX7mle9MwNjkFHUn5u--UzezmY0mzvw2M7lV4bcH-0McqRdZ9GtLDePquI-x15C7rmzsBjcN5RgeLvYc2jxo820CtuO4x2kKIzoN8FyJpMPqc1jDRZ-zBzCgOaI58LPmjkdbMlxQ4aZY4H0n6bOCRwdqqSh2gse04eUZNdXmjf5cRGaCg7lhr6jzbCKSIHtewQgNY3CUKhIhpXa5wPfNxqP2_SuxYiHobThYhwvj9yRjf-ZjYTDP-6Qu_-SMcU4u7NPPZ3aZiOBnFzFRyer1Y5FGIKIi-GtMG6ZqYDPDi9MpM2s2_fNYLzhtT7pYjUYBvSyZlwaHXIbcI4PJAvBvl9aGTIE6nyoahCcHaZaaGXn9GCWcqmZEubPy3_rPNiTwsT7uoe4QDtCOr9mTB74w1AIPwKFP4w0DFuNtPL0Ek5cu1uK8QD8KPKtKIq2wh8o2IGa9gyKPvPYwiVKHwtpNGBojwaT8Xlkzj-4fgC-nsv6l0oSHFNzXlfl1Il6Q
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/chao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 32ms
31ms Ping
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=2443&cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&dr=&dt=%E8%B6%85%E9%AB%98%E5%AF%86%E5%BA%A6%E4%B8%89%E7%B6%AD%E5%8B%95%E6%85%8B%E5%85%A8%E6%81%AF%E6%8A%95%E5%BD%B1%E5%AF%A6%E7%8F%BE%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&__nfv=1&__nss=1&__dbg=1&en=performance_timing&sid=1684257384&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&epn.page_load_time=4842&epn.domain_lookup_time=9&epn.tcp_connect_time=754&epn.redirect_time=0&epn.server_response_time=839&epn.page_download_time=1&epn.content_download_time=1632&epn.dom_interactive_time=1632
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
118 B 22ms
21ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E8%B6%85%E9%AB%98%E5%AF%86%E5%BA%A6%E4%B8%89%E7%B6%AD%E5%8B%95%E6%85%8B%E5%85%A8%E6%81%AF%E6%8A%95%E5%BD%B1%E5%AF%A6%E7%8F%BE%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-BfF9Pm8iSWRVJ_VqmEv5vw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=4842&dns=9&tcp=754&rrt=0&srt=839&pdt=1&clt=1632&dit=1632&a=2443&z=0.41251292787624605&gtm=45De000&t=timing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 16:15:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3684
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 77EC 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsta6YVpBh_NNRUuWHLSiwjy86WxWvPd6ErSIqf4Wsf-P9n6pMQ7EhMwH53N7pJvzie2zE148VZgiaZD_kRLOybH_TqG&sig=Cg0ArKJSzNEUE-N14nFIEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=758607166&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684257385878&rpt=236&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F5A8 42 B
64 B 62ms
61ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubW19gL4jaEGe-P3q-bsGhQW5_SDh7xnQLoE1PAAZ1NdTlvtR1zfP4_x8nQXDcvfd2y6uM2_d-VzTulQ-1muEBF4Yx&sig=Cg0ArKJSzH_GBASDH3NJEAE&id=lidar2&mcvt=1272&p=0,0,280,336&mtos=0,1272,1272,1272,1272&tos=0,1272,0,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=20&adk=758607166&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684257385272&rpt=1146&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900015.redintelligence.net/ Frame 0A75 0
150 B 87ms
29ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/viewability?s=71853600129290700951407012326015&a=5e73d82d&vb=v
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=71853600129290700951407012326015&a=25ca20a0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/request_content.php?s=71853600129290700951407012326015&a=25ca20a0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 17:16:27 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame F5A8 16 B
232 B 99ms
97ms Fetch
application/json 18.132.61.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.132.61.227 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-132-61-227.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 May 2023 17:16:28 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 158ms
45ms Preflight 18.132.61.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.61.227 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-61-227.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 16 May 2023 17:16:27 GMT
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
863 B 67ms
67ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1684257387811&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1518&pt=1350206257&tz=0&viewable=true&ddast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!rv0lcr_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 24b55d11a42f8fab5864de242df0d9ee4f8da9c4df9ffeb71670a578a3135251

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Tue, 16 May 2023 17:16:27 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1453
x-cache: MISS
x-served-by: cache-fra-eddf8230047-FRA
pragma: no-cache
server: nginx
x-timer: S1684257388.824248,VS0,VE44
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame D6D5 16 B
232 B 93ms
91ms Fetch
application/json 18.132.61.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.132.61.227 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-132-61-227.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 May 2023 17:16:28 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 137ms
46ms Preflight 18.132.61.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.61.227 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-61-227.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 16 May 2023 17:16:27 GMT
server: nginx

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 30ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je35a0&_p=2443&cid=2094769593.1684257386&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1684257385&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-gao-mi-du-san-wei-dong-tai-quan-xi-tou-ying-shi-xian.html&dt=%E8%B6%85%E9%AB%98%E5%AF%86%E5%BA%A6%E4%B8%89%E7%B6%AD%E5%8B%95%E6%85%8B%E5%85%A8%E6%81%AF%E6%8A%95%E5%BD%B1%E5%AF%A6%E7%8F%BE%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 17:16:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST VideoBidRequestHandlerServlet
am-wf.taboola.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/932e2b2b85afd1369ae0bc74f925acf0.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/b54c983599afbf7a6e653cbce32242aa.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202305/f244792c170815bb9f3b69f4d536c54c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/4f9ec8b4a7f9eda692b58f07bfe7d962.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/4ddd9c04605f26e5f524d543c0991953.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/7301ad13c8af184fac1dd10d67f568fd.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202209/7bb0c75f31c3060fb2a6683528bf2f99.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202112/51049fef11c918dffb4ad07ff332f89d.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202109/650a32997bdc271974559123dd17626c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/768dedbbcaf1287515b441c23ab486cb.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/09fe6f7ba69f09ab62dcbc31c9e5b5e1.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/74e8e40586ddfe846b8691cf0c1165fa.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/abc4cf13a1d11c77e165626dbd3c57a3.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/7a343194ccaa526e5fe05cec5d36e8fd.jpg?w=150&h=100&q=100

Domain: am-wf.taboola.com
URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1684257390805&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1518&pt=1350206257&tz=0&viewable=true&ddast=V8OA0CLAZUIhri6zLNPBOoRDTE12WaeS4AAABgYID-AAnZDIuZYTRbi1Yew1q0mw3XytXI5FYOh6uJcbDZTTYTIyAhm2ExM4xma9HKY1iLdrPhWrkamdzK4XA1MQ42u8lmYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZTaDodPte9Xvf73SU-z1zj9yv8GqPD79Y5_G610y1yvTUPu1v3crpFfrvPLXo43YrXw-4WPt2iv-utfNp9bs3R6RY-HXa70PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwOwvI3e152fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSAoNU8sDlhE_kYLYIowAAAAAZMtpZxyZpBNULKr8___3WwG4AgAQgFgCaYKYRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80Qk164WmCHq4V1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekJp5HAvPyjdxLSe-icOwWnhmFovJ4Zk5TDbjYOI9qN6kBn9BGWx9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZnIBabAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkGE1sxsFkLTGONm7RymJaK5wb01q325hcK9tos5iY1qLXx3RxjTwzl2-LBAOy9iJ5WqQTwWQ3GVl2s5nLNHPYZjbDZjaYzXabhXPmWTmMM4tYojlZpBPZZd-aeRwLz8o3cS0nvonDsFp4ZhaLyeGZOUw242DiLzlGE5txMFlLjKONW7SymNYK58a01u02JtfKNtosJqa16PUxXVwjz8zl2zdmw9FktdsMN_vGbDiarHab4WbfoTN8V5-zUVlWST4moc37Mj9sToPCZbB4fxLTYtqdHUQn39Gp0p6URZ3R7_f7_X6_3-_3-w1az8FsUPj-1uru-ZvZsn2X7CA2GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-DVGh9-tc_jdaqdb5HprHna37uV0i_x2n1v0cLoVr4fdLXy6RX_XW_m0-9yao9MtfDrsdqHpbbaIJYLTRToRvYyni_qPHGSxmysWo7lkMZxLVqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAAOwaI2iLgw1WNCrW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmgCyK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwKYrAaTvYPQIVYq9XqdmOtVgs!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!rv0lcr_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bg3.co/	1970-01-20 20:36:33	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Dd14bf802-b84c-4eb4-a9c4-77cd5e6431b4-tuctb5d3fe7
.aralego.com/	1970-01-20 20:36:33	Name: sspid Value: 84fc8dd6-0f3c-3e13-9811-b000140e1bf1
.quantserve.com/	1970-01-20 21:21:11	Name: mc Value: 6463ba68-caa35-0e773-499cf
.bg3.co/	1970-01-20 21:15:26	Name: __qca Value: P0-1558323708-1684257384537
.aralego.com/	1970-01-20 20:36:33	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 20:36:33	Name: gdpr Value: 1
.doubleclick.net/	1970-01-20 21:12:33	Name: IDE Value: AHWqTUnWiZ-RIBzzzLLgvRM6Xf94f_cr1QHcV8UFiwgY4hDMOwgJrtKv3b_yZOUXo7A
.bg3.co/	1970-01-20 21:12:33	Name: __gads Value: ID=2a623add21236f49-2231bb78d6dd0046:T=1684257385:RT=1684257385:S=ALNI_Maz3GKjybeybJom2l19HTMcUBzF6w
.bg3.co/	1970-01-20 21:12:33	Name: __gpi Value: UID=00000c16f126b9de:T=1684257385:RT=1684257385:S=ALNI_MZD1ZVffjJ7l3DmPaTCbuqFk3GwTQ
.www.bg3.co/	1970-01-20 12:34:09	Name: _im_vid Value: 01H0JS0B3Z5PWP0T2WMBERAT2W
.bg3.co/	1970-01-20 21:26:57	Name: _ga Value: GA1.1.2094769593.1684257386
.bg3.co/	1970-01-20 21:26:57	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1684257385.1.0.1684257385.0.0.0
.mathtag.com/	1970-01-20 20:36:33	Name: uuid Value: 64076463-ba69-4101-9b2b-2e8be8e02a14
.bidswitch.net/	1970-01-20 20:36:33	Name: tuuid Value: 4e06aa41-109c-4ece-b057-ada93514e051
.bidswitch.net/	1970-01-20 20:36:33	Name: c Value: 1684257386
.bidswitch.net/	1970-01-20 20:36:33	Name: tuuid_lu Value: 1684257386
.quantserve.com/	1970-01-20 14:00:33	Name: d Value: EDEBCQGAKYEA
.bidswitch.net/	1970-01-20 11:50:57	Name: google_push Value: ATf1kGPHy3xIaoOHWqmyGeUHkvh_JW9J-0e4NPbWsWNZWzHlzQDvGo-NibJJn2R1_3Kg5Qn89E3t1lVvGA2sa7_ra7GcQbW2MhIEFnwI-sXHKVnGOP_GJO30eC0P0EJZQJZiWGaRKmorKurqa0fay5Y0-VD6
.w55c.net/	1970-01-20 21:22:38	Name: wfivefivec Value: CgFXsTIm1PYYhI5
.adform.net/	1970-01-20 12:35:35	Name: C Value: 1
.1rx.io/	1970-01-20 20:36:33	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5ed61863-a3c6-42ff-8fc7-ed50eda65dd4-003%22%7D
.w55c.net/	1970-01-20 12:34:09	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 13:17:21	Name: uid Value: 8338648636743184049
.360yield.com/	1970-01-20 14:00:33	Name: tuuid Value: 463b08f6-9055-4eec-9c37-9ff0fff7e7dc
.360yield.com/	1970-01-20 14:00:33	Name: tuuid_lu Value: 1684257386
.redintelligence.net/	1970-01-20 14:00:33	Name: 8lcfmzhxc8d6_uid Value: 65ef41122f1d77df
.targeting.unrulymedia.com/	1970-01-20 20:36:33	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5ed61863-a3c6-42ff-8fc7-ed50eda65dd4-003%22%7D
.yahoo.com/	1970-01-20 20:36:54	Name: A3 Value: d=AQABBGq6Y2QCEIQURLaUaXPLyBQynD-XftoFEgEBAQELZWRtZAAAAAAA_eMAAA&S=AQAAAoJEMoGLJ3mJLX4RdzhTXaM
.office-partner.de/	1970-01-20 21:26:57	Name: source Value: {"webgains_webgains":{"timestamp":1684257386544,"clickCookie":false}}
.mathtag.com/	1970-01-20 12:34:09	Name: mt_mop Value: 4:1684257386
.awin1.com/	1970-01-20 12:01:02	Name: awpv14098 Value: 296283\|1684257386\|63d79b60-f40d-11ed-b339-2265b7c46fb7
.simpli.fi/	1970-01-20 20:37:59	Name: suid Value: 226AB91CBDB04BD3B2B4D09F19F40565
.awin1.com/	1970-01-20 11:53:50	Name: awpv14702 Value: 412871\|1684257386\|63df6390-f40d-11ed-b339-2265b7c46fb7
.awin1.com/	1970-01-20 11:53:50	Name: awpv20044 Value: 412871\|1684257386\|63dbba10-f40d-11ed-9a9c-22335c3bbb34
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202305/f244792c170815bb9f3b69f4d536c54c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/932e2b2b85afd1369ae0bc74f925acf0.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/4f9ec8b4a7f9eda692b58f07bfe7d962.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/4ddd9c04605f26e5f524d543c0991953.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/b54c983599afbf7a6e653cbce32242aa.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/7301ad13c8af184fac1dd10d67f568fd.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202209/7bb0c75f31c3060fb2a6683528bf2f99.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/74e8e40586ddfe846b8691cf0c1165fa.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/7a343194ccaa526e5fe05cec5d36e8fd.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/768dedbbcaf1287515b441c23ab486cb.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/abc4cf13a1d11c77e165626dbd3c57a3.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/09fe6f7ba69f09ab62dcbc31c9e5b5e1.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202112/51049fef11c918dffb4ad07ff332f89d.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202109/650a32997bdc271974559123dd17626c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2EvY2hhby1nYW8tbWktZHUtc2FuLXdlaS1kb25nLXRhaS1xdWFuLXhpLXRvdS15aW5nLXNoaS14aWFuLmh0bWw=.json Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://as.ad4m.at/ad/dr?ed=1g7t60f9z5s4s4zywvt6yvx249c2n536pgrzxdbrmzmc1mjwva1e4sd40n1xxaw4hgs54ztf461xvtrqgjt451apr6faybb7nna8xr2rjsk4k21hpysdbmpchcaqdtg7zxchc75whjatzymjaep2j5zywb6sfrneqj7cdf4adrxhgc7889kg2zkdcnztvepv2t4a48nzw5baebdbjkmm5sqrmx3yhcn4t47kf0g4xvh43enhrxg9y58fa9wvmhk06000tpz6vz70kh8hs9h0cwevk4wbd30r8pmpdb8b6zy9zc5wcnrt48yzx8p1pzrzq6tpry15m1q9beh7z2hnr55c5t080br01xxyadf1g7sxcyheg5asezx341afryrhsccp875vjgqq08bkft86hfmkc9yr59wc6y8229hsf8p3x0hphgaphpy4ebwk8h8abh4m65eg46y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%26client%3Dca-pub-4485239425924787%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=a336912798cc01dda4d59d7d266c4608%2F17945804830575939436&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684257386298&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1htrbccs2vkzkv1gp20ds44a1kke3qvch84z0zmg6sq50823r2bws8jydb702shj7fkxb09zctepw2kfyd7k0aba3rdy378ywh78memaxn2z04ng8p89ntbth8j1snkt6rk4wwmdzvqg7p1167bcmxq27rwjm84xnzdtgd7han9yywhejkqz7xs7z6fgq8q6dwych5jggqhdtdj6djbqjsv37wrmj3f5bzn3nwtk6zw6rtxfkhkewmqkbmz64mz18vqc6vaw5mhb5bw0nh1hq03jq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdGAcabpjZK2qGraO2OMPyYqEmA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQK4Sb-1M2eyPqgDAaoEnwJP0BswNKoG3-HmJTwpg4cEw_hb3RcF5zR_36onJ1fGFnudYyAlXgKNeE85LF2uf8CXDs5O6uxwyMyz3xZmP2G0OYzowmzdA6ki08Hi7AIOM0yJ3VA-sNZWIhNvXslpB8M7LVnZhlhLpIcDCNY3-k7o-ZVQOEHMvqmqk-Y-wbp7l85KqCuL51JDm2y6auX5L3ryOvUc-lY7vt76_W4Wu1pAJN4RJf5Apwq1Ny4naJM0IwNEwEoaKMjhZd0m-g4CkonS_VK9sOaLUDhN3OR65eay5tnIAzmmkz3xuLgNnUtTKian2KcYmR4eql98TIFVK7L3h_86BA5dy_7H3qSqmztgH4SrCUJI-l1USSBP7qS1dGLOXE8HVxKa1k10Vx6HP4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Ou55DqmDJavxP85_I4iwsPEoUng%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4334f59a068941c2f77119db5b7ccaa0.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
a50a90721f36d032dd27e734b0933e86.safeframe.googlesyndication.com
ad4m.at
ads.aralego.com
adservice.google.com
adservice.google.de
adv.office-partner.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
audiencedata.im-apps.net
c1.adform.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cdn.track.production.webgains.team
cds.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
d-9171021731224332733.ampproject.net
dclk-match.dotomi.com
delivery.adrecover.com
dmp.im-apps.net
e3.adpushup.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900015.redintelligence.net
http-intake.logs.datadoghq.com
images.taboola.com
imprammp.taboola.com
l.logly.co.jp
match.360yield.com
match.adsrvr.org
medialead.de
nt.compass-fit.jp
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
region1.google-analytics.com
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.bg3.co
stats.g.doubleclick.net
sync.1rx.io
sync.aralego.com
sync.logly.co.jp
sync.mathtag.com
sync.targeting.unrulymedia.com
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
trc-events.taboola.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.awin1.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
am-wf.taboola.com
static.bg3.co
104.96.147.178
108.138.7.64
13.32.121.37
138.201.135.164
141.226.224.32
141.226.228.48
142.250.186.130
144.76.91.199
145.239.193.130
151.101.129.44
151.101.65.44
162.210.196.208
172.217.16.198
18.132.61.227
18.132.62.161
18.185.190.24
18.66.147.98
185.29.134.244
185.29.134.249
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3b
213.19.147.44
23.97.225.52
2600:1901:0:76b9::
2600:1901:0:e207::
2600:1f18:24e6:b902:a2e8:aff4:6806:b125
2600:9000:21ca:3400:6:44e3:f8c0:93a1
2606:4700:20::681a:467
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:e4::ac40:a01f
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2008
2a00:1450:400c:c07::9a
2a02:2638:3::c
2a02:26f0:480:f::213:7ece
2a02:26f0:480:f::213:7ede
2a02:26f0:6c00::210:bb90
2a02:fa8:8806:16::1400
2a05:d018:d29:3605:a767:7d1a:aeec:38d9
2a0b:4d07:101::1
3.114.156.25
3.68.255.194
3.75.62.37
35.204.158.49
35.71.131.137
37.157.6.237
51.89.9.253
52.50.37.233
54.65.183.34
69.173.144.138
84.17.37.44
94.23.99.218
95.101.148.198
99.86.4.36
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
014281c43f118e8521197dc8d491524dbbf88f13767417deac744fe7cba6fbb1
03d3a294c50a1f2fdf7ed0612bca409ac3b2dad39b00a3031e7df44208f404e7
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
05258c39978dd8586d0042f4554249d8e09ad5471f208bfea30d9576e5c9d4dd
06182a6d98bd52d3b3c1f5f7ebaebe7fa08cbc8f9011ccc8a5570a1371a0f8d5
06e7b92d925ff43065e6cffde5cafff52a52d8c6d68b0e726c20c40e41931489
09a68992ad29d201e9df1c7257e25528219c03bc00a5dde8a5b3cb05a022dfd4
0ade195282356d0dc75a7bd84c5739eaa3ef60e8024cc3f99d8daa0ab871a818
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
14fda435949e45f4ed095c05c3282246646da906adcf1e19f576961add688e34
17db98a74b702f6434a67bd6d0942126bab80bf188c1b19cf6201488272bf201
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d3468ff931e1dd7058b27751a2a4259e682bb47c286dd8bc2a50b0b1c5610d7
1dbea8d7c15e0f055e0db468c53da8ef1094b42d92a245d5a13fe7036130b972
1f3cf483fc07869c41688150ee74b16e63de80fc0729e814a4eb3d2b72564999
200d33d2598533273ad38df926d391a2833d7549e56be88ee6d0d33645d49d2b
21d9104d9dd9854f2ad9fc33688bd85aeb5d1a920bdb55b370ec2884b11a4bfd
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
23610ad540989f99bfbcc4f84e1fa509ccefc8de5fcc6c13f8ba1430968015ea
23659cb829956f8f0ef79dbb2489c6799420af205d6d9a19d22d31a394165b59
241c9596cfc0849237f9e45d2d92ae3488ec2a0783a12a698285815a250b4d90
243b5023074477a6410ea68994d4c5c4090300de8967dee3b15a0c0482962899
24b55d11a42f8fab5864de242df0d9ee4f8da9c4df9ffeb71670a578a3135251
25e6714659af0c54d76700b623a6931eed20bea903b8875d935e9e2a83c4e68a
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
28d37801802871b7c6943726da07f06110bc3b1400e050b8b86c82deefc635a3
29cc5de7fd369d7e63e38cae1c883c52af46b8e6fb1b886d9bd861e5561f2533
2b7f11f6fe02925277f4a8140b880da74d24172ff6f1336c94f0701936eaa5a0
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dc541f8bbcb6b17aac7e505f71e865c061ca911deb6f33084dde3f5b6e20629
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30d2525975c37b385fafe479cf683525e3e621b27f8eadd669383bf455d963d6
30ece5ac4e330eb0d7d2f0ff3096f914def5a156abfd9f6f0352d03bcf40311b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
338c8e2cdd2856d2d58756a176af8d0adbf640ba74be1e92d041aa678d776365
348282529428066e4b83b9a3adcd8d1a17d51f0b7e60073f7d71bd66ff9c85fb
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
372a7e5a494bdf56176588ae85cd16f38bfef7e160ff10758b7ef1c3e5ac1768
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
397ec9dde5b801f07882d68e93df1166f4bf17daf3a05515b3ac6aa59c67dc81
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39c2f3729fb311603225cc131f877d94bb9cb41cd20c6eced49dfa302fa276f8
3b1628364ad1116ce8d30123ad0a4e4cecdf10d6161f8c44ee8bf21cfbb335b5
3b52329bb07a8df5a3a6f0f51a6530ecd2161169ccdf55ee3246a8ada3fe7cf5
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fbe81bffbb5621aa6bc2b97f3351f5f6f842ca1f0aadbfc22947a317ed8be69
4189eed67d24cf577ee7521b01980c1c76874f2ca7830c761b383215656230b3
424717e5c41c3a66ecd5f448167cf7398b26f4e933673f5aa769ef36a071d332
42926767780af92f987a5dede53281f3580d54a4d9812665464077da5cae9e98
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4449730fd2b313759f72b2392ecf31ff04c2139e4f19331596a7b988bbf1babb
4475d7a13448e963dc689e623cfd2b77073b204540d8e526fdfaa850d3eca546
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4837d4255ffecab4ffacb6ef63d7199b0681e393e50a21c980c9d3b85b63f0c0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
494747d7ec60d95b26eca76338de89444b60dbe33e2aa3ee7a8ed53dd36022ca
49741afaf16d7f6e6544e4761fe70e3f05e71ab901270f80beab9ed0755e9ec6
4da2872473cf32bbc42de664d1b0aece2263bff56a204f67dcfc9333518a7db8
4dfdaa977e7266306535c377a98cb161bce0a4fc9ba2dcf655d7464540865dab
5054c46e789a1550ee50977f343b757b1fd419dc2a648771ea7f4464664fdd47
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582c7d0717b16e7a0669db150d00d6ab070be4d55cfbb481cc208534f1952408
58e921ecca2bdb00f0ff63d3a3a0caf66ac3c9231bb6cf2df610cc3b90ea7968
5a99fe4385a78555b94825a844e5f0baa23b8866b8f23748d083458af170a4d6
5b75cab6aecc9ff9cd6e5855b00a6638cdf9e0268b5f6fb26d1052b5295ee6c4
5bc07768431d2ec9c8b0b65600665b425cc63c3d647f8d244e6c05368171a280
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f41269640af5d6fbb9bf9f85552769b6debfe339e57fd36548dc0fe1a6fefec
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6b74f251529a8bfc864e9780cc40e410fcb9ddece366d69f8d5dfb21ed0edec1
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
72de2eeb623f0df00070693f7886c436a48a811cc7d734794d9355c14ab30b6e
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e
78a460a3376735d8cbe263cc6509a40c72248005e9df53c8ce85fb4f56262151
7924937b6bace3bbe8cc3f86a8c2eead5d099e7daf1217f6a55d94aa938e09f8
7f37c4164205282d110432267fba293eeb3eafb71f66966d698c0c4b50875fae
7ffac7b0592929e10a8c3aeb6505c5eb76c8af4208c633d8caf5d67fd91c6791
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
830749d45a9f069bc015740000ff0fc46664b1833fcca8ef76bbea379fd2abd8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840d0e3f52757382e023f000da91b421b579b112605773271b146a389f9e80fb
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8af1695b15b1e8ea576187f0d6f6aa25f14d09aab0e5fed3411c79d9fc11f1cf
8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9161fc62c323acfec7166b5ca070e05d606d47fd56388fcd44f6e7d1dc6539f1
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
96c8f16ae01405cf99f011d8b5722bef4278e7dc5ce42a4c52b3365b0034b8bf
97c8109515389da9a88d7e2fa2fc9471dd7e18352174bfeb88bf5135ca9b1ddc
98a3ab26574717a95d200c12658c4dbbb28109a057cc52f8a100e6da2b645963
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4ddda16364d41b44d0e83b2b9f60d1e810d96f9e9078c1a5fae8e16e497b88
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8
9de814503035b3381542de909a698f962813dfbf86e22ae580d70e744886199b
9ea369b57f0c666e908689cd3d672a6636958094d2d1bf6620cb2de468ffdcd2
a05b4715b24ccaa8ce73e4e65b7294852eb28ce89f148341edf670882f52c20f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1028ca52dc5aac3fe3a4f15aa403998ac3a8f23769fbce764de7cdcd7104374
a1cc5a2318480c808131b34a6ad3a3e59fa310d566e6ebcbff9caae3d74c76c6
a214d4a7be78317b05f185acf4e5e792735b2134ca0dd3f0cd32294f411360ef
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a2c9ba950f3184435be714dea929bb7542d1858e7028ab6c7a7612868cdcbdb7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5fcc2293e181cc141d168492323fb688d8ab66244ce84cb58d68e7f93909f62
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a8ae6eff24f4f911444b398168295813fffc10fe5090b3e9063d7e0cc3657abe
a8bb95ed112bd76a68ccc68b28c086e336abef975ba54edc387fe6342932a4eb
a93f8d2cef31cb1ab04b2c44fb26024a5086df302e8bf759fa78364243610db1
ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885
ae0e68fbddf7ead208c533b8e9f5a9c8a17c598a28f822f49621bb3d794f53b8
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
af7ccc2cd0931ff87d0881066a14a8750790e243cc03050221a221da604b7afd
afa978bd18dd51eb7e1260a0f84c62e90b8514b862849b43684ded51f685722a
affc8cc6d8afbb82678c524ba1f436623449af90156b7d841358ac45237f07d3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b33b08a2efb33dad20161113885b6aa3c8af5f0b53cacbedce943d1bab917493
b3ffa0e09037b86407301e253869c5bb5c5b219b9d1817dbba6277c6d6c35a67
b7f67bc2a8e2af64616fd642f35c30d0ada7be38a12eb127d6b04b05f1c488d9
b883d528b46381bbd6c86551cdafd8a1bcdf5d90d237780e81675779e58dd908
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc5d5c8cc50cf0377951ada6a7602f54ea87fc0014898d6f80d1be2b7273ef2b
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c2545f535e503a9a86bf4179158dcaafdf9a113cd0be96e31b00cf6c103063c6
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc196a648a7bbe641da14c89b52ad8f4505760a33038c46f3b560abaa9e39c83
d126806fb8446a0c0a359295c6706b4e82c2de595c5dab9505b82b2e76f2e33e
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
d7e79e05f378e7ee1eaf703981ac7f5ac32c4c410b2084c2e270a26d88b52ff1
daca7696ea6cc5e556e1c47bd620c34e6221f2c398590dc7e68f150ac8a5a721
ddb209c3edc4250d9eafb81298cb15973d5cad02a1813d1d2d1d0231d3f7a911
de78a4298cb3113ec91c5b2c7033fc5835aead27c4d45ac2c9229e7f752cec78
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2ea3c887c50e622ba0352874317044fdf4c0d6e0b4a2e02d9df0ee3bd31634e
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e803f6424f465e820213565c9d77d60a6def5a25fbf53bdd208b36deb29a5208
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
edcfddd81e044f1f01beb69b5224a8a3f9913a456a06c4025b97458c40c3b677
ee5123250d87ce8da615daeab97babb379eca71f75db52d416bbecc9da184154
eefb7af22940a6215c12ef68187194d8d1c3b83d8e4390ebe751a7e903d105c9
ef16f1586965fa2149e5dfc64cf91e9dfbab2c3b3229748f6aa631fa14bd374a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efccc3fb4e48450e0f6237b8a476ab09a186c6323767d1c050078f3fd51d92e9
f2a1a7c932feaa7ca699c5f9cf6a9fad8d1bd6762fa9e72326d7ef5492d6026d
f359e1533a27f96fd3e27ff156192b47cc5e25015a73374afad352e2b92b360d
f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef
f45619358bd0a3adcc3194ccbdd56ed12ac78950c862d6840d21b43a231f89e7
f61d4dc8cf6647192f67443f205fd9796ee118f64fa96a0af8db97710173f5b8
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f686df786dc730b606bf95a5706d2fef1229a8a004d421c827c21e00b22df876
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc0ac3b0bd466f61b04070831ea0a00921dbb2a87c94d96219a51843a57f5b00
fd1e988c31d1963cd1d2813571485232a6687e960466a86ca4cd3d8eef72ab8f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.bg3.co Open in urlscan Pro 84.17.37.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

303 Requests

90 %HTTPS

50 %IPv6

50 Domains

89 Subdomains

62 IPs

13 Countries

3794 kBTransfer

10243 kBSize

35 Cookies

29 Outgoing links

Redirected requests

303 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
84.17.37.44 Public Scan

Screenshot
Live screenshot

Full Image

303
Requests

90 %
HTTPS

50 %
IPv6

50
Domains

89
Subdomains

62
IPs

13
Countries

3794 kB
Transfer

10243 kB
Size

35
Cookies

303 HTTP transactions
3 data transactions